Re: Bind listener to an IPv6 from AnyIP subnet

Hi, > On 13. 3. 2023, at 10:37, Michael Richardson wrote: > > Signed PGP part > > m...@at.encryp.ch wrote: >> Regarding the usage of [::] - due to usage of firewall I am able to >> block connections to the 53/udp and 53/tcp which are not coming to >> specific IP addresses or ranges, I do not ne

Re: Bind listener to an IPv6 from AnyIP subnet

Hi Serg. Can you post the output of "named -V" please? You're looking for "--disable-linux-caps", which you don't want. I'm not sure how (if) BIND interacts with AnyIP, but it should pick up new interfaces as they are added, *if* it is built with the necessary capabilities enabled. 'named' starts

Re: Bind listener to an IPv6 from AnyIP subnet

m...@at.encryp.ch wrote: > Regarding the usage of [::] - due to usage of firewall I am able to > block connections to the 53/udp and 53/tcp which are not coming to > specific IP addresses or ranges, I do not need such filtering > functionality within bind itself. Bind doesn't list

Re: Bind listener to an IPv6 from AnyIP subnet

The problem is I have lots of IPv6 addresses where I need to listen DNS requests (IPv6 prefix of /64) and I could not just explicitly add each to the interface, thus I use AnyIP feature to be able to use entire prefix by locally by such software like nginx, curl, etc. Regarding the usage of [::

Re: Bind listener to an IPv6 from AnyIP subnet

Serg via bind-users wrote: > As an alternative approach I have tried to run with a configuration > "listen-on-v6 { any; }", but it does behave in a way I need - it binds > separate socket for each discovered IP address rather wildcard address > of [::]. Bind needs to bind a new s

RE: Bind listener to an IPv6 from AnyIP subnet

This doesn't appear to be an IPv6-specific issue. In principle named should also be capable of listening on all of 127/8, but I can't find any configuration syntax that will do more than listen on 127.0.0.1. I can ping 127.0.0.2 (and so on) but even explicitly adding listen-on 127.0.0.2 won't c

Re: Bind listener to an IPv6 from AnyIP subnet

I have reloaded the configuration as well as restarted the bind9. The simpliest workaround I see - bind IPv6 explicitly to the interface using command "ip address add 2001:db8::1 dev eth0" and then I am able to use 2001:db8::1 for the named. But I would like to take advantage of using AnyIP.

Re: Bind listener to an IPv6 from AnyIP subnet

Just a quick question because I ran into this problem before... is it possible that named was started before the ip was added? On Sun, Mar 12, 2023 at 12:55 PM Serg via bind-users wrote: > > Hello, I am trying to bind named listener to an IPv6 from prefix which > is assigned to a system via AnyIP