Discussion:
How to avoid to listen on specific interfaces
He Zhe
2018-09-06 10:36:32 UTC
Permalink
Hi,

How can I config to let named NOT listen on specific interfaces? Any negation config in options like below? Currently it listens on all interfaces and compete with other DNS daemons in the same system.

options {
listen-on { ! 10.0.1.1; };
};

Thanks,
Zhe
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-***@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Sten Carlsen
2018-09-06 12:26:41 UTC
Permalink
Post by He Zhe
Hi,
How can I config to let named NOT listen on specific interfaces? Any negation config in options like below? Currently it listens on all interfaces and compete with other DNS daemons in the same system.
options {
listen-on { ! 10.0.1.1; };
};
You may try to let it specifically listen to all interfaces except the
one you want excluded.
Post by He Zhe
Thanks,
Zhe
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
https://lists.isc.org/mailman/listinfo/bind-users
He Zhe
2018-09-06 12:33:22 UTC
Permalink
Post by He Zhe
Hi,
How can I config to let named NOT listen on specific interfaces? Any negation config in options like below? Currently it listens on all interfaces and compete with other DNS daemons in the same system.
options {
listen-on { ! 10.0.1.1; };
};
You may try to let it specifically listen to all interfaces except the one you want excluded.
Thanks for your hint.

But the "all" here is hard for me to determine beforehand. Many potential different things would use named but some specific one just want to use their own DNS services. So I'm looking for the NOT operation.

Zhe
Post by He Zhe
Thanks,
Zhe
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-***@lists.isc.org
https:/
Sten Carlsen
2018-09-06 13:06:47 UTC
Permalink
Post by He Zhe
Post by He Zhe
Hi,
How can I config to let named NOT listen on specific interfaces? Any negation config in options like below? Currently it listens on all interfaces and compete with other DNS daemons in the same system.
options {
listen-on { ! 10.0.1.1; };
};
You may try to let it specifically listen to all interfaces except the one you want excluded.
Thanks for your hint.
But the "all" here is hard for me to determine beforehand. Many potential different things would use named but some specific one just want to use their own DNS services. So I'm looking for the NOT operation.
I would assume that there is a limited and fairly fixed number of actual
NICs in the host.

example:
eth0 -> internal network 192.168.43.17
eth1 -> external network 123.45.6.7
eth0:7 -> VLAN for location 1  192.168.23.45

Listen_on { 192.168.43.17; 192.168.23.45; }  eth1 is missing and should
not be listened to.
Post by He Zhe
Zhe
Post by He Zhe
Thanks,
Zhe
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
https://lists.isc.org/mailman/listinfo/bind-users
He Zhe
2018-09-06 13:24:40 UTC
Permalink
Post by He Zhe
Post by He Zhe
Hi,
How can I config to let named NOT listen on specific interfaces? Any negation config in options like below? Currently it listens on all interfaces and compete with other DNS daemons in the same system.
options {
listen-on { ! 10.0.1.1; };
};
You may try to let it specifically listen to all interfaces except the one you want excluded.
Thanks for your hint.
But the "all" here is hard for me to determine beforehand. Many potential different things would use named but some specific one just want to use their own DNS services. So I'm looking for the NOT operation.
I would assume that there is a limited and fairly fixed number of actual NICs in the host.
eth0 -> internal network 192.168.43.17
eth1 -> external network 123.45.6.7
eth0:7 -> VLAN for location 1  192.168.23.45
Listen_on { 192.168.43.17; 192.168.23.45; }  eth1 is missing and should not be listened to.
Thanks for the example.

The IPs in my case cannot be determined in advance. They might be configured and then changed to any values. I could fall back to create a script to detect the changes and modify named's config and restart the named service. But that sounds not so good. I hope named can ignore some specific IP and/or interfaces while handles the rest.

Zhe
Post by He Zhe
Zhe
Post by He Zhe
Thanks,
Zhe
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-***@lists.isc.org
https://lists.isc.or
Sten Carlsen
2018-09-06 17:17:48 UTC
Permalink
In the end I had to look in the BIND ARM.

As I read this, the solution should be:

options {
listen-on { ! 10.0.1.1; any;};
};

The first part tells bind to not listen to 10.0.1.1 and the second part
tells bind to listen on any other address.
Having the Listen-on statement removes the default listen for all addresses.
Post by He Zhe
Post by He Zhe
Post by He Zhe
Hi,
How can I config to let named NOT listen on specific interfaces? Any negation config in options like below? Currently it listens on all interfaces and compete with other DNS daemons in the same system.
options {
listen-on { ! 10.0.1.1; };
};
You may try to let it specifically listen to all interfaces except the one you want excluded.
Thanks for your hint.
But the "all" here is hard for me to determine beforehand. Many potential different things would use named but some specific one just want to use their own DNS services. So I'm looking for the NOT operation.
I would assume that there is a limited and fairly fixed number of actual NICs in the host.
eth0 -> internal network 192.168.43.17
eth1 -> external network 123.45.6.7
eth0:7 -> VLAN for location 1  192.168.23.45
Listen_on { 192.168.43.17; 192.168.23.45; }  eth1 is missing and should not be listened to.
Thanks for the example.
The IPs in my case cannot be determined in advance. They might be configured and then changed to any values. I could fall back to create a script to detect the changes and modify named's config and restart the named service. But that sounds not so good. I hope named can ignore some specific IP and/or interfaces while handles the rest.
Zhe
Post by He Zhe
Zhe
Post by He Zhe
Thanks,
Zhe
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
https://lists.isc.org/mailman/listinfo/bind-users
He Zhe
2018-09-07 03:26:18 UTC
Permalink
Appreciate your help. That works.

Zhe
Post by Sten Carlsen
In the end I had to look in the BIND ARM.
options {
listen-on { ! 10.0.1.1; any;};
};
The first part tells bind to not listen to 10.0.1.1 and the second part tells bind to listen on any other address.
Having the Listen-on statement removes the default listen for all addresses.
Post by He Zhe
Post by He Zhe
Post by He Zhe
Hi,
How can I config to let named NOT listen on specific interfaces? Any negation config in options like below? Currently it listens on all interfaces and compete with other DNS daemons in the same system.
options {
listen-on { ! 10.0.1.1; };
};
You may try to let it specifically listen to all interfaces except the one you want excluded.
Thanks for your hint.
But the "all" here is hard for me to determine beforehand. Many potential different things would use named but some specific one just want to use their own DNS services. So I'm looking for the NOT operation.
I would assume that there is a limited and fairly fixed number of actual NICs in the host.
eth0 -> internal network 192.168.43.17
eth1 -> external network 123.45.6.7
eth0:7 -> VLAN for location 1  192.168.23.45
Listen_on { 192.168.43.17; 192.168.23.45; }  eth1 is missing and should not be listened to.
Thanks for the example.
The IPs in my case cannot be determined in advance. They might be configured and then changed to any values. I could fall back to create a script to detect the changes and modify named's config and restart the named service. But that sounds not so good. I hope named can ignore some specific IP and/or interfaces while handles the rest.
Zhe
Post by He Zhe
Zhe
Post by He Zhe
Thanks,
Zhe
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-***@lists.isc.org
https://lists.isc.org/mailman/listinfo/bin

Continue reading on narkive:
Loading...