0

This is on a Debian 12.10 lxc machine. I'm trying to get bind9/named to listen on a second localhost IP:

/etc/bind/named.conf.options: options { listen-on port 53 { 127.0.0.1; 192.168.18.2; }; listen-on port 5353 { 127.0.0.2; }; [...] }

I've also tried

 listen-on port 53 { 127.0.0.1; 127.0.0.2; 192.168.18.2; };

but it's not working (yes, I restarted named after making this configuration change):

$ sudo netstat -tunapl4 Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2126/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2126/named tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 339/master tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 2126/named tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 2126/named tcp 0 0 192.168.18.2:53 0.0.0.0:* LISTEN 2126/named tcp 0 0 192.168.18.2:53 0.0.0.0:* LISTEN 2126/named udp 0 0 192.168.18.2:53 0.0.0.0:* 2126/named udp 0 0 192.168.18.2:53 0.0.0.0:* 2126/named udp 0 0 127.0.0.1:53 0.0.0.0:* 2126/named udp 0 0 127.0.0.1:53 0.0.0.0:* 2126/named

What am I missing, and why are most of my sockets showing up twice?

Edit: I forgot to mention - there's nothing in my logs about this.

Improve this question
5
  • Port number 5353 is reserved for mDNS. If you are running a container, and the actual host system has avahi-daemon or a mDNS-enabled systemd-resolved running, either of those might block you from using the port 5353 unless specifically configured to not bind to IPs that will be assigned to containers. If you have a full virtual machine for yourself, then this should not apply. I would recommend using some other port number instead of 5353, to minimize the risk of conflicts with mDNS. Commented Apr 29 at 4:16
  • What error message(s) do you get in the log file when you try to run this? Commented Apr 29 at 6:13
  • @telcoM I tried 53 as well as 54 - no change. This is a Proxmox container and avahi is not running on the host. I also don't see resolved running. I might try spinning up a VM tomorrow and installing bind to see if I can get different results. Commented Apr 29 at 7:08
  • @telcoM ah okay, that's probably my issue then. I assumed since I was getting ping responses on 127.0.0.2 that was unnecessary. Commented Apr 29 at 7:43
  • @telcoM resolved, thank you. If you submit that as an answer I'll select it. Commented Apr 29 at 8:27

1 Answer 1

Reset to default
1

Do you have configured an additional IP address for the lo network interface? (e.g. ip address add 127.0.0.2/8 dev lo)

If you haven't done that, the address will not be available for programs to listen on.

Also note that the configuration changes done with the ip command will not be persistent: if you want the setting to survive a reboot, you'll need to add it to some suitable startup script or service file so that it will get redone each time the system starts up.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.