It appears that named is trying to use ports I've mentioned in
avoid-v4-udp-ports.
Platform: BIND 9.8.1-P1 on Solaris 10 / SPARC
On some of the ports which BIND might otherwise choose to use,
I have other daemons running and/or the OS treats the ports
as privileged. To keep named from trying to use those ports, I have
in named.conf:
options {
...
# there is no use-v4-udp-ports statement.
avoid-v4-udp-ports { 1812; 1813; 2049; 4045; };
# I don't speak v6.
};
When I upgraded from BIND 9.7.3-P3 to 9.8.1-P1, I began seeing in the log:
named[9185]: dispatch: warning: dispatch 42d950: open_socket(::#2049) ->
permission denied: continuing
named[9185]: dispatch: warning: dispatch 42d950: open_socket(::#4045) ->
permission denied: continuing
...which suggests to me that BIND is trying to use ports I specified in
avoid-v4-udp-ports.
Checking get_dispsocket() in ./lib/dns/dispatch.c, I see that a difference
between 9.7.3-P3 and 9.8.1-P1 is that 9.8.1-P1 logs a warning when an attempt
to open the socket returns ISC_R_NOPERM (perhaps the result of bind() returning
EACCESS ?),
while 9.7.3-P3 didn't log the warning. The warning is new.
When confronted with the error, both versions proceed to pick another port to
try again.
So I don't know if the older version was also trying to use these ports and
encountering
the same error.
I imagine Solaris might return EACCESS because:
% ndd /dev/udp udp_extra_priv_ports
2049
4045
I don't understand why named would try to use these ports in the first
place as they appear in avoid-v4-udp-ports.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
