On 7/1/24 10:17, Bakul Shah wrote:
On Jul 1, 2024, at 9:18 AM, Craig Leres <le...@freebsd.org> wrote:
On 6/30/24 04:46, sth...@nethelp.no wrote:
Short description: Fresh install of bind9-devel-9.19.24_1 doesn't
listen to localhost port 953, with the result that rndc doesn't work.
Problem is 100% reproducible.
bind-tools-9.18.27_1 with 14.1-RELEASE-p1 suffers from this as well.
I was ignoring this until now but finally chased it down! I had to add
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
to "controls { ... }" in /etc/named.conf
Ah... I already had that but I see now that the problem is due to the
14.1 issue I reported (see "FreeBSD 14.x localhost source address" on
the freebsd-stable list).
> For 14.1 at least, this has the side effect that the source address
> for anything in the 127.0.0.0/8 domain becomes 127.0.0.2 instead
> of 127.0.0.1.
So I changed named.conf and now it works!
--- named.conf (revision 72)
+++ named.conf (working copy)
@@ -141,7 +141,7 @@
controls {
inet 127.0.0.1 port 953
- allow { 127.0.0.1; } keys { "rndc-key"; };
+ allow { 127.0.0.0/8; } keys { "rndc-key"; };
};
Looks like I need to create a PR for this issue.
Craig
