On 26.05.20 11:38, Ingeborg Hellemo wrote:
If I do a full 'rndc reload' I finally get an error:May 26 11:08:14 ludvigsen named[25953]: unable to create dispatch for reserved port 129.242.5.254#53: permission denied Since this is a host with serveral virtual interfaces this address/port is set in named.conf: transfer-source 129.242.5.254 port 53; The solution was to remove the 'port 53' part of the config,
FYI, using static source port is discouraged for about 12 years, since it maked DNS servers prone to DNS cache poisoning: https://tools.ietf.org/html/draft-ietf-dnsext-forgery-resilience-05 I guess source port 53 was meant long ago to avoid DNS from being firewalled. However nowadays it's long time obsolete and unsecure. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. "They say when you play that M$ CD backward you can hear satanic messages." "That's nothing. If you play it forward it will install Windows." _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
