Re: Convice Bind to listen on IP alias with a range of IPs.
On 4/30/12 10:17 PM, Mark Andrews ma...@isc.org wrote: The fact that you can ping them just means that you have a kernel bug. Yeah, the bug is using Linux. ;-) -- Don't worry about avoiding temptation -- as you grow older, it starts avoiding you. -- The Old Farmer's Almanac ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Convice Bind to listen on IP alias with a range of IPs.
On 05/01/2012 10:00 AM, Phil Mayers wrote: So you might be being a bit too clever, and foxing the named socket code I'm afraid. That should of course be the named socket code is foxing you. Sigh. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Convice Bind to listen on IP alias with a range of IPs.
On Tue, May 1, 2012 at 2:00 AM, Phil Mayers p.may...@imperial.ac.uk wrote: Which operating system are you running? Linux, I'm sorry I did not mention that earlier as it may have saved some confusion. Contrary to what a lot of other people have suggested, it is in fact possible using the socket API to bind() to IPs which aren't explicitly created, due to special handling on the loopback interface. This can certainly be done under Linux, for example., and I have just re-confirmed that to myself. Thank you for confirming for others that this is a real feature. Unfortunately, it seems likely that named is using the normal socket APIs to first enumerate the list of IPs on the box, and then filter those through listen-on statements to get the final list of IPs to pass to a bind() socket call - this would be a sensible way to implement the CIDR listen functionality. If so, then if the IP isn't *explicitly* on an interface, it won't appear in the final output set, regardless of the fact a bind() call will succeed. OK, that makes sense, I have found that the following work-around does work: sudo ifconfig lo:1 10.0.0.1 netmask 255.255.255.224 sudo ifconfig lo:2 10.0.0.2 netmask 255.255.255.255 I get the full usable range on my loop-back interface, and Bind will happily now listen-on the 10.0.0.2 address. -- Augie Schwer - au...@schwer.us - http://schwer.us ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Convice Bind to listen on IP alias with a range of IPs.
On 5/1/12 2:32 PM, Augie Schwer augie.sch...@gmail.com wrote: Contrary to what a lot of other people have suggested, it is in fact possible using the socket API to bind() to IPs which aren't explicitly created, due to special handling on the loopback interface. This can certainly be done under Linux, for example., and I have just re-confirmed that to myself. Thank you for confirming for others that this is a real feature. The feature wasn't argued, I even showed it working with 127/8, but rather what BIND will listen-on... Unfortunately, it seems likely that named is using the normal socket APIs to first enumerate the list of IPs on the box, and then filter those through listen-on statements to get the final list of IPs to pass to a bind() socket call - this would be a sensible way to implement the CIDR listen functionality. If so, then if the IP isn't *explicitly* on an interface, it won't appear in the final output set, regardless of the fact a bind() call will succeed. OK, that makes sense, I have found that the following work-around does work: sudo ifconfig lo:1 10.0.0.1 netmask 255.255.255.224 sudo ifconfig lo:2 10.0.0.2 netmask 255.255.255.255 I get the full usable range on my loop-back interface, and Bind will happily now listen-on the 10.0.0.2 address. Exactly what was answered by multiple people... you need an alias with the IP you want BIND to listen-on! Alas, the English language is such that some times the same thing needs said several different ways to be fully understood. Glad you got it working. -- For men use, if they have an evil turn, to write it in marble: and whoso doth us a good turn we write it in dust. -- Sir Thomas More ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Convice Bind to listen on IP alias with a range of IPs.
I must be doing something wrong, because what I want to do doesn't seem that difficult. I have a range of IPs bound to a local interface: lo:1 Link encap:Local Loopback inet addr:10.0.0.1 Mask:255.255.255.224 And I want to convince Bind to listen on sub-set of the given range ( 10.0.0.2 for example ), yet when I configure that IP: listen-on { 10.0.0.2; }; Bind won't listen on that interface: named[15035]: not listening on any interfaces Bind has no problem listening on 10.0.0.1 however, so there must be some configuration option I am missing. Any help is appreciated. augie@augnix:~$ named -v BIND 9.7.0-P1 -- Augie Schwer - au...@schwer.us - http://schwer.us ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Convice Bind to listen on IP alias with a range of IPs.
On Mon, 30 Apr 2012, Augie Schwer wrote: I must be doing something wrong, because what I want to do doesn't seem that difficult. I have a range of IPs bound to a local interface: lo:1 Link encap:Local Loopback inet addr:10.0.0.1 Mask:255.255.255.224 And I want to convince Bind to listen on sub-set of the given range ( 10.0.0.2 for example ), yet when I configure that IP: listen-on { 10.0.0.2; }; Bind won't listen on that interface: named[15035]: not listening on any interfaces Bind has no problem listening on 10.0.0.1 however, so there must be some configuration option I am missing. Any help is appreciated. augie@augnix:~$ named -v BIND 9.7.0-P1 Your interface output above doesn't show the other IP. Maybe you need to run something like: ifconfig lo:1 10.0.0.2 up ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Convice Bind to listen on IP alias with a range of IPs.
Augie Schwer augie.sch...@gmail.com wrote: I have a range of IPs bound to a local interface: lo:1 Link encap:Local Loopback inet addr:10.0.0.1 Mask:255.255.255.224 And I want to convince Bind to listen on sub-set of the given range ( 10.0.0.2 for example ) You can't do that without hacking the network stack, as far as I know. See for instance this rather old FreeBSD patch. Note that even this doesn't quite do what you want since it doesn't allow you to bind to a subset of a CIDR range configured on an interface. http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/12071 Tony. -- f.anthony.n.finch d...@dotat.at http://dotat.at/ Fisher, German Bight: North or northeast 3 or 4, occasionally 5. Slight or moderate. Fair. Moderate or good. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Convice Bind to listen on IP alias with a range of IPs.
On 30/04/2012 23:56, Augie Schwer wrote: I must be doing something wrong, because what I want to do doesn't seem that difficult. I have a range of IPs bound to a local interface: lo:1 Link encap:Local Loopback inet addr:10.0.0.1 Mask:255.255.255.224 This means you've got 10.0.0.1 on the interface lo:1. You don't have 10.0.0.2 configured yet. You need to create extra virtual interfaces called lo:2, lo:3 and so on, and give them addresses 10.0.0.2 and 10.0.0.3 and so on. And I want to convince Bind to listen on sub-set of the given range ( 10.0.0.2 for example ), yet when I configure that IP: listen-on { 10.0.0.2; }; Bind won't listen on that interface: named[15035]: not listening on any interfaces That's right, because 10.0.0.2 is not yet configured. -- Anand Buddhdev RIPE NCC ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Convice Bind to listen on IP alias with a range of IPs.
I think you've all missed the netmask there, 10.0.0.2 is in that range. augie@augnix:~$ sudo ifconfig lo:1 10.0.0.1 netmask 255.255.255.224 augie@augnix:~$ ifconfig lo:1 lo:1 Link encap:Local Loopback inet addr:10.0.0.1 Mask:255.255.255.224 augie@augnix:~$ ping 10.0.0.2 -c 1 PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data. 64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=0.027 ms --- 10.0.0.2 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms Given all that, can anyone suggest a reason why Bind won't listen on that address? -- Augie Schwer - au...@schwer.us - http://schwer.us ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Convice Bind to listen on IP alias with a range of IPs.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 04/30/2012 04:56 PM, Augie Schwer wrote: I must be doing something wrong, because what I want to do doesn't seem that difficult. I have a range of IPs bound to a local interface: lo:1 Link encap:Local Loopback inet addr:10.0.0.1 Mask:255.255.255.224 And I want to convince Bind to listen on sub-set of the given range ( 10.0.0.2 for example ), yet when I configure that IP: listen-on { 10.0.0.2; }; Bind won't listen on that interface: named[15035]: not listening on any interfaces is 10.0.0.2 bound to the server? can you show the ip address or ifconfig output ? - -- Larry Brower, CCNA Fedora Ambassador - North America Fedora Quality Assurance lbro...@fedoraproject.org http://www.fedoraproject.org/ -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJPnyJPAAoJEF1Xw4ZWTEoJzecP/j6745eQs5TWT8+9p4k7L92p UF5pM65GSynCmh2KZk0VGLYuYCJNWGywsQU6S3CnsNAWE+a9TaL3I7ViKIrpRjId 0pp/4P4o8Jxi8/fkgG+wXnceOHsSklCKTV883ppKCwl1RJJfncNJQN1+p/bUhBgA 53rMNk0pzr6wAllS3LcqrbGoe3hBJj5hbI/snqw67zjvU4PsfgBi+SjYI0+j9paN edv2VhmN3qQvpJyQW2lMEVwxOLNAa4coClRYaqiOCz35Tg+ZykBVMU5W2jaByS6e qb2KX+Q+eOd6S6IQDT8C122yeHv9nik4Pl1LB6Om3hUEhoAr56BCSWbmPkIy72uC LtQkqWhtqU4706Bzq2Yf5SFpAJQI63ef1Bypm2N91gRhggFBkCcSWnzDXig/cVh+ XGDcXGzSnRCrpHz1uiKNO6rSmDPmd/eugTMGHNa/VTbqepIwIUhu1lLP9AswHWSa 3C3oqncA3CJO6+STryYtyLMtSx6BMtMgaDBJoDCJ1TZ9zAa9nFQlF1hybhsMstEP sgttF17hbgksoOXc0L7Lj1OMTvoClKwosfaEpzyfPJNwZhthG8a37SdNswf/PifF dHlxUniVLOyg4uj6jplzkD2GLFd5ZMwg74fISORh6guOQjNext+Vs/pZt5IvGmie Wi++mDbkUPhq6/9ZwGec =G6Ta -END PGP SIGNATURE- ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Convice Bind to listen on IP alias with a range of IPs.
Thanks for the reply, please see my previous e-mail about the address being perfectly pingable on that interface. We run PowerDNS and Unbound with a similar interface configuration without a problem, I'm sure Bind can too, I just need to know what the special config. option I'm missing is. Any help is appreciated, thank you. :) --Augie On Mon, Apr 30, 2012 at 4:36 PM, michoski micho...@cisco.com wrote: On 4/30/12 2:56 PM, Augie Schwer augie.sch...@gmail.com wrote: I must be doing something wrong, because what I want to do doesn't seem that difficult. I have a range of IPs bound to a local interface: lo:1 Link encap:Local Loopback inet addr:10.0.0.1 Mask:255.255.255.224 This isn't a /27 CIDR range, it's one IP alias with the wrong netmask. :-) IP aliases should generally have a 255.255.255.255 netmask, and you'd need to configure aliases (ifcfg-lo:0, ifcfg-lo:1, etc.) for each IP in the range you want to listen-on. And I want to convince Bind to listen on sub-set of the given range ( 10.0.0.2 for example ), yet when I configure that IP: listen-on { 10.0.0.2; }; Bind won't listen on that interface: Yes, indeed, only 10.0.0.1 is up according to your ifconfig output. Once you've fixed that, you should be able to use an IP range in your listen-on statement as needed, for example: listen-on { !10.0.0.1; 10.0.0/24; }; The BIND ARM shows you listen-on's full syntax: http://ftp.isc.org/isc/bind9/cur/9.7/doc/arm/Bv9ARM.html Good luck. -- Men use thought only to justify their wrong doings, and speech only to conceal their thoughts. -- Voltaire -- Augie Schwer - au...@schwer.us - http://schwer.us ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Convice Bind to listen on IP alias with a range of IPs.
On 4/30/2012 7:14 PM, Augie Schwer wrote: I think you've all missed the netmask there, 10.0.0.2 is in that range. augie@augnix:~$ sudo ifconfig lo:1 10.0.0.1 netmask 255.255.255.224 Netmask says what addresses are REACHABLE on that interface, not the addresses assigned to that interface. AlanC -- a...@clegg.com | acl...@infoblox.com 1.919.355.8851 signature.asc Description: OpenPGP digital signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Convice Bind to listen on IP alias with a range of IPs.
On 4/30/12 4:14 PM, Augie Schwer augie.sch...@gmail.com wrote: I think you've all missed the netmask there, 10.0.0.2 is in that range. augie@augnix:~$ sudo ifconfig lo:1 10.0.0.1 netmask 255.255.255.224 augie@augnix:~$ ifconfig lo:1 lo:1 Link encap:Local Loopback inet addr:10.0.0.1 Mask:255.255.255.224 augie@augnix:~$ ping 10.0.0.2 -c 1 PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data. 64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=0.027 ms --- 10.0.0.2 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms Given all that, can anyone suggest a reason why Bind won't listen on that address? No, we all saw the netmask. A few tried to point out the answer...you first need to get the desired aliases UP on the system for BIND to listen-on. For example, loopback is 127/8 so I can ping all those addresses: OPS:507 r...@dev-ops-test11.vega:mhoskins# ifconfig lo loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:32 errors:0 dropped:0 overruns:0 frame:0 TX packets:32 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:8148 (7.9 KiB) TX bytes:8148 (7.9 KiB) OPS:508 r...@dev-ops-test11.vega:mhoskins# ping 127.0.0.2 PING 127.0.0.2 (127.0.0.2) 56(84) bytes of data. 64 bytes from 127.0.0.2: icmp_seq=1 ttl=64 time=0.012 ms --- 127.0.0.2 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.012/0.012/0.012/0.000 ms OPS:509 r...@dev-ops-test11.vega:mhoskins# ping 127.0.0.3 PING 127.0.0.3 (127.0.0.3) 56(84) bytes of data. 64 bytes from 127.0.0.3: icmp_seq=1 ttl=64 time=0.011 ms --- 127.0.0.3 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.011/0.011/0.011/0.000 ms However, I can't bind daemons to 127.0.0.2, etc. until I configure lo:0, etc. aliases for those addresses! If your ifconfig output doesn't show the IP you want to listen-on, it won't work. This is how it's been as long as I've been alive. If this is hard to believe, try adding a 10.0.0.2 (or whatever) loopback alias with a netmask of 255.255.255.255 (the correct netmask for aliases) and see how BIND behaves. -- By nature, men are nearly alike; by practice, they get to be wide apart. -- Confucius ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Convice Bind to listen on IP alias with a range of IPs.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 04/30/2012 07:13 PM, Augie Schwer wrote: Thanks for the reply, please see my previous e-mail about the address being perfectly pingable on that interface. Whats that have to do with anything? It being pingable only means something is responding for it. This does NOT mean it is on THAT specific server. If it is not on THAT server then bind cant use it. This isn't rocket science :) - -- Larry Brower, CCNA Linux System Administrator II HostGator.com LLC lbro...@hostgator.com Http://www.hostgator.com Http://support.hostgator.com/ -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJPn15TAAoJEF1Xw4ZWTEoJlK0P/0wCGKtzfFr7jCrxq2YQlZbj 2DBwCO9gjZWHnHr35DQ/iYz7U+gU9rzKvXMdDWNKsr8zXoqiyMgt0N1Yp+llHQdj zgGOIlEuqIcL77hGBNQ7zlrutfiPaUuIG/vZe8mLX31M8yDOG2fa38cGtSNKILZL aSejkv5u+4QfRBhWGqtWtcUwslWdBc3TLoxKoI2YidPALjtkGXsPF/qYoke80b+Y 0YPxZ/lyS85KovK9ZgG3dCXl35r0hyLTbHBeD9JTUw6g28CKPq8HX5nKdo1hTYQv +Wdb5cIQGIovVF1QZcXkdGWnhIh9AkGXQ3J4RasCUPi6TuKTlWNhlQjYiYWAl5BB WmvPGSm3gczEJS2VGkTeJbDMKSfmNzRruzObBbVBhUr4rp/xCuJITfltne5PEmaJ 3acBm1fHi1SGifueJeK9LdFPDW27Xog2+1FDbdJFrTGO1qjwGfrEyJ9FFtk9ve2U FZWvyOdomoKapAtI4sxbKG54LTmgAazXflRa4CowEA8EhykX2qGgFhv3rKy3Y9Gf hXnNlVJUIOif9kotAem50MsgTLmMpHkOOcb6ADNDMZ91hxRvJrZ/Eb7E4UtU/g+S UDlb28WT5Cu8okrhqS1uiVjvl4dhnr0ZIz6AZMgMgKTOUw0vihvDgIZ6Ve6Ws+HB PLdxKpjwi6pt6RvHk+al =+qgi -END PGP SIGNATURE- ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Convice Bind to listen on IP alias with a range of IPs.
In message cbc4a14e.28bd2%micho...@cisco.com, michoski writes: On 4/30/12 4:14 PM, Augie Schwer augie.sch...@gmail.com wrote: I think you've all missed the netmask there, 10.0.0.2 is in that range. augie@augnix:~$ sudo ifconfig lo:1 10.0.0.1 netmask 255.255.255.224 augie@augnix:~$ ifconfig lo:1 lo:1 Link encap:Local Loopback inet addr:10.0.0.1 Mask:255.255.255.224 augie@augnix:~$ ping 10.0.0.2 -c 1 PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data. 64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=0.027 ms --- 10.0.0.2 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms Given all that, can anyone suggest a reason why Bind won't listen on that address? No, we all saw the netmask. A few tried to point out the answer...you first need to get the desired aliases UP on the system for BIND to listen-on. For example, loopback is 127/8 so I can ping all those addresses: OPS:507 r...@dev-ops-test11.vega:mhoskins# ifconfig lo loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:32 errors:0 dropped:0 overruns:0 frame:0 TX packets:32 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:8148 (7.9 KiB) TX bytes:8148 (7.9 KiB) OPS:508 r...@dev-ops-test11.vega:mhoskins# ping 127.0.0.2 PING 127.0.0.2 (127.0.0.2) 56(84) bytes of data. 64 bytes from 127.0.0.2: icmp_seq=1 ttl=64 time=0.012 ms --- 127.0.0.2 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.012/0.012/0.012/0.000 ms OPS:509 r...@dev-ops-test11.vega:mhoskins# ping 127.0.0.3 PING 127.0.0.3 (127.0.0.3) 56(84) bytes of data. 64 bytes from 127.0.0.3: icmp_seq=1 ttl=64 time=0.011 ms --- 127.0.0.3 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.011/0.011/0.011/0.000 ms The fact that you can ping them just means that you have a kernel bug. % ifconfig lo0 lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 16384 options=3RXCSUM,TXCSUM inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet 10.53.0.1 netmask 0x inet6 fd92:7065:b8e:::1 prefixlen 64 inet 10.53.0.2 netmask 0x inet6 fd92:7065:b8e:::2 prefixlen 64 inet 10.53.0.3 netmask 0x inet6 fd92:7065:b8e:::3 prefixlen 64 inet 10.53.0.4 netmask 0x inet6 fd92:7065:b8e:::4 prefixlen 64 inet 10.53.0.5 netmask 0x inet6 fd92:7065:b8e:::5 prefixlen 64 inet 10.53.0.6 netmask 0x inet6 fd92:7065:b8e:::6 prefixlen 64 inet 10.53.0.7 netmask 0x inet6 fd92:7065:b8e:::7 prefixlen 64 inet 10.53.0.50 netmask 0x inet 10.53.0.60 netmask 0x inet 10.53.0.70 netmask 0x inet 10.53.0.80 netmask 0x inet 10.53.0.90 netmask 0x inet 10.53.0.100 netmask 0x inet 10.53.0.110 netmask 0x inet 10.53.0.120 netmask 0x inet 10.53.0.130 netmask 0x inet 10.53.0.140 netmask 0x inet 10.53.0.150 netmask 0x inet 10.53.0.160 netmask 0x inet 10.53.0.170 netmask 0x % ping 127.0.0.45 PING 127.0.0.45 (127.0.0.45): 56 data bytes Request timeout for icmp_seq 0 Request timeout for icmp_seq 1 Request timeout for icmp_seq 2 ^C --- 127.0.0.45 ping statistics --- 4 packets transmitted, 0 packets received, 100.0% packet loss % However, I can't bind daemons to 127.0.0.2, etc. until I configure lo:0, etc. aliases for those addresses! If your ifconfig output doesn't show the IP you want to listen-on, it won't work. This is how it's been as long as I've been alive. If this is hard to believe, try adding a 10.0.0.2 (or whatever) loopback alias with a netmask of 255.255.255.255 (the correct netmask for aliases) and see how BIND behaves. -- By nature, men are nearly alike; by practice, they get to be wide apart. -- Confucius ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org