From nobody Tue Jul 2 17:08:41 2024 X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WD8Wd1clvz5Nmbv for ; Tue, 02 Jul 2024 17:08:45 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mx-01.divo.sbone.de (mx-01.divo.sbone.de [IPv6:2003:a:140a:2200:6:594:fffe:19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature ECDSA (P-256) client-digest SHA256) (Client CN "mx-01.divo.sbone.de", Issuer "E5" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WD8Wd0bwDz4JKn; Tue, 2 Jul 2024 17:08:45 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Authentication-Results: mx1.freebsd.org; none Received: from mail.sbone.de (mail.sbone.de [IPv6:fde9:577b:c1a9:4902:0:7404:2:1025]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256) (No client certificate requested) by mx-01.divo.sbone.de (Postfix) with ESMTPS id 7DEEFA64805; Tue, 02 Jul 2024 17:08:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=zabbadoz.net; s=20240622; t=1719940123; bh=n5vsuLs1o+7jyXqckweDB9Ar+poQxejo3pjzyCwf/4A=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=bLvk9QhExggObg3TaV/Cm2zVU8qSgb0hdNO0sDmDnHZcoyq5MAsxfw9asefajvwDm aSdSAfVltlgnaf9aXAPekuAFtch+M8z6ZDdquOPWCm/we86Cf1OHYmjqWkF901bfad oUwjapIS5hk94XvTkm9PS9zrRpvFBHDOBvI6W4B8uwisAPjEYhEu3SnUzUMQfD3nPC 7IKU4LIiKg8UUickjByueZF6VHZZAI75GLLyzVXCayvNlnGPWORb0mX5jwKaEXULjQ ghuse1u3PNieFJcpyN9BP3ZDZjJaLwLzUugPD+y8YV4Ihmfky0u87XFPgdOXs3dStB sGzOJETvfqKahRN/IokaABGPGVTmkANwCebiMtR+ZCD1yp3zFWfDaoYzSZSZrxemsp 2amNguPRrKR6RU6X4M9Z1l+nHLyp7o1Xtp59CxT9xzeR+AH5sKs/CI+VTFrRge87k+ tv2U5KGg+i28SPeGRgLBj+BN5KGEJPSVSULEwYLFsrrPjSHpdI1Sftb2h4r67hwqWR 9CTuYqkqht1kyah596sbrMTbNz2lvoC1aGrOIIQEt9/v7DF/qjdk0aBJeTrbE0vB5g PcOnyxRv7gBWaT9rCZaHxcxnsffUSC1uCbAb3efThWXKU3KdjPdhxn2v/zcHbcD+7d fA/lhZcRhYuTcunzX2blAk4k= Received: from content-filter.t4-02.sbone.de (content-filter.t4-02.sbone.de [IPv6:fde9:577b:c1a9:4902:0:7404:2:2742]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPS id B4E792D029D8; Tue, 2 Jul 2024 17:08:43 +0000 (UTC) X-Virus-Scanned: amavisd-new at sbone.de Received: from mail.sbone.de ([IPv6:fde9:577b:c1a9:4902:0:7404:2:1025]) by content-filter.t4-02.sbone.de (content-filter.t4-02.sbone.de [IPv6:fde9:577b:c1a9:4902:0:7404:2:2742]) (amavisd-new, port 10024) with ESMTP id zJEMZvj3iTy2; Tue, 2 Jul 2024 17:08:42 +0000 (UTC) Received: from strong-iwl0.sbone.de (strong-iwl0.sbone.de [IPv6:fde9:577b:c1a9:4902:b66b:fcff:fef3:e3d2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPSA id E9B002D029D2; Tue, 2 Jul 2024 17:08:41 +0000 (UTC) Date: Tue, 2 Jul 2024 17:08:41 +0000 (UTC) From: "Bjoern A. Zeeb" To: Craig Leres cc: Bakul Shah , sthaug@nethelp.no, freebsd-stable@freebsd.org Subject: Re: BIND 9.19.24 not listening to rndc port (953) In-Reply-To: <57b84b90-5f95-475b-9f45-ecff2b4adf05@freebsd.org> Message-ID: <4s037291-72n0-rnq0-8o69-o0r56p3r811o@yvfgf.mnoonqbm.arg> References: <20240630.134609.2166404118346455953.sthaug@nethelp.no> <3ace1a1c-324a-41ce-a39c-676ef830a5e0@freebsd.org> <57b84b90-5f95-475b-9f45-ecff2b4adf05@freebsd.org> X-OpenPGP-Key-Id: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-stable@freebsd.org Sender: owner-freebsd-stable@FreeBSD.org MIME-Version: 1.0 Content-Type: multipart/mixed; BOUNDARY="1098556516-1216463851-1719940065=:2327" Content-ID: <179r25or-rr28-317s-9nq1-696o5pq31o41@mnoonqbm.arg> X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:3320, ipnet:2003::/19, country:DE] X-Rspamd-Queue-Id: 4WD8Wd0bwDz4JKn This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --1098556516-1216463851-1719940065=:2327 Content-Type: text/plain; CHARSET=UTF-8; format=flowed Content-Transfer-Encoding: 8BIT Content-ID: <3s59p25o-6r1s-46qn-0648-8qq803p53n1n@mnoonqbm.arg> On Mon, 1 Jul 2024, Craig Leres wrote: > On 7/1/24 10:17, Bakul Shah wrote: >> On Jul 1, 2024, at 9:18 AM, Craig Leres wrote: >>> >>> On 6/30/24 04:46, sthaug@nethelp.no wrote: >>>> Short description: Fresh install of bind9-devel-9.19.24_1 doesn't >>>> listen to localhost port 953, with the result that rndc doesn't work. >>>> Problem is 100% reproducible. >>> >>> bind-tools-9.18.27_1 with 14.1-RELEASE-p1 suffers from this as well. >> >> I was ignoring this until now but finally chased it down! I had to add >> >> inet 127.0.0.1 port 953 >> allow { 127.0.0.1; } keys { "rndc-key"; }; >> >> to "controls { ... }" in /etc/named.conf > > Ah... I already had that but I see now that the problem is due to the 14.1 > issue I reported (see "FreeBSD 14.x localhost source address" on the > freebsd-stable list). > >> For 14.1 at least, this has the side effect that the source address >> for anything in the 127.0.0.0/8 domain becomes 127.0.0.2 instead >> of 127.0.0.1. > > So I changed named.conf and now it works! [... hijacking ...] This all wouldn't be a problem if they wouldn't have taken away UNIX Domain sockets ... https://gitlab.isc.org/isc-projects/bind9/-/issues/4311 Maybe more people want to complain ;-) -- Bjoern A. Zeeb r15:7 --1098556516-1216463851-1719940065=:2327--