From owner-freebsd-stable@FreeBSD.ORG Tue Mar 4 02:21:20 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A2EA8106566B for ; Tue, 4 Mar 2008 02:21:20 +0000 (UTC) (envelope-from jdc@parodius.com) Received: from mx01.sc1.parodius.com (mx01.sc1.parodius.com [72.20.106.3]) by mx1.freebsd.org (Postfix) with ESMTP id A31E98FC21 for ; Tue, 4 Mar 2008 02:21:20 +0000 (UTC) (envelope-from jdc@parodius.com) Received: by mx01.sc1.parodius.com (Postfix, from userid 1000) id 790281CC038; Mon, 3 Mar 2008 18:21:20 -0800 (PST) Date: Mon, 3 Mar 2008 18:21:20 -0800 From: Jeremy Chadwick To: "Chris H." Message-ID: <20080304022120.GA67410@eos.sc1.parodius.com> References: <20080303174335.xzd80uz0so48o8sk@webmail.1command.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20080303174335.xzd80uz0so48o8sk@webmail.1command.com> User-Agent: Mutt/1.5.16 (2007-06-09) Cc: freebsd-stable@freebsd.org Subject: Re: What's new on the 127.0.0/24 block in 7? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Mar 2008 02:21:20 -0000 On Mon, Mar 03, 2008 at 05:43:35PM -0800, Chris H. wrote: > Greetings, > I'm having some difficulty working with anything past 127.0.0.1. > It seems impossible to use (create) any addresses on the "loopback" > past 127.0.0.1. > More specifically; I installed rbldnsd from ports, and it worked quite > well on a 6.x install. However, attempting the same config/install on > a 7-RC3 install yields the inability to bind/create 127.0.0.2, or > 127.0.0.3 for rbldnsd to answer on - all queries are refused. The > same pinging/digging, etc. > > The 2 servers have /exactly/ the same net setups, and DNS/rbldnsd > configs. Yet no joy on the RELENG_7 box. So it /appears/ something > in this area has changed since 6. But I'm unable to discover any > info on it. I've looked at this software: http://www.corpit.ru/mjt/rbldnsd.html Why exactly do you need this software to bind to 127.0.0.2 or 127.0.0.3? I don't see any indication of it needing that. DNS-based RBLs don't work like that, so I'm confused by this request. The software acts as "dumb" DNS server that returns specific IP addresses when certain zones are resolved. postfix, sendmail, or any other MTA will attempt DNS resolution of a hostname (at whatever stage of the SMTP transaction). You tell the MTA to use whatever.blah.com as a dnsbl, and the MTA will execute a resolver query to whatever.blah.com for a specific hostname. The resolver (rbldnsd) will answer for a hostname with a specific IP address (per the configuration file); each IP address returned can be used for a unique purpose, e.g. 127.0.0.2 could mean "SOCKS proxy; denied", while 127.0.0.99 could mean "Known hijacked network". There's a common list used here: http://www.netwidget.net/books/apress/dns/info/dnsbl.htm; see section "127/8 Return Codes". If, for some bizarre reason, you REALLY DO need multiple loopback addresses, it works fine, as confirmed on my RELENG_7 box: icarus# ifconfig lo0 inet 127.0.0.2 netmask 255.255.255.255 alias icarus# ifconfig lo0 lo0: flags=8049 metric 0 mtu 16384 inet 127.0.0.1 netmask 0xff000000 inet 127.0.0.2 netmask 0xffffffff icarus# ping 127.0.0.2 PING 127.0.0.2 (127.0.0.2): 56 data bytes 64 bytes from 127.0.0.2: icmp_seq=0 ttl=64 time=0.022 ms 64 bytes from 127.0.0.2: icmp_seq=1 ttl=64 time=0.012 ms ^C --- 127.0.0.2 ping statistics --- 2 packets transmitted, 2 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 0.012/0.017/0.022/0.005 ms -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |