Date: Mon, 03 Mar 2008 19:36:04 -0800 From: "Chris H." <chris#@1command.com> To: Royce Williams <royce@alaska.net> Cc: Jeremy Chadwick <koitsu@freebsd.org>, freebsd-stable@freebsd.org Subject: Re: What's new on the 127.0.0/24 block in 7? Message-ID: <20080303193604.s40hzd0dw8o8gckw@webmail.1command.com> In-Reply-To: <47CCBCED.6040301@alaska.net> References: <20080303174335.xzd80uz0so48o8sk@webmail.1command.com> <20080304022120.GA67410@eos.sc1.parodius.com> <47CCBCED.6040301@alaska.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Quoting Royce Williams <royce@alaska.net>: > Jeremy Chadwick wrote, on 3/3/2008 5:21 PM: >> On Mon, Mar 03, 2008 at 05:43:35PM -0800, Chris H. wrote: >> I've looked at this software: http://www.corpit.ru/mjt/rbldnsd.html >> >> Why exactly do you need this software to bind to 127.0.0.2 or 127.0.0.3? >> I don't see any indication of it needing that. DNS-based RBLs don't >> work like that, so I'm confused by this request. Indeed. You are /quite/ correct. I /do/ in fact run the BIND on the same servers, and /do/ forward requests to the same servers primary address (IP). But on a different port eg; blackvoid.mydomain.COM { type forward; forward only; forwarders { <servers primary IP> port 530; }; }; Hell, this is right out of the BIND FAQ that comes with the FreeBSD BIND port. /However/, rbldnsd needs to /answer/ when it finds a match, and answers: IN A 127.0.0.2 REJECTED! evil spammer... So. This is what I mean by needing 127.0.0.? other than 127.0.0.1. Which brings me 'round to my original question: What has changed in 7 regarding 127.0.0/24 (lo0 || loopback). I have identical server setups/configs on 2 servers. The recent RELENG_6 server creates/provides 127.0.0/24 without question. While 7-RC3 only provides 127.0.0.1. Thanks for taking the time to respond. --Chris H > > It's not uncommon to configure BIND to forward requests for a DNSBL > zone to another local listener, so that one can take advantage of both > BIND local zones and rbldnsd local zones. > > See http://www.njabl.org/rsync.html for an example -- the BIND config > of which looks like: > > zone "dnsbl.njabl.org" IN { > type forward; > forward first; > forwarders { > 127.0.0.1 port 530; > }; > }; > > Royce > > -- > Royce D. Williams - IP Engineering, ACS > http://www.tycho.org/royce/ - PGP: 3FC087DB/1776A531 > Amid a multitude of projects, no plan is devised. - Syrus > -- panic: kernel trap (ignored)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080303193604.s40hzd0dw8o8gckw>