[rbldnsd] I HATE BIND - please help
Michael Tokarev
mjt at tls.msk.ru
Fri Feb 29 15:59:39 MSK 2008
Chris. wrote:
> On Thu, 28 Feb 2008 09:43:54 -0800, David Sparks wrote...
>
>>>>> rbldnsd_flags:-"-r /usr/local/etc/rbldnsd -f -v -v -c 1m \
>>>>> -b 75.160.109.247/530 dnsbl.DOMAIN-1.TLD:ip4tset:clients \
>>>>> dnsbl.DOMAIN-1.TLD:ip4set:hosts
>>> 1204196045 <internet IP here>
>>> 165.193.171.124.blackhole.nospammers.NET A IN: REFUSED/0/61
>>> Looks as though that rbldnsd refuses to bind to any IP's in the
>>> loopback block. It happly binds to the Internet Routable IP/PORT I
>>> give it. But will /not/ use either 127.0.0.2, or 127.0.0.3. Which
>>> I've assigned to the two zones.
Don't confuse two unrelated things. That "REFUSED" log entry
from rbldnsd is because you either used an acl (access control list),
or that you didn't tell it anything about the zone in question
(blackhole.nospammers.NET).
>> It works for me ... try changing the -b 75.160.109.247/530 in your
>> rbldnsd_flags to 127.0.0.2. Better yet change it to 0.0.0.0/530 for
>> testing.
>
> I'm not sure you understood me when I said rbldnsd wouldn't bind to
> the loopback block. Here's some examples of the output:
>
> -b 127.0.0.2/530
> rbldnsd: unable to bind to 127.0.0.2/530: Can't assign requested address
EADDRNOTAVAIL errno value means the address you told it to use is not
available locally.
Here we come to differences between different operating systems.
For example, on linux, if you use 127.0.0.1/8 for you loopback
interface, linux will pretend that all 2^24 (127.*.*.*) IP addresses
are actually assigned to the interface. In contrast, for example
Solaris will not do so, treating lo here exactly the same way as
any ethernet device (in order to use 127.0.0.2 etc, you have to
assign them to lo:1, lo:2 etc aliases).
But you can live without 127.0.0.2 etc, since you already figured
out how to use alternate port.
> ... and so on.
> Nothing else is bound to those IP's.
Sure, or else the error will be EADDRINUSE.
> So like I said, the only difference between the two is the BIND version -
> 9.4 vs. 9.3. Which leads me to believe rbldnsd won't/doesn't
> work the same on newer versions of BIND.
You're just starting the two, they don't yet work "together". An I
sure the same thing will happen when you'll start rbldnsd like this
without bind... because the problem is elsewhere.
(Please excuse me for this terse reply - i'm quite ill and can't
think cleanly due to too high temperature)
/mjt
More information about the rbldnsd
mailing list