[rbldnsd] I HATE BIND - please help

Chris. cth at fastmail.ca
Fri Feb 29 23:14:45 MSK 2008 

Hello, and thank you /very/ much for your informative reply.
I'll summarize at the bottom...

On Fri, 29 Feb 2008 15:59:39 +0300, Michael Tokarev wrote...

> Chris. wrote:
>> On Thu, 28 Feb 2008 09:43:54 -0800, David Sparks wrote...
>> 
>>>>>> rbldnsd_flags:-"-r /usr/local/etc/rbldnsd -f -v -v -c 1m \
>>>>>> -b 75.160.109.247/530 dnsbl.DOMAIN-1.TLD:ip4tset:clients \
>>>>>> dnsbl.DOMAIN-1.TLD:ip4set:hosts
>>>> 1204196045 <internet IP here>
>>>> 165.193.171.124.blackhole.nospammers.NET A IN: REFUSED/0/61
>>>> Looks as though that rbldnsd refuses to bind to any IP's in the
>>>> loopback block. It happly binds to the Internet Routable IP/PORT I
>>>> give it. But will /not/ use either 127.0.0.2, or 127.0.0.3. Which
>>>> I've assigned to the two zones.
> 
> Don't confuse two unrelated things.  That "REFUSED" log entry
> from rbldnsd is because you either used an acl (access control list),
> or that you didn't tell it anything about the zone in question
> (blackhole.nospammers.NET).
> 
>>> It works for me ... try changing the -b 75.160.109.247/530 in your
>>> rbldnsd_flags to 127.0.0.2.  Better yet change it to 0.0.0.0/530 for
>>> testing.
>> 
>> I'm not sure you understood me when I said rbldnsd wouldn't bind to
>> the loopback block. Here's some examples of the output:
>> 
>> -b 127.0.0.2/530
>> rbldnsd: unable to bind to 127.0.0.2/530: Can't assign requested
>> address
> 
> EADDRNOTAVAIL errno value means the address you told it to use is not
> available locally.
> 
> Here we come to differences between different operating systems.
> For example, on linux, if you use 127.0.0.1/8 for you loopback
> interface, linux will pretend that all 2^24 (127.*.*.*) IP addresses
> are actually assigned to the interface.  In contrast, for example
> Solaris will not do so, treating lo here exactly the same way as
> any ethernet device (in order to use 127.0.0.2 etc, you have to
> assign them to lo:1, lo:2 etc aliases).
> 
> But you can live without 127.0.0.2 etc, since you already figured
> out how to use alternate port.
> 
>> ... and so on.
>> Nothing else is bound to those IP's.
> 
> Sure, or else the error will be EADDRINUSE.
> 
>> So like I said, the only difference between the two is the BIND
>> version - 9.4 vs. 9.3. Which leads me to believe rbldnsd
>> won't/doesn't work the same on newer versions of BIND.
> 
> You're just starting the two, they don't yet work "together".  An I
> sure the same thing will happen when you'll start rbldnsd like this
> without bind... because the problem is elsewhere.
> 
> (Please excuse me for this terse reply - i'm quite ill and can't
> think cleanly due to too high temperature)
First, I am sorry to hear you do not feel well - no apology necessary.
I am grateful for /any/ possible solution, and apologize probable poor
conclusion, or description - if I knew the actual problem, I would have
the solution. ;)
FWIW both the working, and non-working installs were on BSD/OS (FreeBSD).
FWIW both installs declared only localhost at 127.0.0.1 in their hosts file.
FWIW both installs used only 1 (one) Internet Routable IP address on the RBLDNS commandline.
FWIW nospammers.COM, and nospammers.NET each have a different, and valid internet routable
addresses. Both names are fictitious in this dialog, as I'm not ready to announce them
until I have a working, and stable RBLDNSD install. I hope that's understandable. :)
FWIW other than the FQDN, and IP addresses, the only difference between the 2 installs
is the version of BSD, and the version of the BIND.
FWIW I realize that the thread has obscured my original post which included my detailed
(and working) config/setup. If you wish me to repeat it, I would be more than happy
to reproduce it here. Also, if there is anything else required/desired to assist you,
please let me know, as I will be happy to oblige. ;)
FWIW I'm confident that this is a resolvable problem. As such, I have begun creating
a web interface to the RBLDNSD lists which can be manipulated from a web browser,
and stored in a DB. Hope this helps.
OH. One more thing. It might be worth noting that there is a bug in the 9.4 BIND
related to name resolution (gethostbyname as I recall). This may be the difference,
which may require some sort of kludge to work around - see; may be the trouble.

Thank you again for taking the time to respond. Please do not trouble yourself
until you are feeling better. I will be more than happy to wait until then. :)

Best wishes.

--Chris H

> 
> /mjt
> _______________________________________________
> rbldnsd mailing list
> rbldnsd at corpit.ru
> http://www.corpit.ru/mailman/listinfo/rbldnsd
_________________________________________________________________
    http://fastmail.ca/ - Fast Secure Web Email for Canadians

More information about the rbldnsd mailing list