#1
  1. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2003
    Posts
    2
    Rep Power
    0

    Add second IP address to DNS server


    Our ISP recently informed us that they are renumbering their IP network and our address block is changing. They have enabled both the old and new IPs for us during the transfer period. We are running BIND9 on an OpenBSD firewall using pf. I aliased the new addresses on the firewall external interface and created a second logical internal network, binat-ing the new external addresses to the new internal network. That all works fine and I can hit the services of the internal servers on either IP. But on the firewall, named will not start on the new IP address, error:
    named[7096]: could not listen on UDP socket: permission denied
    AND
    named[7096]: creating IPv4 interface dc1 failed: interface ignored

    Is there any way to get BIND to work on the aliased IP address (which of course is in a completely different subnet)?
  2. #2
  3. DNS/BIND Guru
    Devshed Specialist (4000 - 4499 posts)

    Join Date
    Jun 2003
    Location
    OH, USA
    Posts
    4,266
    Rep Power
    173
    I didn't quite understand some of that. However, thinking strictly about having the BIND server listen on more than one IP address. Is it acceptable that you just set it to listen on 0.0.0.0? In that case it will listen on all interfaces. If that is not acceptable. I'll do a little research.
  4. #3
  5. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2003
    Posts
    2
    Rep Power
    0
    Thanks for responding. This got me thinking. I tried all zeros and did a reload and it stopped listening on all interfaces. I deleted that line from named.conf and it still wouldn't listen! So I killed the process and restarted and now it is listening on both IPs I wanted it to. DOH!
    Sorry for wasting your time...
  6. #4
  7. DNS/BIND Guru
    Devshed Specialist (4000 - 4499 posts)

    Join Date
    Jun 2003
    Location
    OH, USA
    Posts
    4,266
    Rep Power
    173
    yeah by default it should listen on all interfaces (0.0.0.0). Good to know it's working.

IMN logo majestic logo threadwatch logo seochat tools logo