[BlueOnyx:11644] DNS listen on multiple IPs?

David Thacker David at ThackerNet.com
Wed Oct 31 16:29:23 -05 2012 

Greetings,

On the Cobalt RaQ when DNS service was enabled, BIND would listen on the 
server IP as well as on all of the virtual site IPs. So, it was common to 
list the one actual nameserver on multiple IPs, so as to appear as 
multiple nameservers. In my case I had both "ns1" and "ns2" nameservers 
defined on different IPs, though they were actual both on the same 
physical box. I had additional nameservers on a different box, so I did 
actually have working DNS service even if the main box wasn't accessible.

Anyway, I just realized that this "DNS alias" behaviour, where DNS service 
would listen on multiple IPs on the same box does not seem to work on my 
BX server (that replaced the RaQ).

I kinda like the DNS server listening on multiple IPs, especially since I 
have one of those virtual servers listed as one of the authoritative 
nameservers on every domain I am hosting.

So, googled around a bit and found out I could enable this behavior with 
BIND's "listen-on" option. This option may only be used in the "global 
options clause" in the named.conf file, and may not be used in the 
named.conf.include file. Manually added this option with the IPs I wanted 
(including localhost) into the /var/named/chroot/etc/named.conf file on my 
BX box, restarted named and everything's good. Here's the syntax:

  // listen on multiple IPs
  listen-on port 53 { 127.0.0.1; 207.34.56.131; 207.34.56.132; 
207.34.56.192; };

However, this tweak gets overwritten as soon as I make any DNS changes in 
the BX admin GUI, because it is in the main named.conf file and not in the 
include file.

Does anyone have any suggestions on how to make this BIND listen-on option 
"permanent" so that I don't need to manually add it back in to named.conf 
each time I save a DNS change?


As a long term suggestion, an additional "Listen On These IPs (optional)" 
box in the DNS Settings > Advanced GUI page would be sweet. You could use 
the same logic to handle that as you do for the Zone Transfer Access and 
Query Request Recursion boxes, as they are both going into that same 
global options block in the named.conf file.

Regards,

dAvid tHacker                                  Email: David at ThackerNet.com
Thacker Network Technologies Inc.                Http://www.ThackerNet.com

More information about the Blueonyx mailing list