ports/94721: BIND9-named strange behavior
Pavel E. Petrov
kamenka at gmail.com
Mon Mar 20 08:20:19 UTC 2006
>Number: 94721
>Category: ports
>Synopsis: BIND9-named strange behavior
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Mar 20 08:20:18 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Pavel E. Petrov
>Release: 6.1-prerelease
>Organization:
"TD Polimerstroymaterialy", LTD
>Environment:
FreeBSD tdpsm.spb.ru 6.1-PRERELEASE FreeBSD 6.1-PRERELEASE #1: Sat Mar 18 15:37:44 MSK 2006 admin at tdpsm.spb.ru:/usr/obj/usr/src/sys/RAINBOW-II i386
>Description:
After upgrading from 5.3-release to 6.1-prerelease i found that system stop to make resolvings. There was found an ipfw rule which drops packets to local named daemon. It was antispoofing rule. So there is a problem:
vr0 is an interface with ip 192.168.1.201
bind listens at 192.168.1.201:53
When i try to do any resolving, system sends packets at 192.168.1.201:53 trough lo0, so ipfw antispoof rule drops it coz of missinterfacing.
netstat -rn shows stright pass for all 192.168.1 subnet : LINK#2 (which is vr0)
Now i just skip this rule and all works well.
Note, that 5.3 with its older bind9 was OK with it. The problem started exactly after upgrading kernel and world.
>How-To-Repeat:
I havent any thoughts.
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list