• Bind IPV6 issue

    From Duleep Thilakarathne@21:1/5 to All on Thu Jul 9 14:31:40 2020
    Hi,

    I have configured bind with IPV6 support enabled. However bind does not
    listen to IPV6 address. Any particular reason.is there any place to enable
    IPV6 support other than named.conf.

    Version : BIND 9.11.4-P1 (Extended Support Version)


    in named.conf file

    listen-on-v6 { any; };


    regards
    DT

    <div dir="ltr">Hi,<div><br><div>I have configured bind with IPV6 support enabled. However bind does not listen to IPV6 address. Any particular <a href="http://reason.is">reason.is</a> there any place to enable IPV6 support other than named.conf.</div><
    <br></div><div>Version : BIND 9.11.4-P1 (Extended Support Version)<br></div><div><br></div><div><br></div><div>in named.conf file</div><div><br></div><div>listen-on-v6 { any; };<br></div><div><br></div><div><br></div><div>regards</div><div>DT</div></
    </div>

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Nyamkhand Buluukhuu@21:1/5 to Duleep Thilakarathne on Thu Jul 9 17:42:34 2020
    To: bind-users@lists.isc.org (bind-users@lists.isc.org)

    Hello,

    listen-on-v6 port 53 {};

    You can try like above.
    then after restarting named, check result from 'netstart -ltnp' command to see if v6 address is listening.

    Have a nice day :)
    BR, NYAMKHAND Buluukhuu



    ________________________________
    From: bind-users <bind-users-bounces@lists.isc.org> on behalf of Duleep Thilakarathne <dchandimal@gmail.com>
    Sent: Thursday, July 9, 2020 5:01 PM
    To: bind-users@lists.isc.org <bind-users@lists.isc.org>
    Subject: Bind IPV6 issue

    Hi,

    I have configured bind with IPV6 support enabled. However bind does not listen to IPV6 address. Any particular reason.is<https://protect2.fireeye.com/v1/url?k=b96f3e33-e7f7acf6-b96807ec-86982a5fc978-1032b724f3f312c6&q=1&e=17bbfe92-8468-4378-8c71-
    444c92a61cb8&u=http%3A%2F%2Freason.is%2F> there any place to enable IPV6 support other than named.conf.

    Version : BIND 9.11.4-P1 (Extended Support Version)


    in named.conf file

    listen-on-v6 { any; };


    regards
    DT

    <html>
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
    <style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
    </head>
    <body dir="ltr">
    <div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
    Hello,</div>
    <div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

    </div>
    <div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
    listen-on-v6 port 53 {};<br>
    </div>
    <div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

    </div>
    <div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
    You can try like above.</div>
    <div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
    then after restarting named, check result from 'netstart -ltnp' command to see if v6 address is listening.</div>
    <div>
    <div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

    </div>
    <div id="Signature">
    <div>
    <div></div>
    <div></div>
    <div></div>
    <div></div>
    <div id="divtagdefaultwrapper" dir="ltr" style="font-size:12pt; color:#000000; font-family:Calibri,Helvetica,sans-serif">
    <p style="margin-top:0px; margin-bottom:0px; margin-top:0; margin-bottom:0"></p>
    <p class="MsoNormal" style="margin-top:0px; margin-bottom:0px"><a name="_MailAutoSig" id="LPlnk292281" class="OWAAutoLink" style="font-family:Calibri,Helvetica,sans-serif,EmojiFont,&quot;Apple Color Emoji&quot;,&quot;Segoe UI Emoji&quot;,NotoColorEmoji,&
    quot;Segoe UI Symbol&quot;,&quot;Android Emoji&quot;,EmojiSymbols; font-size:16px"><span style="font-size:10pt; font-family:Tahoma,sans-serif"><i style="">Have
    a nice day :)</i></span></a><b></b><br>

    <p class="MsoNormal" style="margin-top:0px; margin-bottom:0px"><a name="_MailAutoSig"><b><span style="font-size:10.0pt; font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;; color:black">BR, NYAMKHAND Buluukhuu</span></b></a><span style=""><span style=""
    </span></span></p>
    <p class="MsoNormal" style="margin-top:0px; margin-bottom:0px"><span style=""><b><span style="color:#1F497D">&nbsp;</span></b></span></p>

    <p style="margin-top:0px; margin-bottom:0px"></p>
    </div>
    </div>
    </div>
    </div>
    <div id="appendonsend"></div>
    <hr style="display:inline-block;width:98%" tabindex="-1">
    <div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> bind-users &lt;bind-users-bounces@lists.isc.org&gt; on behalf of Duleep Thilakarathne &lt;dchandimal@gmail.com&gt;<br>
    <b>Sent:</b> Thursday, July 9, 2020 5:01 PM<br>
    <b>To:</b> bind-users@lists.isc.org &lt;bind-users@lists.isc.org&gt;<br> <b>Subject:</b> Bind IPV6 issue</font>
    <div>&nbsp;</div>
    </div>
    <div>
    <div dir="ltr">Hi,
    <div><br>
    <div>I have configured bind with IPV6 support enabled. However bind does not listen to IPV6 address. Any particular&nbsp;<a href="https://protect2.fireeye.com/v1/url?k=b96f3e33-e7f7acf6-b96807ec-86982a5fc978-1032b724f3f312c6&amp;q=1&amp;e=17bbfe92-8468-
    4378-8c71-444c92a61cb8&amp;u=http%3A%2F%2Freason.is%2F">reason.is</a>
    there any place to enable IPV6 support other than named.conf.</div>
    <div><br>
    </div>
    <div>Version : BIND 9.11.4-P1 (Extended Support Version)<br>
    </div>
    <div><br>
    </div>
    <div><br>
    </div>
    <div>in named.conf file</div>
    <div><br>
    </div>
    <div>listen-on-v6 { any; };<br>
    </div>
    <div><br>
    </div>
    <div><br>
    </div>
    <div>regards</div>
    <div>DT</div>
    </div>
    </div>
    </div>
    </body>
    </html>

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Anand Buddhdev@21:1/5 to Duleep Thilakarathne on Thu Jul 9 11:28:18 2020
    To: bind-users@lists.isc.org

    On 09/07/2020 11:01, Duleep Thilakarathne wrote:

    Hi Duleep,

    I have configured bind with IPV6 support enabled. However bind does not listen to IPV6 address. Any particular reason.is there any place to enable IPV6 support other than named.conf.

    Version : BIND 9.11.4-P1 (Extended Support Version)

    in named.conf file

    listen-on-v6 { any; };

    This should work. But how do you know that BIND does not listen on IPv6 addresses? Did you check using "ss -lunp" or "netstat -upan"?

    Regards,
    Anand

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Duleep Thilakarathne@21:1/5 to Anand Buddhdev on Thu Jul 9 16:26:25 2020
    Copy: bind-users@lists.isc.org

    Hi Anand,

    Yes netstat -upan only shows only ipv4 address listen :53. But sever
    listens for ipv6 SSH port. So i can confirm IPV6 working fine in server.
    But not for udp port 53.

    Regards
    DT

    On Thu, 9 Jul 2020, 14:58 Anand Buddhdev, <anandb@ripe.net> wrote:

    On 09/07/2020 11:01, Duleep Thilakarathne wrote:

    Hi Duleep,

    I have configured bind with IPV6 support enabled. However bind does not listen to IPV6 address. Any particular reason.is there any place to
    enable
    IPV6 support other than named.conf.

    Version : BIND 9.11.4-P1 (Extended Support Version)

    in named.conf file

    listen-on-v6 { any; };

    This should work. But how do you know that BIND does not listen on IPv6 addresses? Did you check using "ss -lunp" or "netstat -upan"?

    Regards,
    Anand


    <div dir="auto">Hi Anand,<div dir="auto"><br></div><div dir="auto">Yes netstat -upan only shows only ipv4 address listen :53. But sever listens for ipv6 SSH port. So i can confirm IPV6 working fine in server. But not for udp port 53.</div><div dir="auto">
    <br></div><div dir="auto">Regards </div><div dir="auto">DT</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, 9 Jul 2020, 14:58 Anand Buddhdev, &lt;<a href="mailto:anandb@ripe.net">anandb@ripe.net</a>&gt; wrote:<br></div><
    blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On 09/07/2020 11:01, Duleep Thilakarathne wrote:<br>

    Hi Duleep,<br>

    &gt; I have configured bind with IPV6 support enabled. However bind does not<br>
    &gt; listen to IPV6 address. Any particular <a href="http://reason.is" rel="noreferrer noreferrer" target="_blank">reason.is</a> there any place to enable<br>
    &gt; IPV6 support other than named.conf.<br>
    &gt; <br>
    &gt; Version : BIND 9.11.4-P1 (Extended Support Version)<br>
    &gt; <br>
    &gt; in named.conf file<br>
    &gt; <br>
    &gt; listen-on-v6 { any; };<br>

    This should work. But how do you know that BIND does not listen on IPv6 <br> addresses? Did you check using &quot;ss -lunp&quot; or &quot;netstat -upan&quot;?<br>

    Regards,<br>
    Anand<br>
    </blockquote></div>

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Anand Buddhdev@21:1/5 to Duleep Thilakarathne on Thu Jul 9 13:51:34 2020
    Copy: bind-users@lists.isc.org

    On 09/07/2020 12:56, Duleep Thilakarathne wrote:

    Hi Duleep,

    After starting BIND, can you examine its log entries? It should print
    all the addresses it is binding to, eg:

    09-Jul-2020 13:50:57.674 listening on IPv4 interface lo0, 127.0.0.1#53 09-Jul-2020 13:50:57.676 IPv6 socket API is incomplete; explicitly
    binding to each IPv6 address separately
    09-Jul-2020 13:50:57.676 listening on IPv6 interface lo0, ::1#53
    09-Jul-2020 13:50:57.677 listening on IPv6 interface lo0, fe80::1%1#53 09-Jul-2020 13:50:57.678 listening on IPv6 interface en0, fe80::46f:4f61:8541:6b2f%4#53
    09-Jul-2020 13:50:57.679 listening on IPv4 interface en0, 192.168.178.20#53 09-Jul-2020 13:50:57.680 listening on IPv6 interface en0, 2001:1c04:2a11:7d00:1cb9:6e7e:d4b3:ae1b#53
    09-Jul-2020 13:50:57.681 listening on IPv6 interface en0, 2001:1c04:2a11:7d00:61ed:2e3:3afc:b116#53

    Hi Anand,

    Yes netstat -upan only shows only ipv4 address listen :53. But sever
    listens for ipv6 SSH port. So i can confirm IPV6 working fine in server.
    But not for udp port 53.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Hrant Dadivanyan@21:1/5 to Duleep Thilakarathne on Thu Jul 9 18:06:32 2020
    This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --ps5nDQGZ6hcpoHD5sqo0Gi0WShtVvOMwk
    Content-Type: text/plain; charset=utf-8
    Content-Language: en-US
    Content-Transfer-Encoding: quoted-printable


    Hi Duleep,

    Any process running as non-root user can't bind to a port lower than
    1024 (53 in your case), so if you change process uid on start (named -u)
    then stop the named process and start anew.

    Thank you,
    Hrant

    On 2020-07-09 14:56, Duleep Thilakarathne wrote:
    Hi Anand,

    Yes netstat -upan only shows only ipv4 address listen :53. But sever
    listens for ipv6 SSH port. So i can confirm IPV6 working fine in server.
    But not for udp port 53.

    Regards 
    DT

    On Thu, 9 Jul 2020, 14:58 Anand Buddhdev, <anandb@ripe.net <mailto:anandb@ripe.net>> wrote:

    On 09/07/2020 11:01, Duleep Thilakarathne wrote:

    Hi Duleep,

    > I have configured bind with IPV6 support enabled. However bind
    does not
    > listen to IPV6 address. Any particular reason.is
    <http://reason.is> there any place to enable
    > IPV6 support other than named.conf.
    >
    > Version : BIND 9.11.4-P1 (Extended Support Version)
    >
    > in named.conf file
    >
    > listen-on-v6 { any; };

    This should work. But how do you know that BIND does not listen on IPv6
    addresses? Did you check using "ss -lunp" or "netstat -upan"?

    Regards,
    Anand


    _______________________________________________
    Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

    ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


    bind-users mailing list
    bind-users@lists.isc.org
    https://lists.isc.org/mailman/listinfo/bind-users



    --ps5nDQGZ6hcpoHD5sqo0Gi0WShtVvOMwk--

    -----BEGIN PGP SIGNATURE-----
    Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/

    iQEzBAEBCAAdFiEEPbz+l3tnoK718ci3h/fmw7c/bD0FAl8HJGgACgkQh/fmw7c/ bD344Qf/dVNilE8SY7eRqh4sGximY6lAGhfczaLQn5gBbfDH+mnKJ9eEMlkeJoSP j2LlK2Fevi0m+v4a/tkd/eG9aWIBeiZur6moAbz+p74Lr8KR73JvVA9y6MV1ZOdK lWXPzMb8D12VI6wWZu25vETBe3XzAzAmtW6a0cbFSSj9/jAzbn/JfCEr2tmHUe9x hPOnzTrWR44g2KnM68m+6KxLFLapcRmgFSvxScxV/3jJtUjkqaeSlk+BsTyM0J5S RJncFpZxcjBiwL7PHX+mw5iD7KAIMJALk+GQAhINdMVWi6Bq2sSqitAUDlIQCrn9 9SBsdCePNtNDPzTCkgx9KIJNvr+oDQ==
    =IQYa
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)