What's new on the 127.0.0/24 block in 7?

Mark Andrews Mark_Andrews at isc.org
Tue Mar 4 05:30:37 UTC 2008 

> Quoting Andy Dills <andy at xecu.net>:
> 
> > On Mon, 3 Mar 2008, Chris H. wrote:
> >
> >> > Are you sure it's a /24 you are talking about? My 7.0 disks install
> >> > 127.0.0.1/8 here.
> >>
> >> Really? Where did you get the install disc? Mine clearly doesn't. :(
> >> All I am provided is 127.0.0.1 - not 127.0.0.2,3...
> >
> > 127.0.0.1/8 just means 127.0.0.1 with a netmask of 255.0.0.0. It doesn't
> > imply a default behavior of binding to any other address than 127.0.0.1.
> >
> > But I'm still really confused what you're trying to do...
> >
> > See, the idea of returning multiple 127.0.0.X addressess within RBL is to
> > convey different information while using a single zone.
> >
> > In the beginning, the RBLs would just reply with 127.0.0.1 and use
> > different zones to imply different contexts...now you use a single zone
> > with different 127.0.0.X addresses to convey the same information.
> >
> > But...you don't actually do anything with that resolution beyond determine
> > if a given record is listed or not. You don't actually need to configure
> > or use the various 127.0.0.X addresses that might get returned.
> >
> > On the other hand, if you're using multiple rbldnsd instances, one per
> > zone... hile it's a pain you can indeed configured rbldns to serve
> > multiple zones. Or just bind the additional loopback instances
> 
> Precisely! Sorry I apparently wasn't clearer in the beginning.
> According to my conversations with the author of rbldnsd, rbldnsd was
> returning REFUSED to all my requests on my FBSD-7 server.
> Because it was unable to communicate on 127.0.0.2.

	If it returned REFUSED it could communicate.  REFUSED is a
	DNS rcode so the packet went to the server and a reply was
	returned.  This is a problem with a access control list in
	the rbldnsd configuration.  I can tell you that without
	ever having run rbldnsd.

> Even though it was bound to my
> internet routable IP, it still needed 127.0.0.2, because that was the
> IP associated with one of my zones (2 in all).
>	
> However, I had no difficulties using 2 zones on my recent RELENG_6
> server, (served out of 127.0.0.2, and 127.0.0.3).
> /This/ is why I felt there must be some difference between the 2
> releases (FBSD).
> Anyway, I didn't want to spam the list soliciting advice on setting
> up rbldnsd - I already know how to do that.  It just /appeared/ that
> there was some difference in the handling of lo0, and it's associated
> IP space. So, as I could find no info in src/UPDATING, or ports/UPDATING,
> nor the man pages. I thought I'd better ask here.
> 
> >
> >
> > BTW, /etc/netstart is a nice shortcut to avoid fatfingering an ifconfig.
> 
> Thanks. That's good to know. My first thought, is to probably just assign
> a different netmask to lo0, in an effort to get the additional IP's.
> Then see if everything works as well as it did on my RELENG_6 server.
> 
> Thanks again for your response. I think you really helped clear things
> up - though I still have no answer as to why there is a difference
> between the 2.
> 
> Oh, well.
> 
> Thank care.
> 
> --Chris H
> 
> >
> > Andy
> >
> > ---
> > Andy Dills
> > Xecunet, Inc.
> > www.xecu.net
> > 301-682-9972
> > ---
> > _______________________________________________
> > freebsd-stable at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> > To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
> >
> 
> 
> 
> -- 
> panic: kernel trap (ignored)
> 
> 
> 
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the freebsd-stable mailing list