On Sun, Sep 19, 2010 at 02:37:21PM -0400, Mark Kamichoff
wrote:> I just noticed (well, via a discussion in #ipv6 on freenode) that the
> default configure arguments for BIND9 on 8.1 include
'--disable-ipv6'.
>
> % grep CONFIGARGS /usr/src/usr.sbin/named/Makefile
> CONFIGARGS='--prefix=/usr' '--infodir=/usr/share/info'
> '--mandir=/usr/share/man' '--enable-threads'
'--disable-ipv6'
> '--enable-getifaddrs' '--disable-linux-caps'
'--with-openssl=/usr'
> '--with-randomdev=/dev/random'
>
> This results in BIND9 not listening on IPv6 sockets, even if the
> listen-on-v6 directive is explicitly configured in the configuration
> file. Even worse, and why I didn't pick up on it until now, is that no
> warnings or errors are emitted about this during startup, although I
> suppose that is more of a BIND problem than a FreeBSD one. Strangely
> enough, the control socket still listens on ::1 in addition to
> 127.0.0.1.
>
> Does anyone know why this was done, or if there's any harm in
reenabling
> it and rebuilding?
Well, you can safely ignore this! I realized afterwards that
'--disable-ipv6' just disables the default use of IPv6 in BIND, it
doesn't completely disable the protocol. Turns out I was querying the
wrong address with DIG when testing this, too. listen-on-v6 certainly
works as expected, and enables IPv6 like it should.
Although, that still does beg the question, why don't we want IPv6
enabled by default on new BIND installations?
- Mark
--
Mark Kamichoff
prox@prolixium.com
http://www.prolixium.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
Url :
http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20100919/62e7f73b/attachment.pgp