Listen explicitly on exact addresses without checking their presence
Description
Listen explicitly on exact addresses without checking their presence
Request
Currently, listening on addresses listen in options are handled in interfacemgr. Because of the way it is used, it requires working enumeration of existing addresses to listen on them.
There are some cases when enumerating would not work, but binding for listening would anyway. For example, Linux kernel allows listening on address 127.0.0.2 without configuration of anything special. Just have 127.0.0.1/8 network configured on lo interface.
options {
listen-on { 127.0.0.2; };
};
Above configuration would not work. Also, some special quirks useful for testing cannot work, unless they provide also interface enumeration abstraction. This breaks socker_wrapper. Similar requirement is also for deckard.
My request is to allow explicit IPv4 and IPv6 address to listen and bind without requirement to find it in interface list. It iterates over interfaces now and applies dns_acl_match to each interface address. It seems it is hard to extract exact address in ACL list in easy way. Either API for examination of ACL networks or additional list for addresses would be required.
I would like listening for UDP queries would try listening on address (no network range, but single unicast address). It it fails, retry on interface scan. But if it succeeds, allow listeners on it.
It is interesting control channel can listen quite nice this way on (alternative) localhost.
controls {
inet 127.0.0.2 port 2953
allow { 127.0.0.2; } keys { "rndc-key"; };
};
# test-named.conf
include "/etc/rndc.key";
options {
listen-on port 2053 { 127.0.0.2; };
};
statistics-channels {
inet 127.0.0.3 port 8080 allow { localhost; };
};
controls {
inet 127.0.0.4 port 2953
allow { localhost; } keys { "rndc-key"; };
};
named running this configuration listens only on control and statistics channel.
$ ss -lntp | grep named
LISTEN 0 4096 127.0.0.4:2953 0.0.0.0:* users:(("named",pid=1290435,fd=37))
LISTEN 0 4096 127.0.0.3:8080 0.0.0.0:* users:(("named",pid=1290435,fd=36))