Configure BIND DNS Server to Listen Only On Certain IP Address or Network Interface

Author: Vivek Gite Last updated: May 7, 2015 6 comments

I want to to configure named ( BIND DNS Sever daemon ) to listens only on eth1 interface which has an IP address 202.54.1.2. How do I configure my named BIND DNS name server to listen only on certain network interface or IP address on a Linux or Unix-like systems?

[donotprint]

Tutorial details
Difficulty	Easy (rss)
Root privileges	Yes
Requirements	Bind 9.x+
Time	1m

[/donotprint]The listen-on option specifies IPv4 address to listen on. There is no interface specific option but IP is assigned to specific interface, so by specific IP you can force BIND to listen on certain IP or network interface.

Bind listen-on syntax

IPv4 specific syntax is as follows to listen on 202.54.1.2; IP address. Edit named.conf (typically /etc/bind/named.conf)

listen-on { 202.54.1.2; };

To listen on all interfaces and IP (default)

listen-on { any; };

IPv6 option is as follows:

 listen-on-v6 { any; };
 listen-on-v6 { ipv-6-address; };

Here is sample configuration snapshot from named.conf file:

options
{
        //listen-on-v6 { any; };
        listen-on { 202.54.1.2; };
        directory "/var/named"; // the default
        dump-file               "data/cache_dump.db";
        statistics-file         "data/named_stats.txt";
        memstatistics-file      "data/named_mem_stats.txt";
        dnssec-enable yes;
        recursion no;
        allow-notify { 202.54.1.3; 202.54.1.4; };
        version "go away";
};

Finally don’t forget to restart the bind server on a CentOS/RHEL 7.x:
# systemctl restart named
OR chrooted named on a CentOS/RHEL 7.x:
# systemctl restart named-chroot
Or use the following syntax on a CentOS/RHEL 6.x or older:
# service bind restart
Or use the following syntax on a Ubuntu/Debian Linux server:
# service bind9 restart
OR
# /etc/init.d/bind9 restart

🐧 Please support my work on Patreon or with a donation.
🐧 Get the latest tutorials on Linux, Open Source & DevOps via:

RSS feed or Weekly email newsletter
Share on Twitter • Facebook • 6 comments... add one ↓

Related Tutorials

Category	List of Unix and Linux commands
File Management	cat
Firewall	Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04
Network Utilities	dig • host • ip • nmap
OpenVPN	CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04
Package Manager	apk • apt
Processes Management	bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time
Searching	grep • whereis • which
User Information	groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w
WireGuard VPN	Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04

6 comments… add one

atmaraam Dec 5, 2009 @ 11:59

Hi,
i have static ip address 123.50178.82 and domain mailswithus.com i want to configure a dns for my mail server with spf and mx record how i have to configure dns and mail server ?

Reply Link
Reynold P J Aug 11, 2010 @ 13:13

Thanks very helpful…..

Reply Link
Robert Poehler Jun 1, 2011 @ 18:39

Thank you for your article. Bind was only listen to 127.0.0.1 and now it’s listening on all interfaces.

Reply Link
Anand Oct 5, 2013 @ 12:41

Thank you so much.
I am amazed that even these 5-6 year old posts are helping us in 2013.

Reply Link
- Andy Apr 5, 2015 @ 2:00
  
  Still valid in 2015 :D
  
  Reply Link
  - Ryan May 6, 2015 @ 18:16
    
    Bump
    
    Reply Link

Use HTML <pre>...</pre> for code samples. Problem posting comment? Email me @ webmaster@cyberciti.biz

Configure BIND DNS Server to Listen Only On Certain IP Address or Network Interface

Bind listen-on syntax

🔎 Search this site

FEATURED ARTICLES

Sign up for my newsletter