Configure BIND DNS Server to Listen Only On Certain IP Address or Network Interface

I want to to configure named ( BIND DNS Sever daemon ) to listens only on eth1 interface which has an IP address 202.54.1.2. How do I configure my named BIND DNS name server to listen only on certain network interface or IP address on a Linux or Unix-like systems?

[donotprint]
Tutorial details
Difficulty Easy (rss)
Root privileges Yes
Requirements Bind 9.x+
Time 1m
[/donotprint]The listen-on option specifies IPv4 address to listen on. There is no interface specific option but IP is assigned to specific interface, so by specific IP you can force BIND to listen on certain IP or network interface.

ADVERTISEMENTS

Bind listen-on syntax

IPv4 specific syntax is as follows to listen on 202.54.1.2; IP address. Edit named.conf (typically /etc/bind/named.conf)

listen-on { 202.54.1.2; };

To listen on all interfaces and IP (default)

listen-on { any; };

IPv6 option is as follows:

 listen-on-v6 { any; };
 listen-on-v6 { ipv-6-address; };

Here is sample configuration snapshot from named.conf file:

options
{
        //listen-on-v6 { any; };
        listen-on { 202.54.1.2; };
        directory "/var/named"; // the default
        dump-file               "data/cache_dump.db";
        statistics-file         "data/named_stats.txt";
        memstatistics-file      "data/named_mem_stats.txt";
        dnssec-enable yes;
        recursion no;
        allow-notify { 202.54.1.3; 202.54.1.4; };
        version "go away";
};

Finally don’t forget to restart the bind server on a CentOS/RHEL 7.x:
# systemctl restart named
OR chrooted named on a CentOS/RHEL 7.x:
# systemctl restart named-chroot
Or use the following syntax on a CentOS/RHEL 6.x or older:
# service bind restart
Or use the following syntax on a Ubuntu/Debian Linux server:
# service bind9 restart
OR
# /etc/init.d/bind9 restart

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
CategoryList of Unix and Linux commands
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04

ADVERTISEMENTS
6 comments… add one
  • atmaraam Dec 5, 2009 @ 11:59

    Hi,
    i have static ip address 123.50178.82 and domain mailswithus.com i want to configure a dns for my mail server with spf and mx record how i have to configure dns and mail server ?

  • Reynold P J Aug 11, 2010 @ 13:13

    Thanks very helpful…..

  • Robert Poehler Jun 1, 2011 @ 18:39

    Thank you for your article. Bind was only listen to 127.0.0.1 and now it’s listening on all interfaces.

  • Anand Oct 5, 2013 @ 12:41

    Thank you so much.
    I am amazed that even these 5-6 year old posts are helping us in 2013.

    • Andy Apr 5, 2015 @ 2:00

      Still valid in 2015 :D

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.