This is a discussion on Re: DNS timeout problem - SpamAssassin ; Tony Houghton wrote: > Bob Proulx wrote: > > Check /etc/resolv.conf for nameserver entries and modify or > > change the file as needed to say 'nameserver 0.0.0.0' (okay to use > > 'nameserver 127.0.0.1' with modern software too). See ...
Tony Houghton wrote:
> Bob Proulx wrote:
> > Check /etc/resolv.conf for nameserver entries and modify or
> > change the file as needed to say 'nameserver 0.0.0.0' (okay to use
> > 'nameserver 127.0.0.1' with modern software too). See the wiki page
> > for general information.
> I hadn't heard of 0.0.0.0 being used instead of 127.0.0.1. Is that
> specific to resolv.conf?
The 0.0.0.0 address is interpreted by most TCP/IP OS implementations
to mean the local host and will do the right thing. It can mostly be
used interchangeably with 127.0.0.1 or any 127/8 address.
The reason it became useful with the nameserver directive was that
there was a bug in some Berkeley derived TCP/IP implementations that
BIND would tickle. The resolver's connected datagram socket wouldn't
rebind to a new local address and would "drag along" the previous
127.0.0.1 source address when switching to a new connection to the
remote host. If the local name server was down the libc resolver
would cycle to the next listed nameserver but end up sending a query
with the bug of using the previous 127.0.0.1 address as the source
address instead of the external IP address. In that case the remote
nameserver would send a response back to themselves on the 127.0.0.1
address. Using 0.0.0.0 as the nameserver address avoided this bug
when it was present on systems and also worked correctly on systems
without the bug. Since it always worked everywhere the use of 0.0.0.0
was very common.
This bug has probably been fixed for years now and so is unlikely to
matter these days. But 0.0.0.0 always works and so why not use it?