My access controls using default ACL localhost don't do quite what I expect.
  • 15 Oct 2018
  • 1 Minute to read
  • Contributors
  • Dark
    Light
  • PDF

My access controls using default ACL localhost don't do quite what I expect.

  • Dark
    Light
  • PDF

Article summary

The built-in BIND Access Control List (ACL) localhost matches the IPv4 and IPv6 addresses of all network interfaces on the system - it doesn't mean 127.0.0.1 only.

The ACL localnets matches any host on an IPv4 or IPv6 network for which the system on which named is running has an interface.

(See the BIND Administrator Reference Manual for details of other built-in ACLs).