Cannot listen on an IPv6 local-link address
Hi, I have a niche use-case where my Knot DNS server needs to listen only on an IPv6 local-link address.
Configuring server.listen to [::@53] makes Knot bind to all IPv6 addresses, and the service is available on the local-link address among others.
root@505f70f0cc13:/config# ip -6 a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: wlp0s20f3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 65520 state UNKNOWN qlen 1000
inet6 2a01:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX/64 scope global nodad noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::d451:24ff:feab:e710/64 scope link
valid_lft forever preferred_lft forever
root@505f70f0cc13:/config# knotd -d
root@505f70f0cc13:/config# dig @fe80::d451:24ff:feab:e710%wlp0s20f3 toto
; <<>> DiG 9.18.28-1~deb12u2-Debian <<>> @fe80::d451:24ff:feab:e710%wlp0s20f3 toto
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 46757
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; EDE: 20 (Not Authoritative)
;; QUESTION SECTION:
;toto. IN AI tried configuring the listen option with various syntaxes:
fe80::d451:24ff:feab:e710@53fe80::d451:24ff:feab:e710%2@53fe80::d451:24ff:feab:e710%wlp0s20f3@53
None of these are successful:
root@505f70f0cc13:/config# knotd -vvvv
2024-08-27T12:23:03+0000 debug: module 'mod-authsignal', loaded static
2024-08-27T12:23:03+0000 debug: module 'mod-cookies', loaded static
2024-08-27T12:23:03+0000 debug: module 'mod-dnsproxy', loaded static
2024-08-27T12:23:03+0000 debug: module 'mod-dnstap', loaded static
2024-08-27T12:23:03+0000 debug: module 'mod-geoip', loaded static
2024-08-27T12:23:03+0000 debug: module 'mod-noudp', loaded static
2024-08-27T12:23:03+0000 debug: module 'mod-onlinesign', loaded static
2024-08-27T12:23:03+0000 debug: module 'mod-probe', loaded static
2024-08-27T12:23:03+0000 debug: module 'mod-queryacl', loaded static
2024-08-27T12:23:03+0000 debug: module 'mod-rrl', loaded static
2024-08-27T12:23:03+0000 debug: module 'mod-stats', loaded static
2024-08-27T12:23:03+0000 debug: module 'mod-synthrecord', loaded static
2024-08-27T12:23:03+0000 debug: module 'mod-whoami', loaded static
2024-08-27T12:23:03+0000 info: Knot DNS 3.3.9 starting
2024-08-27T12:23:03+0000 info: loaded configuration file '/config/knot.conf', mapsize 500 MiB
2024-08-27T12:23:03+0000 info: using UDP reuseport, incoming TCP Fast Open
2024-08-27T12:23:03+0000 info: binding to interface fe80::d451:24ff:feab:e710@53
2024-08-27T12:23:03+0000 error: cannot bind address fe80::d451:24ff:feab:e710@53 UDP (invalid parameter)
2024-08-27T12:23:03+0000 critical: failed to configure server
root@505f70f0cc13:/config# knotd -vvvv
2024-08-27T12:23:10+0000 debug: module 'mod-authsignal', loaded static
2024-08-27T12:23:10+0000 debug: module 'mod-cookies', loaded static
2024-08-27T12:23:10+0000 debug: module 'mod-dnsproxy', loaded static
2024-08-27T12:23:10+0000 debug: module 'mod-dnstap', loaded static
2024-08-27T12:23:10+0000 debug: module 'mod-geoip', loaded static
2024-08-27T12:23:10+0000 debug: module 'mod-noudp', loaded static
2024-08-27T12:23:10+0000 debug: module 'mod-onlinesign', loaded static
2024-08-27T12:23:10+0000 debug: module 'mod-probe', loaded static
2024-08-27T12:23:10+0000 debug: module 'mod-queryacl', loaded static
2024-08-27T12:23:10+0000 debug: module 'mod-rrl', loaded static
2024-08-27T12:23:10+0000 debug: module 'mod-stats', loaded static
2024-08-27T12:23:10+0000 debug: module 'mod-synthrecord', loaded static
2024-08-27T12:23:10+0000 debug: module 'mod-whoami', loaded static
2024-08-27T12:23:10+0000 error: config, file '/config/knot.conf', line 2, item 'listen', value 'fe80::d451:24ff:feab:e710%2@53' (invalid parameter)
2024-08-27T12:23:10+0000 critical: failed to load configuration file '/config/knot.conf' (invalid parameter)
root@505f70f0cc13:/config# knotd -vvvv
2024-08-27T12:23:27+0000 debug: module 'mod-authsignal', loaded static
2024-08-27T12:23:27+0000 debug: module 'mod-cookies', loaded static
2024-08-27T12:23:27+0000 debug: module 'mod-dnsproxy', loaded static
2024-08-27T12:23:27+0000 debug: module 'mod-dnstap', loaded static
2024-08-27T12:23:27+0000 debug: module 'mod-geoip', loaded static
2024-08-27T12:23:27+0000 debug: module 'mod-noudp', loaded static
2024-08-27T12:23:27+0000 debug: module 'mod-onlinesign', loaded static
2024-08-27T12:23:27+0000 debug: module 'mod-probe', loaded static
2024-08-27T12:23:27+0000 debug: module 'mod-queryacl', loaded static
2024-08-27T12:23:27+0000 debug: module 'mod-rrl', loaded static
2024-08-27T12:23:27+0000 debug: module 'mod-stats', loaded static
2024-08-27T12:23:27+0000 debug: module 'mod-synthrecord', loaded static
2024-08-27T12:23:27+0000 debug: module 'mod-whoami', loaded static
2024-08-27T12:23:27+0000 error: config, file '/config/knot.conf', line 2, item 'listen', value 'fe80::d451:24ff:feab:e710%wlp0s20f3@53' (invalid parameter)
2024-08-27T12:23:27+0000 critical: failed to load configuration file '/config/knot.conf' (invalid parameter)If there is a syntax that is working, I did not manage to find it in the documentation.
Is this a supported feature? I don't know how to classify this issue: a missing feature or a bug regarding the handling of IPv6 local-link addresses during parameter validation or simply an example missing in the documentation.
Anyway, I thought it would be a good thing to report it 
Thank you for your support, Cheers, Florian
