diff --git a/etc/systemd/system/socket.d/freebind.conf b/etc/systemd/system/socket.d/freebind.conf
new file mode 100644
index 00000000..12987374
--- /dev/null
+++ b/etc/systemd/system/socket.d/freebind.conf
@@ -0,0 +1,2 @@
+[Socket]
+FreeBind=true
diff --git a/etc/systemd/system/socket.d/upheld.conf b/etc/systemd/system/socket.d/upheld.conf
new file mode 100644
index 00000000..14be782c
--- /dev/null
+++ b/etc/systemd/system/socket.d/upheld.conf
@@ -0,0 +1,3 @@
+# https://github.com/systemd/systemd/issues/11553#issuecomment-1700933643
+[Install]
+UpheldBy=sockets.target
diff --git a/install b/install
index bda70b95..661f969a 100755
--- a/install
+++ b/install
@@ -174,7 +174,7 @@ if [ "$(id -u)" == "0" ]; then
 	mkdir -vp /etc/systemd/system/{ssh,sshd,oidentd}.socket.d/
 	# SECURITY WARNING!
 	cp -v etc/systemd/system/service.d/rngd-wanted.conf /etc/systemd/system/service.d/
-	cp -v etc/systemd/system/socket.d/dualstack-bind.conf /etc/systemd/system/socket.d/
+	cp -v etc/systemd/system/socket.d/{dualstack-bind,freebind,upheld}.conf /etc/systemd/system/socket.d/
 	# SECURITY WARNING!
 	cp -v etc/systemd/system/service.d/never-fail.conf /etc/systemd/system/ssh.service.d/
 	cp -v etc/systemd/system/service.d/never-fail.conf /etc/systemd/system/sshd.service.d/
@@ -187,9 +187,10 @@ if [ "$(id -u)" == "0" ]; then
 	cp -v etc/systemd/system/service.d/never-fail.conf /etc/systemd/system/unbound.service.d/
 	cp -v etc/systemd/system/service.d/never-fail.conf /etc/systemd/system/tor.service.d/
 	cp -v etc/systemd/system/service.d/never-fail.conf /etc/systemd/system/yggdrasil.service.d/
-	cp -v etc/systemd/system/socket.d/dualstack-bind.conf /etc/systemd/system/ssh.socket.d/
-	cp -v etc/systemd/system/socket.d/dualstack-bind.conf /etc/systemd/system/sshd.socket.d/
-	cp -v etc/systemd/system/socket.d/dualstack-bind.conf /etc/systemd/system/oidentd.socket.d/
+	#cp -v etc/systemd/system/socket.d/dualstack-bind.conf /etc/systemd/system/ssh.socket.d/
+	#cp -v etc/systemd/system/socket.d/dualstack-bind.conf /etc/systemd/system/sshd.socket.d/
+	#cp -v etc/systemd/system/socket.d/dualstack-bind.conf /etc/systemd/system/oidentd.socket.d/
+	rm -v /etc/systemd/system/*.socket.d/dualstack-bind.conf
 
 	if hash systemctl 2> /dev/null; then
 		systemctl daemon-reload