nsd-notify *from* specified IP?

Peter Hessler phessler at theapt.org
Wed Sep 27 15:17:05 UTC 2006


On Wed, 27 Sep 2006 15:54:38 +0200
"dr. W.C.A. Wijngaards" <wouter at NLnetLabs.nl> wrote:

: -----BEGIN PGP SIGNED MESSAGE-----
: Hash: SHA1
: 
: Thomas Huehn wrote:
: > Hi
: > 
: > I'm running the nsd version in Debian stable (2.2.1). The machine
: > has four IPs bound to eth0, eth0:0, eth0:1 and eth0:2.
: > 
: > nsd is bound to the second IP via the "-a" command line switch.
: > 
: > But I couldn't find a switch for nsd-notify, so it is sending its
: > notify to the secondary from the fourth IP address.
: > 
: > Can I change that behaviour somehow?
: 
: No this feature does not exist.
: 
: Please note that when you update the zone on the master - by providing
: an updated zone file to the master, then nsd itself will detect the
: change and send notifies to the secondary. However, to preempt your
: question, that notify send also uses the default from address that the
: system provides.
: 
: NSD tries to avoid creeping featurism. So I am hesitant about new
: features such as this one.

Some secondaries are configured only to allow AXFRs from a specific
address, which Murphy says will be not the default.  I think that while
it is creeping featurism, its something that has to be done.

'src: 127.0.0.1', in the zone definition sounds not terribly dumb. :)



-- 
If there is a possibility of several things going wrong, the one that
will cause the most damage will be the one to go wrong.



More information about the nsd-users mailing list