[nsd-users] Question about response source address and dynamic interfaces

Marco Díaz mdiaz at nic.cl
Tue Oct 9 13:53:05 CEST 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You can put the service IP on a loopback interface, so even if the
host is "sleeping", nsd can bind that IP trough the loopback in a
local scope.

Regards.

On 10/09/2012 06:57 AM, Gavin Brown wrote:
> I was never able to resolve this issue, but Bert Hubert recently
> posted on a related topic. If NSD did what PowerDNS now does, this
> would resolve my problem!
> 
> On binding datagram (UDP) sockets to the ANY addresses:
> 
> http://bert-hubert.blogspot.co.uk/2012/10/on-binding-datagram-udp-sockets-to-any.html
>
> 
> 
> On 16/08/2012 15:39, Gavin Brown wrote:
>> Hi there,
>> 
>> I have a FreeBSD box (hostA) running NSD. It has a management
>> address (10.0.0.2) and a service address (10.0.0.3). It is part
>> of a clustered pair with a Linux machine (hostB) that has a
>> management address (10.0.0.4) and a service address (10.0.0.5).
>> DNS queries are sent to the two service addresses. Heartbeat is
>> used to co-ordinate the pairs: if hostB goes offline, then the
>> service address (10.0.0.5) is brought up on hostA so that it can
>> answer queries, and vice versa.
>> 
>> The problem is this: without an ip-address entry in nsd.conf,
>> responses are sent from the management address (10.0.0.2) since
>> that is the "primary" interface of the host. I can fix this
>> during normal operations by adding an ip-address entry for
>> 10.0.0.3.
>> 
>> However, during failover, queries sent to 10.0.0.5 will be
>> answered with the wrong source address. Again, I could fix this
>> using an ip-address entry.
>> 
>> But - when the machine boots, this IP address isn't assigned to
>> hostA, so if it appears in nsd.conf, NSD will refuse to start.
>> BIND (which I'm using on hostB) doesn't have this problem.
>> 
>> Has anyone else solved this problem? Or do I need to write
>> scripts to munge nsd.conf and restart it during
>> failover/failback?
>> 
>> Thanks,
>> 
> 


- -- 
Marco A. Díaz Soto
DNS Admin NIC Chile                            mdiaz [@] nic [.] cl
Miraflores 222 piso 14, Santiago CHILE                +56 2 9407753
Codigo Postal: 832-0198                           http://www.nic.cl
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAlB0EB4ACgkQjQGanvLo3rSR9QCgwCOGHGMP4ER6T2jni16E+gM4
WFIAoJ9uuqhyT+4RWp9InaHZ1Idjyy/E
=xR/p
-----END PGP SIGNATURE-----


More information about the nsd-users mailing list