[nsd-users] Question about response source address and dynamic interfaces
Marco Díaz
mdiaz at nic.cl
Tue Oct 9 11:53:05 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
You can put the service IP on a loopback interface, so even if the
host is "sleeping", nsd can bind that IP trough the loopback in a
local scope.
Regards.
On 10/09/2012 06:57 AM, Gavin Brown wrote:
> I was never able to resolve this issue, but Bert Hubert recently
> posted on a related topic. If NSD did what PowerDNS now does, this
> would resolve my problem!
>
> On binding datagram (UDP) sockets to the ANY addresses:
>
> http://bert-hubert.blogspot.co.uk/2012/10/on-binding-datagram-udp-sockets-to-any.html
>
>
>
> On 16/08/2012 15:39, Gavin Brown wrote:
>> Hi there,
>>
>> I have a FreeBSD box (hostA) running NSD. It has a management
>> address (10.0.0.2) and a service address (10.0.0.3). It is part
>> of a clustered pair with a Linux machine (hostB) that has a
>> management address (10.0.0.4) and a service address (10.0.0.5).
>> DNS queries are sent to the two service addresses. Heartbeat is
>> used to co-ordinate the pairs: if hostB goes offline, then the
>> service address (10.0.0.5) is brought up on hostA so that it can
>> answer queries, and vice versa.
>>
>> The problem is this: without an ip-address entry in nsd.conf,
>> responses are sent from the management address (10.0.0.2) since
>> that is the "primary" interface of the host. I can fix this
>> during normal operations by adding an ip-address entry for
>> 10.0.0.3.
>>
>> However, during failover, queries sent to 10.0.0.5 will be
>> answered with the wrong source address. Again, I could fix this
>> using an ip-address entry.
>>
>> But - when the machine boots, this IP address isn't assigned to
>> hostA, so if it appears in nsd.conf, NSD will refuse to start.
>> BIND (which I'm using on hostB) doesn't have this problem.
>>
>> Has anyone else solved this problem? Or do I need to write
>> scripts to munge nsd.conf and restart it during
>> failover/failback?
>>
>> Thanks,
>>
>
- --
Marco A. Díaz Soto
DNS Admin NIC Chile mdiaz [@] nic [.] cl
Miraflores 222 piso 14, Santiago CHILE +56 2 9407753
Codigo Postal: 832-0198 http://www.nic.cl
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlB0EB4ACgkQjQGanvLo3rSR9QCgwCOGHGMP4ER6T2jni16E+gM4
WFIAoJ9uuqhyT+4RWp9InaHZ1Idjyy/E
=xR/p
-----END PGP SIGNATURE-----
More information about the nsd-users
mailing list