[nsd-users] Question about response source address and dynamic interfaces
mdiaz at nic.cl
Tue Oct 9 13:53:05 CEST 2012
-----BEGIN PGP SIGNED MESSAGE-----
You can put the service IP on a loopback interface, so even if the
host is "sleeping", nsd can bind that IP trough the loopback in a
On 10/09/2012 06:57 AM, Gavin Brown wrote:
> I was never able to resolve this issue, but Bert Hubert recently
> posted on a related topic. If NSD did what PowerDNS now does, this
> would resolve my problem!
> On binding datagram (UDP) sockets to the ANY addresses:
> On 16/08/2012 15:39, Gavin Brown wrote:
>> Hi there,
>> I have a FreeBSD box (hostA) running NSD. It has a management
>> address (10.0.0.2) and a service address (10.0.0.3). It is part
>> of a clustered pair with a Linux machine (hostB) that has a
>> management address (10.0.0.4) and a service address (10.0.0.5).
>> DNS queries are sent to the two service addresses. Heartbeat is
>> used to co-ordinate the pairs: if hostB goes offline, then the
>> service address (10.0.0.5) is brought up on hostA so that it can
>> answer queries, and vice versa.
>> The problem is this: without an ip-address entry in nsd.conf,
>> responses are sent from the management address (10.0.0.2) since
>> that is the "primary" interface of the host. I can fix this
>> during normal operations by adding an ip-address entry for
>> However, during failover, queries sent to 10.0.0.5 will be
>> answered with the wrong source address. Again, I could fix this
>> using an ip-address entry.
>> But - when the machine boots, this IP address isn't assigned to
>> hostA, so if it appears in nsd.conf, NSD will refuse to start.
>> BIND (which I'm using on hostB) doesn't have this problem.
>> Has anyone else solved this problem? Or do I need to write
>> scripts to munge nsd.conf and restart it during
Marco A. Díaz Soto
DNS Admin NIC Chile mdiaz [@] nic [.] cl
Miraflores 222 piso 14, Santiago CHILE +56 2 9407753
Codigo Postal: 832-0198 http://www.nic.cl
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the nsd-users