Maintained by: NLnet Labs

[Unbound-users] Source address selection for replies

Wouter Wijngaards
Fri Jan 11 16:50:27 CET 2008

Hash: SHA1

Alexander Gall wrote:
| On Fri, 11 Jan 2008 15:39:03 +0100, Wouter Wijngaards
<wouter at> said:
| I think the new dual-stack socket API introduced for IPv6 should take
| care of all of this.  You should be able to do an anonymous (wildcard)
| bind on a single socket (IPv4 addresses will be represented as IPv6
| addresses in the "mapped" format).  The source address is available
| through ancillary data from the socket.  The beauty of it is that you
| don't have to worry about interfaces at all and you should pick up new
| interfaces automatically.
| Unfortunatley, some operating systems do not support this or require a
| global configuration or a socket option to fully use this mechanism.
| But I think it is the way to go on all systems that support it.

That is really nice, but the support may be hard. even the 'mapped' is
done wrong on some OSes I believe. Could be an option, but its hard to
enable by default, I'll look into it.

Best regards,
~   Wouter

Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora -