Hi,
I'm looking at a bug report with nsd. This is a machine with two interfaces
configured within the same subnet. nsd is configured with ip-address: to one
of them. When nsd responds to a NOTIFY, it seems to be using ANY instead of
the ip-address: configured. This causes the client to need to add this second
ip to their ACL lists.
I'm looking at the code, but the code path for this is non-trivial. So no patch
from me yet.
Paul
Hi Paul,
Is this about a need for this option?
zone:
# set local interface for sending notifies and zone transfers
outgoing-interface: 10.0.0.10
Best regards,
Wouter
Ahh. I guess that would do what I want.
Though why isn't the default behaviour not to use the same IP address
as the ip-address: option where it listens on? Or is this related to
the automatic interface option?
I guess I can specify this for each zone, though it is a bit overkill.
Thanks,
Paul
Hello!
I also see this as "overkill". Within our setup we run 2 instances of
nsd - one for internal and one for external view of our zones. Within
each config (2* slave, and 2* master-configs) we need to configure the
outgoing-interface per zone with the same used in the global setting as
ip-interface.
What i expected while configuring was that the same ip for
incoming/outgoing would be used -while only having one ip for incoming.
My next try was to setup the outgoing-interface in the global config,
ended up in adding it to each zone setup.
I would expect:
1. if outgoing-interface is within zone-section - use this ip
2. if outgoing-interface is within server-section - use this ip
3. if ip-address is uniq - take this ip
4. use current logic
New would be 2 and 3. Maybe this can be added within one of the next
versions of nsd.
Regards
Alex