Outgoing-interface: in nsd.conf

Antti_Ristimäki · July 22, 2009, 4:20pm

Hi,

I'm just wondering how the outgoing-interface: statement should work in NSD configuration. According to the man pages, it should work in an access control list style.

I can make it work as long as I set a single IP address to the statement. However, if I use a subnet address it doesn't work. In the log I have a following line:

xfrd: could not bind source address:port to socket: Cannot assign requested address

In the config, I have set "outgoing-interface: 10.10.10.0/24" and one of the IP addresses on the server interface is 10.10.10.84. The ability to use a subnet address instead of individual address would be very important, because we are generating the configuration automatically and it should be applicable to both of our servers.

Regards,

Antti

Matthijs_Mekking · July 23, 2009, 12:14pm

Hi Antti,

It seems to work here fine. Could you try it again with checking enabled?

./configure --enable-checking
make (&& make install)
nsd -L 2 -F 0xffff -c <your nsd.conf>

dig @<your nameserver> axfr <your zone>

It will provide more information about why NSD could not bind to the
local subnet. Also, you could add verbosity: 2 (or higher) in your
nsd.conf for more information.

You can send the debug logs off-list.

Best regards,

Matthijs Mekking
NLnet Labs

Antti Ristimäki wrote: