nsd-notify *from* specified IP?
Peter Hessler
phessler at theapt.org
Wed Sep 27 15:17:05 UTC 2006
On Wed, 27 Sep 2006 15:54:38 +0200
"dr. W.C.A. Wijngaards" <wouter at NLnetLabs.nl> wrote:
: -----BEGIN PGP SIGNED MESSAGE-----
: Hash: SHA1
:
: Thomas Huehn wrote:
: > Hi
: >
: > I'm running the nsd version in Debian stable (2.2.1). The machine
: > has four IPs bound to eth0, eth0:0, eth0:1 and eth0:2.
: >
: > nsd is bound to the second IP via the "-a" command line switch.
: >
: > But I couldn't find a switch for nsd-notify, so it is sending its
: > notify to the secondary from the fourth IP address.
: >
: > Can I change that behaviour somehow?
:
: No this feature does not exist.
:
: Please note that when you update the zone on the master - by providing
: an updated zone file to the master, then nsd itself will detect the
: change and send notifies to the secondary. However, to preempt your
: question, that notify send also uses the default from address that the
: system provides.
:
: NSD tries to avoid creeping featurism. So I am hesitant about new
: features such as this one.
Some secondaries are configured only to allow AXFRs from a specific
address, which Murphy says will be not the default. I think that while
it is creeping featurism, its something that has to be done.
'src: 127.0.0.1', in the zone definition sounds not terribly dumb. :)
--
If there is a possibility of several things going wrong, the one that
will cause the most damage will be the one to go wrong.
More information about the nsd-users
mailing list