[nsd-users] Fwd: Re: nsd can't bind udp socket: Address already in use
zongosaiba at gmail.com
Wed Jul 10 18:09:30 UTC 2013
My apologies :)
-------- Original Message --------
Subject: Re: [nsd-users] nsd can't bind udp socket: Address already in use
Date: Wed, 10 Jul 2013 19:33:20 +0200
From: Rick van Rein (OpenFortress) <rick at openfortress.nl>
To: zongo saiba <zongosaiba at gmail.com>
you only sent this to me…
On Jul 10, 2013, at 7:04 PM, zongo saiba <zongosaiba at gmail.com> wrote:
> On 10/07/2013 18:42, Rick van Rein (OpenFortress) wrote:
>>> The same file suggests:
>>> # The Dynamic and/or Private Ports are those from 49152 through 65535
>>> so pick one in that range to be on the safe side.
>> Hmm, these are the so-called ephemeral ports, which are automatically assigned, pretty much at random, if you don't bind to a local port before you make an outbound connection. It's a bit strange to be picking a port in that range for a server process. I would go for the range up to 49152 since those are fixated. You'd have to accept that 5353 has been taken, but at least any problems claiming a port are always the same and not something you would resolve with trying again or rebooting. Let's not turn UNIX into Windows, shall we? ;-)
>> nsd-users mailing list
>> nsd-users at NLnetLabs.nl
> Thank you guys for all your reply.
> Unbound and NSD working beautifully. NSD being the authoritative on 127.0.0.1
> NSD is running on port 49152 with queries forwarded to that port from unbound on 127.0.0.1 at 49152.
> When i reload unbound --> i still get 'error: could not open autotrust file for writing, /usr/local/etc/unbound/root.key.705-0: Permission denied'
> When i run 'unbound-anchor -a /root.key' i get no complaining
> When i run ' +dnssec @127.0.0.1 ukuug.jpmens.org txt' i get the 'ad' flag. DNSSEC is validating with correct RRSIG.
> I know Rick answered me once already on this: But the fact that i validate DNSSEC with known good RRSIG would that mean its safe to ignore ? I think I did not quite get the meaning of the answer from Rick. My apologies for that :)
> I am also getting this message quite often
> '10/07/2013 19:01:56.530 unbound: *** process 705 exceeded 500 log message per second limit - remaining messages this second discarded ***'
> If any one would be so kind to shade some light on that error message, that would be wonderful :)
> Kind Regards,
> zongo saiba
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the nsd-users