[nsd-users] Wrong source IP for reply if 'ip-address' is not specified

Benno Overeinder benno at NLnetLabs.nl
Sat Dec 16 10:43:11 UTC 2017

Hi Paul and Anand,

On 14/12/2017 06:56, Paul Wouters wrote:
> On Wed, 13 Dec 2017, Anand Buddhdev wrote:
>> I know the questions will come, so let me try to anticipate them and
>> answer them. Someone might ask why this isn't necessary with BIND. This
>> is because BIND attempts to detect the capability of the OS it's running
>> on, and compensate for the cases where these advanced options are not
>> present. This may make it easier for an operator, but at the expense of
>> more code complexity. I really do prefer NSD's simpler approach.
> bind, powerdns, unbound and knot use these mechanisms. Someone should
> really just fix is for nsd as well.

Indeed, as Anand explained, it complicates the code and we consider(ed)
it as a nice to have feature, but not an operational necessity as the
operator can add the appropriate options in the NSD configuration file.

If the user community thinks differently, please speak up.

Best regards,

-- Benno

Benno J. Overeinder
NLnet Labs

