[nsd-users] make ip-transparent option work on OpenBSD

W.C.A. Wijngaards wouter at nlnetlabs.nl
Thu Nov 2 08:48:46 UTC 2017 

Hi Florian,

Thanks for the patch! I have applied it to the source code.

Best regards, Wouter

On 01/11/17 14:41, Florian Obser wrote:
> OpenBSD supports SO_BINDANY socket option from BSD/OS since 2008.
> 
> The same diff was sent to OpenBSD in 2016 by Delan Azabani but I was
> not aware and basically came up with the same one.
> 
> ( https://marc.info/?l=openbsd-tech&m=147747266305927&w=2 )
> 
> As far as I know it had not been submitted to nsd.
> 
> Thanks,
> Florian
> 
> Index: server.c
> ===================================================================
> --- server.c	(revision 4787)
> +++ server.c	(working copy)
> @@ -561,7 +561,7 @@
>  {
>  	struct addrinfo* addr;
>  	size_t i;
> -#if defined(SO_REUSEPORT) || defined(SO_REUSEADDR) || (defined(INET6) && (defined(IPV6_V6ONLY) || defined(IPV6_USE_MIN_MTU) || defined(IPV6_MTU) || defined(IP_TRANSPARENT)) || defined(IP_FREEBIND))
> +#if defined(SO_REUSEPORT) || defined(SO_REUSEADDR) || (defined(INET6) && (defined(IPV6_V6ONLY) || defined(IPV6_USE_MIN_MTU) || defined(IPV6_MTU) || defined(IP_TRANSPARENT)) || defined(IP_FREEBIND) || defined(SO_BINDANY))
>  	int on = 1;
>  #endif
>  
> @@ -751,6 +751,12 @@
>  					strerror(errno));
>  			}
>  #endif /* IP_TRANSPARENT */
> +#ifdef SO_BINDANY
> +			if (setsockopt(nsd->udp[i].s, SOL_SOCKET, SO_BINDANY, &on, sizeof(on)) < 0) {
> +				log_msg(LOG_ERR, "setsockopt(...,SO_BINDANY, ...) failed for udp: %s",
> +					strerror(errno));
> +			}
> +#endif /* SO_BINDANY */
>  		}
>  
>  		if (bind(nsd->udp[i].s, (struct sockaddr *) addr->ai_addr, addr->ai_addrlen) != 0) {
> @@ -881,6 +887,12 @@
>  					strerror(errno));
>  			}
>  #endif /* IP_TRANSPARENT */
> +#ifdef SO_BINDANY
> +			if (setsockopt(nsd->tcp[i].s, SOL_SOCKET, SO_BINDANY, &on, sizeof(on)) < 0) {
> +				log_msg(LOG_ERR, "setsockopt(...,SO_BINDANY, ...) failed for tcp: %s",
> +					strerror(errno));
> +			}
> +#endif /* SO_BINDANY */
>  		}
>  
>  		if (bind(nsd->tcp[i].s, (struct sockaddr *) addr->ai_addr, addr->ai_addrlen) != 0) {
> 
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20171102/4c0fcc32/attachment.bin>

More information about the nsd-users mailing list