[Unbound-users] Source address selection for replies
Alexander Gall
gall at switch.ch
Fri Jan 11 15:22:02 UTC 2008
On Fri, 11 Jan 2008 15:44:02 +0100, Ralf Weber <unbound at fl1ger.de> said:
> On Jan 11, 2008, at 15:00 , Alexander Gall wrote:
>> With this setup, when unbound receives a query on the loopback
>> interface, it sends the reply with a source address of one of the
>> physical interfaces of the host. In other words, it appears that
>> unbound lets the kernel chose the source address, which is always
>> wrong in this case.
> On our anycast setup (Solaris) we are configuring the anycast
> adresses on the physical interfaces as aliases rather then the
> loopbacks and then the kernel puts the correct address in the
> answer packet.
That's a bit of a hack, though. You lose redundancy as well, when
that interface fails (an address on the loopback interface is
reachable through all interfaces).
> This however requires to configure an
> outgoing-interface, as querying with anycast IPs isn't a good
> idea.
Right.
--
Alex
More information about the Unbound-users
mailing list