Maintained by: NLnet Labs

[Unbound-users] interface-automatic: yes and default listen addresses

Wouter Wijngaards
Mon Oct 20 10:37:09 CEST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Paul,

The option overrides the interfaces specified by the user.  The socket
options that it is using need to use the ANY interface.   It even
detects newly added network interfaces real-time and services them.

Also, the socket options may require IPv6.  I am not sure to what
extent.  Because of that, it may not be such a nice default-option...

Really, it is mostly useful for anycast (load-balancing solutions).

Is what you need an new option that I would call;
set-interface-automatic-if-ANY-is-specified-as-interface ?

Best regards,
   Wouter

Paul Wouters wrote:
> Hi,
> 
> When not specifying an interface line, or when specifically specifying
> 127.0.0.1 and ::1, unbound should only bind to the localhost ip addresses.
> 
> This works fine, unless interface-automatic: yes is set. Then it suddenly
> starts to bind on ANY.
> 
> This is somewhat problematic when shipping good defaults for distributions,
> where you'd want to default on listening only only localhost, but you also
> want to support multiple interfaces (once configured by the user) to use
> the proper source IP on replies.
> 
> Paul
> _______________________________________________
> Unbound-users mailing list
> Unbound-users at unbound.net
> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkj8QzUACgkQkDLqNwOhpPhVJACgsPKB+CWTsousF6/WLv24IlpN
qmAAnj74orZg6bFEwBtZNnCkvPC1wLir
=a3RU
-----END PGP SIGNATURE-----