Maintained by: NLnet Labs

[Unbound-users] Failure using an address in unbound.conf

Hayward, Bruce
Thu Aug 19 16:24:19 CEST 2010


Just what the doctor order - one step closer - Thanks

Bruce

Bruce Hayward, MTS Allstream Inc., (c) 204-792-9174 (p) 204-958-1983 (e)
bruce.hayward at mtsallstream.com 


-----Original Message-----
From: unbound-users-bounces at NLnetLabs.nl
[mailto:unbound-users-bounces at NLnetLabs.nl] On Behalf Of W.C.A.
Wijngaards
Sent: August 19, 2010 1:59 AM
To: unbound-users at unbound.net
Subject: Re: [Unbound-users] Failure using an address in unbound.conf

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Bruce, Haw,

I do not know if this helps for you, but there is an interface option
specifically made for anycast;

interface-automatic: yes

That acts like '0.0.0.0' (and ::0) but uses (weird) socket options.
This makes it pick up new interfaces when they are created (without need
for config edits and restart) or deleted.  (This option is portable to
FreeBSD, Solaris, Linux, but probably won't work on other OSes).

Best regards,
   Wouter

On 08/19/2010 08:03 AM, Haw Loeung wrote:
> Hi Bruce,
> 
> On Thu, 19 Aug 2010 02:35:07 am Hayward, Bruce wrote:
> <snip>
>>
>> When removing the Virtual from the unbound.conf and using 0.0.0.0, it
>> works against the physical (but does not resolve against the
>> logical/virtuals)
>>
>> Ideas?
>>
> 
> I think we ran into this same problem a couple of years back when 
> switching from BIND to Unbound on our resolvers (also using anycast 
> addresses).
> 
> We fixed this by adding "interface" options. For example, one of our 
> servers has the following interface options defined:
> 
> interface: 127.0.0.1
> interface: 203.26.24.44
> interface: 203.12.160.35
> interface: 203.87.88.1
> 
> From memory, I think the reason why it fails to resolve against the 
> logical/virtuals is to do with it using the wrong source IP when 
> replying to the client.
> 
> Hope this helps.
> 
> 
> Regards,
> 
> Haw
> 
> 
> 
> 
> _______________________________________________
> Unbound-users mailing list
> Unbound-users at unbound.net
> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkxs1i4ACgkQkDLqNwOhpPhPqwCcD100CPbuxfsrdrNPPLhsIALq
9CYAoI57N4r/7KbxXAqx183lu28C6zl0
=zk8a
-----END PGP SIGNATURE-----
_______________________________________________
Unbound-users mailing list
Unbound-users at unbound.net
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users

 
 
Is it really necessary to print this email?
 
MTS ALLSTREAM INC. CONFIDENTIALITY WARNING: This email message is confidential and intended only for the named recipient(s).  If you are not the intended recipient, or an agent responsible for delivering it to the intended recipient, or if this message has been sent to you in error, you are hereby notified that any review, use, dissemination, distribution or copying of this message or its contents is strictly prohibited.   If you have received this message in error, please notify the sender immediately and delete the original message.  If there is an agreement attached with this message, such agreement will not be binding until it is signed by all parties named therein.