Maintained by: NLnet Labs

[Unbound-users] per-forwarder source address?

Phil Mayers
Wed May 2 11:12:21 CEST 2012


On 05/02/2012 07:05 AM, Michael Tokarev wrote:
> On 02.05.2012 09:29, Andreas Schulze wrote:
>> Am 01.05.2012 10:15 schrieb Michael Tokarev:
>>> Any comments on this?  I can try to implement it
>>> but I've no idea if this is considered useful at
>>> all.  To me it is - obviously - useful ;)
>> I use unbound since years in may strange setups.
>> But never noticed wrong souce addresses as a problem.
>> That's a point I always rely on the selection algorithm implemented in the os.
>> (but it's always linux in my case ...)
>>
>> so -1, sorry
>> Andreas
>
> So please tell me how to implement the setup I described using
> linux routing, without resorting to policy routing.

You shouldn't *need* policy routing unless you have a very unusual 
configuration.

For example, if you have:

eth0 192.168.1.2/24
route 192.168.0.0/16 via eth0
eth1 192.0.2.1
route default via eth1

...then, when sending packets to anything in 192.168.0.0/16, the Linux 
kernel should pick 192.168.0.0/16 as the source address IF the socket is 
bound to the wildcard address (if it isn't, no amount of fiddling will 
fix this).

Is this not what you are seeing? Or do you have a different configuration?

Can you share the output of "ip addr" and "ip route"?