Maintained by: NLnet Labs

[Unbound-users] ip-transparent patch

Sten Spans
Tue Feb 10 13:56:09 CET 2015


On Tue, 10 Feb 2015, Jarno Huuskonen wrote:

> Hi,
>
> On Tue, Feb 10, Sten Spans <sten at blinkenlights.nl> wrote:
>> I'm trying to use unbound in combination with vrrp/keepalived.
>> The use of floating ips, would require an unbound restart every
>> time an ip moves from one host to another.
>
> Have you tried using: interface-automatic: yes
> (So something like:
>        interface: 0.0.0.0
>        interface: ::0
>        interface-automatic: yes
> in unbound.conf).
>
> We've used this with keepalived/unbound and it has worked for us.
> (No need to restart unbound after ip address failover).

As reported in my earlier mail, this doesn't work if you have
other daemons (like NSD) using port 53 on the same box.

I know there are workarounds to achieve the same result,
but I would actually prefer a fix to unbound which removes the need
for workarounds. It's not like this is an overly complicated patch.

This probably should be an optional feature, but listen_dnsports.c
passes options via function arguments so doing this would make the patch
a lot bigger and obscure the core requested feature.

-- 
Sten Spans

"There is a crack in everything, that's how the light gets in."
Leonard Cohen - Anthem