[Pdns-users] Problem with Multihomed pdns server...

Brad Knowles brad.knowles at skynet.be
Thu Apr 24 21:42:42 UTC 2003 

At 11:32 PM +0200 2003/04/24, bert hubert wrote:

>>  	Perhaps, but by doing this you lose track of which IP address a
>>  packet came in on, and therefore you're not able to generate your
>>  reply using the same one.
>
>  Nonsense. Please *read* the documentation.

	I have.  I've also read your own e-mails on this subject.  In 
Message-ID: <20030424210957.GB11088 at outpost.ds9a.nl>, dated  Thu, 24 
Apr 2003 23:09:57 +0200, you just said:

| local-address=...
|
|    Local IP address to which we bind. You can specify multiple addresses
| separated by commas or whitespace. It is highly advised to bind to specific
| interfaces and not use the default 'bind to any'. This causes big problems
| if you have multiple IP addresses. Unix does not provide a way of figuring
| out what IP address a packet was sent to when binding to any.
|
| http://doc.powerdns.com/all-settings.html

	Please re-read your last sentence.

>                                             PowerDNS binds to multiple
>  sockets if you specify multiple IP addresses. It does not bind to 'ANY'.

	Please re-read these sentences, and then re-re-read your last 
sentence from the quoted paragraph above.


	Contrariwise, BIND can bind to 'ANY', and still keep track of the 
IP address that an incoming query is sent to, and use that same IP 
address for the response.  Granted, it does this by periodically 
re-scanning all the interfaces on the box, and this may be difficult 
to do in a chroot() or jail() environment, but this is a trade-off -- 
BIND went one way, and you went another.  Neither you nor BIND are 
necessarily "right" or "wrong" in this matter, just different.

	Nevertheless, that difference can put you at a disadvantage in 
some circumstances.

-- 
Brad Knowles, <brad.knowles at skynet.be>

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
     -Benjamin Franklin, Historical Review of Pennsylvania.

GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)

More information about the Pdns-users mailing list