This is a discussion on Re: help with notify-source - DNS ; > hi Barry, > yes I did check logs... I even turned on debug logging at level 50... no erro > rs on startup... no errors at times when NOTIFYs were going out on the wrong > IP address (in ...
> hi Barry,
> yes I did check logs... I even turned on debug logging at level 50... no erro
> rs on startup... no errors at times when NOTIFYs were going out on the wrong
> IP address (in other words not the IP configured in notify-source). And yes,
> I am 100% sure I was editing the named.conf that named was using... I just ch
> ecked now, and there is no other named.conf, no chroot directory, etc...
How do you know they were going out on the wrong address?
> Again, perhaps the issue with BIND and IP's assigned to ethernet alias. BIND
> kept going to eth1 first, then rotating around all my other IPs on the eth0:[
> 0-3] .... totally ignoring my notify-source. I did post my named.conf... was
> how I used notify-source ok?
No you posted a modified version of named.conf which changed
the IP addresses in question.
If you fail to specify a notify source most kernels use the
first address on the interface unless the destination address
causes the kernel to choose a different address usually
because the destination address and a virtual address are
on the same network.
All notify-source does is cause named to bind(2) the socket
to the specified address. If that fails to get the right
address on the outgoing packet then you have a kernel bug
in the IP stack. Named uses bind(2) to ensure that responses
to queries also originate from the correct IP address.
If bind(2) is failing then responses to queries to the virtual
address would also fail.
> > hi Mark,
> > Oh I did restart named for sure - several times. Not just reload, but
> > restart. And I definitely used addresses
> > copied from ifconfig, so that wasn't the issue either (just to make sure I
> > didn't typo).
> > named-checkconf reported no errors. I also scoured iptables for some
> > blocking condition
> > that could cause BIND to mess up. Nothing appeared out of order.
> > The only thing I can think of, if it is a BIND bug, is that the IP I used f
> > notify-source was
> > an IP assigned to an ethernet alias (RHEL5).
> > In any case, I wouldn't bet that there isn't some other misconfiguration of
> > mine that is causing this
> > but it sure isn't obvious.
> Are you absolutely sure that the config file you were editing is the one
> that named is using? There have been many occasions when someone has
> edited /etc/named.conf, but their system was actually using
> /etc/named/named.conf, or something like that.
> Have you checked your log to see if it's reporting any errors when it
> starts up?
> Barry Margolin, firstname.lastname@example.org
> Arlington, MA
> *** PLEASE don't copy me on replies, I'll read them in the group ***
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org