[OFFTOPIC] Re: 8.2.2-P5 stops answering queries?

[david_luyer () PACIFIC NET AU (David Luyer)]

> I have been similars problems when i add or delete some IP aliases in
> the same NIC that the daemon bind.

There are some very simple problems there (not security related).

One: named binds to specific interfaces; if you remove and re-add the
     aliases, it never re-scans the interfaces, so any queries on said
     interfaces are not seen.  yes, adding a new i/f to a nameserver
     blows away hundreds of megs of data.  don't run an
     IP-based-virtual-server on a nameserver. :-)

Two: named chooses, unless specified in named.conf, a random interface
     to source queries from.  so if you add an IP alias in advance of
     moving some zones around when merging servers, you have to either
     have forced the interfaces used in named.conf for transfer-source
     and query-source or move the routing of the IP address you're moving
     across straight away to the new nameserver.

David.

--
----------------------------------------------
David Luyer
Senior Network Engineer
Pacific Internet (Aust) Pty Ltd
Phone:  +61 3 9674 7525
Fax:    +61 3 9699 8693
Mobile: +61 4 1064 2258, +61 4 1114 2258
http://www.pacific.net.au        NASDAQ: PCNTF
<< fast 'n easy >>
----------------------------------------------