named: IPsrc for ougoing UDP query != outgoing interface (weak-end model?)
Irwin Tillman
irwin at Princeton.EDU
Thu Dec 2 13:37:55 UTC 1999
platform: BIND 8.2.2p5 on Solaris 2.6
On a host with two physical interfaces attached to different networks,
I see named sending UDP queries out via interface A, but with interface B's IPsrc address.
Sort of a weak-end model behavior.
(This is bad; when the packets reach the IP router, it drops them due to
IP spoof filtering.)
Since I don't really need/want BIND to use interface B anyway, I tried to use
the following option to force UDP queries to come from address A.A.A.A :
query-source address A.A.A.A port *
However, that does not affect which physical interface is used for the outgoing packets;
I still see the same behavior.
My options also include the following which appear to work as expected:
listen-on { 127.0.0.1; A.A.A.A.; };
transfer-source A.A.A.A;
Any suggestion?
- Irwin Tillman, Princeton University
More information about the bind-users
mailing list