match-mapped-addresses 9.2.3
Andreas Sundstrom
sunkan_nospam_ at _nospam_zappa.cx
Wed Dec 3 19:40:16 UTC 2003
I would like to understand exactly what the match-mapped-addresses
option does.
I use Linux with IPv4 and IPv6 and I normally use these options:
listen-on { none; };
listen-on-v6 { any; };
with them I don't get any error messages in the syslog and everything
seems to work as usual.
However I recently noted that the server master notices were ignored, so
I used "rndc trace 3" to find out what happened and it was ofcourse the
IPv4inIPv6 addressing scheme that was to blame. The server ignored the
notify because the address was ::ffff:192.168.1.2 and not 192.168.1.2
I first got the notifies to work with the
allow-notify { ::ffff:192.168.1.2; };
statement.
Then I started searching a bit more for information and I learned that
the option "match-mapped-addresses yes" was available to help with this
problem.
First it worked as expected, allow-notify { 192.168.1.2; }; now got the
notifies to work. What I didn't think was that when I then removed the
allow-notify option it didn't work anymore, even if the masters server
had the same IP. What I mean is that the zone below don't accept
notifies from 192.168.1.2 when listening through the IPv6 socket and
with match-mapped-addresses set to yes, it only works if the second
comment is removed and an allow-notify is specified.
I thought that the server normally checks the notifier agains what the
masters IP's are.
Have I made configuration mistakes or do I not understand how it works?
I would love to see some examples of how to get a decent working system
with the IPv6 stack in Linux today. For example is "listen-on { none;
};" recommended in this scenario?
zone "ws.se" in {
type slave;
masters { 192.168.1.2; };
// allow-notify { ::ffff:192.168.1.2; };
// allow-notify { 192.168.1.2; };
file "slave/ws.se.hosts";
};
I hope I explained things good enough, thanks for any help/comments
/Andreas Sundstrom
More information about the bind-users
mailing list