Question on query-source, transfer-source, notify-source

Mark Andrews marka at isc.org
Fri Aug 6 15:13:49 UTC 2010 

In message <20100804184239.4EE3B479F9 at britaine.cis.anl.gov>, Barry Finkel write
s:
> Another question about query-source:
> 
> Is there a difference between
> 
>      query-source address 1.2.3.4;
> and
>      query-source 1.2.3.4;

No.
 
> My reading of the ARM simplies that the two are the same, but I may
> be getting different results.  I am not sure.  Two of my colleagues
> ran a test last week that seemed to imply a difference, but I was not
> around to see exactly what tests they ran.  This is BIND 9.7.1-P2.
> 
> I have looked at querylogs on a server with one DNS address and one
> non-DNS address.  I have tried both formats of "query-source" above;
> I see no difference.  What I do see is this - an SOA query via the
> DNS address followed by an IXFR via the DNS address.  This IXFR is
> REFUSED because this is a test server, and the master server (not under
> my control) does not allow zone transfers from this test address.
> Then I see an SOA query and an AXFR query, both on the DNS address.
> This AXFR is also REFUSED.  Then I see an SOA query and an IXFR query
> via the non-DNS address!  I have not looked at the code to see what
> BIND might be doing in sending a DNS packet via the non-DNS address.
> The BIND config on this machine has
> 
>      transfer-source 1.2.3.4 port 53;
> 
> so it should not be sending an IXFR or AXFR request via the non-DNS
> address.

See alt-transfer-source and use-alt-transfer-source.

> An addendum to my recent postings about two machines each with three
> addresses.  The only reason I need all three addresses on each machine
> is that I have published all six addresses, and these addresses are
> configured in all of the machines on the three Class-B subnets that
> my DNS server manages.  I do not want to have all of the system
> administrators change their machine DNS server IP addresses.
> ----------------------------------------------------------------------
> Barry S. Finkel
> Computing and Information Systems Division
> Argonne National Laboratory          Phone:    +1 (630) 252-7277
> 9700 South Cass Avenue               Facsimile:+1 (630) 252-4601
> Building 240, Room 5.B.8             Internet: BSFinkel at anl.gov
> Argonne, IL   60439-4828             IBMMAIL:  I1004994
> 
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the bind-users mailing list