|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: address spoofing
> > then, you can have (if you want) another bind listening on other > > interfaces for other stuff. like the "internal dns" server that you > > mentioned. or maybe a recursive, caching-only server that listens > > only on 127.0.0.1. of course...they can speak to each other if need > > be. :) > > I tried 2 instances of BIND and they didn't work right. One functioned > and the other played dead (very dead ... as in the process blocked and > would not wake up). One needs 2 separate machines to get it to actually > work right (times the amount of redundancy desired). If you know the > magic to make it work right, I'd sure like to know. Maybe some kind of > lock somewhere? Works great here. You need to make sure that each bind instance has its own set of named.conf/zone files/pid file/ndc channel, that they bind to different interfaces. I also like to force them to have different query ports, but this shouldn't be necessary as long as they are on different interfaces. Steinar Haug, Nethelp consulting, [email protected]
|