North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: address spoofing

  • From: sthaug
  • Date: Sun Apr 25 06:24:36 1999

> > then, you can have (if you want) another bind listening on other
> > interfaces for other stuff.  like the "internal dns" server that you
> > mentioned.  or maybe a recursive, caching-only server that listens
> > only on  of course...they can speak to each other if need
> > be.  :)
> I tried 2 instances of BIND and they didn't work right.  One functioned
> and the other played dead (very dead ... as in the process blocked and
> would not wake up).  One needs 2 separate machines to get it to actually
> work right (times the amount of redundancy desired).  If you know the
> magic to make it work right, I'd sure like to know.  Maybe some kind of
> lock somewhere?

Works great here. You need to make sure that each bind instance has its
own set of named.conf/zone files/pid file/ndc channel, that they bind to
different interfaces. I also like to force them to have different query
ports, but this shouldn't be necessary as long as they are on different

Steinar Haug, Nethelp consulting, [email protected]