[23816] in North American Network Operators' Group
Re: address spoofing
daemon@ATHENA.MIT.EDU (sthaug@nethelp.no)
Sun Apr 25 06:24:01 1999
To: phil@whistler.intur.net
Cc: atatat@atatdot.net, nanog@merit.edu
From: sthaug@nethelp.no
In-Reply-To: Your message of "Sun, 25 Apr 1999 02:27:38 -0500 (CDT)"
Date: Sun, 25 Apr 1999 12:22:35 +0200
Errors-To: owner-nanog-outgoing@merit.edu
> > then, you can have (if you want) another bind listening on other
> > interfaces for other stuff. like the "internal dns" server that you
> > mentioned. or maybe a recursive, caching-only server that listens
> > only on 127.0.0.1. of course...they can speak to each other if need
> > be. :)
>
> I tried 2 instances of BIND and they didn't work right. One functioned
> and the other played dead (very dead ... as in the process blocked and
> would not wake up). One needs 2 separate machines to get it to actually
> work right (times the amount of redundancy desired). If you know the
> magic to make it work right, I'd sure like to know. Maybe some kind of
> lock somewhere?
Works great here. You need to make sure that each bind instance has its
own set of named.conf/zone files/pid file/ndc channel, that they bind to
different interfaces. I also like to force them to have different query
ports, but this shouldn't be necessary as long as they are on different
interfaces.
Steinar Haug, Nethelp consulting, sthaug@nethelp.no
