[Opendnssec-user] How to specify outbound IP address for notify

Mike the.lists at mgm51.com
Tue Oct 1 14:29:14 UTC 2019


On 9/30/2019 12:36 PM, Mike wrote:
> What I want to do:
> 
> I am trying to configure the Outbound section of
> adddns.xml/Adapter/DNS/Outbound
> 
> to use a specific outbound IP address.
> 
> 
>[snip]
> 
> So my question is:
> 
> How do I specify the address that Notify binds to when it is sending a
> notify message to my slave server?
> 
> thx.


Some more info on this perplexity...

This subset the Signer section of conf.xml:


       <Listener>
                <Interface>
                        <Address>2607:f2f8:af30::53</Address>
                        <Port>53</Port>
                </Interface>
        </Listener>

produces this result when I start opendnssec (fwiw, I'm running on
FreeBSD 12.0, using the opendnssec pkg):

   # sockstat -6w
   USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS
   root     ods-signer 27391 8  udp6   2607:f2f8:af30::53:53
   root     ods-signer 27391 9  tcp6   2607:f2f8:af30::53:53

So it looks as if ods-signer is binding to the address/port specified
upon startup.


When I sign a domain, I see this in the log file
(verbosity is at level 6)

2019-10-01T10:23:33.428968-04:00 ods-signerd[27391]: [notify] handle
notify for zone mcmli.com

2019-10-01T10:23:33.429042-04:00 ods-signerd[27391]: [notify] notify
timeout for zone mcmli.com

2019-10-01T10:23:33.429419-04:00 ods-signerd[27391]: [notify] unable to
bind address 2607:f2f8:af30::53: bind() failed Can't assign requested
address

2019-10-01T10:23:33.429536-04:00 ods-signerd[27391]: [notify] unable to
send notify retry 1 for zone mcmli.com to [slave server]
notify_send_udp() failed


It looks as if the notify command within signer is trying to bind to the
same address (and same port?  I can't tell.) that it is already bound to.

What am I doing incorrectly?

thx.










More information about the Opendnssec-user mailing list