[Opendnssec-user] How to specify outbound IP address for notify
Abdulkareem H. Ali
kareem.ali at centralnic.com
Thu Oct 3 14:28:09 UTC 2019
First make sure that the IP is configured and up on the box, then make
sure that nothing else on the same box is using that IP and listening on
We use your exact configs on our boxes, although in `conf.xml`, and
works fine. However we don't actually use it to send notifies, we use
the <NotifyCommand> in the <Signer> section to call a script that does
extra checks for us and reloads a local bind instance that eventually
will send DNS NOTIFYs to slaves.
On 01/10/2019 15:29, Mike wrote:
> On 9/30/2019 12:36 PM, Mike wrote:
>> What I want to do:
>> I am trying to configure the Outbound section of
>> to use a specific outbound IP address.
>> So my question is:
>> How do I specify the address that Notify binds to when it is sending a
>> notify message to my slave server?
> Some more info on this perplexity...
> This subset the Signer section of conf.xml:
> produces this result when I start opendnssec (fwiw, I'm running on
> FreeBSD 12.0, using the opendnssec pkg):
> # sockstat -6w
> USER COMMAND PID FD PROTO LOCAL ADDRESS
> root ods-signer 27391 8 udp6 2607:f2f8:af30::53:53
> root ods-signer 27391 9 tcp6 2607:f2f8:af30::53:53
> So it looks as if ods-signer is binding to the address/port specified
> upon startup.
> When I sign a domain, I see this in the log file
> (verbosity is at level 6)
> 2019-10-01T10:23:33.428968-04:00 ods-signerd: [notify] handle
> notify for zone mcmli.com
> 2019-10-01T10:23:33.429042-04:00 ods-signerd: [notify] notify
> timeout for zone mcmli.com
> 2019-10-01T10:23:33.429419-04:00 ods-signerd: [notify] unable to
> bind address 2607:f2f8:af30::53: bind() failed Can't assign requested
> 2019-10-01T10:23:33.429536-04:00 ods-signerd: [notify] unable to
> send notify retry 1 for zone mcmli.com to [slave server]
> notify_send_udp() failed
> It looks as if the notify command within signer is trying to bind to the
> same address (and same port? I can't tell.) that it is already bound to.
> What am I doing incorrectly?
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
Abdulkareem H. Ali
Operations Team Leader
CentralNic Group PLC
London Stock Exchange Symbol: CNIC
+44 20 3388 0600
CentralNic Group PLC is a company registered in England and Wales with
company number 8576358. Registered Offices: CentralNic, 4th Floor, Saddlers House, 44 Gutter Lane, London, EC2V 6BR.
More information about the Opendnssec-user