[Opendnssec-user] How to specify outbound IP address for notify

Mike the.lists at mgm51.com
Thu Oct 3 20:58:39 UTC 2019


On 10/3/2019 10:28 AM, Abdulkareem H. Ali wrote:
> Hi Mike,
> 
> 
> First make sure that the IP is configured and up on the box, then make
> sure that nothing else on the same box is using that IP and listening on
> port 53.
> 
> 
> We use your exact configs on our boxes, although in `conf.xml`, and
> works fine. However we don't actually use it to send notifies, we use
> the <NotifyCommand> in the <Signer> section to call a script that does
> extra checks for us and reloads a local bind instance that eventually
> will send DNS NOTIFYs to slaves.
> 
> 
> <NotifyCommand>/path/to/customscript %zone</NotifyCommand>
> 
> 
> Kareem.

Yes, the IP is configured on the box, and yes I am sure no other program
is using it.

Before I start OpenDNSSEC, there is nothing listening on that IP address
(per netstat).  After I start OpenDNSSEC I can see ods-signer listening
on the IP.  But when it comes time to notify, ods-signer cannot bind to
the address.

That's that part that is odd for me.  It is listening on the IP, yet it
cannot bind to it.

In any case, I've moved on from OpenDNSSEC.  It seems a bit too quirky
for my usage, and the documentation is pretty poor.

Thanks for the reply.



More information about the Opendnssec-user mailing list