On Nov 19, 2007 6:35 PM, Reyk Floeter <[EMAIL PROTECTED]> wrote: > please try to configure the following: ... > so the proposed solution is to always use "listen on 0.0.0.0 port 53" > with DNS relays for now.
Your proposal indeed solves the problem in my multi-homed setup, and makes my work-around with source NAT rule obsolete! Thank you very much. In the long run, would it be feasible to extend relay_udp_bind() so that its binds to the IP address of the interface to which it will relay those DNS UDP packets (while also observing the default route)? Could this eliminate the implicit use of "spoofed" sender IP addresses by the DNS relay on multi-homed hosts, without adding any knobs? Rolf
