Hi Mike,
First make sure that the IP is configured and up on the box, then make sure that nothing else on the same box is using that IP and listening on port 53. We use your exact configs on our boxes, although in `conf.xml`, and works fine. However we don't actually use it to send notifies, we use the <NotifyCommand> in the <Signer> section to call a script that does extra checks for us and reloads a local bind instance that eventually will send DNS NOTIFYs to slaves. <NotifyCommand>/path/to/customscript %zone</NotifyCommand> Kareem. On 01/10/2019 15:29, Mike wrote: > On 9/30/2019 12:36 PM, Mike wrote: >> What I want to do: >> >> I am trying to configure the Outbound section of >> adddns.xml/Adapter/DNS/Outbound >> >> to use a specific outbound IP address. >> >> >> [snip] >> >> So my question is: >> >> How do I specify the address that Notify binds to when it is sending a >> notify message to my slave server? >> >> thx. > > Some more info on this perplexity... > > This subset the Signer section of conf.xml: > > > <Listener> > <Interface> > <Address>2607:f2f8:af30::53</Address> > <Port>53</Port> > </Interface> > </Listener> > > produces this result when I start opendnssec (fwiw, I'm running on > FreeBSD 12.0, using the opendnssec pkg): > > # sockstat -6w > USER COMMAND PID FD PROTO LOCAL ADDRESS > root ods-signer 27391 8 udp6 2607:f2f8:af30::53:53 > root ods-signer 27391 9 tcp6 2607:f2f8:af30::53:53 > > So it looks as if ods-signer is binding to the address/port specified > upon startup. > > > When I sign a domain, I see this in the log file > (verbosity is at level 6) > > 2019-10-01T10:23:33.428968-04:00 ods-signerd[27391]: [notify] handle > notify for zone mcmli.com > > 2019-10-01T10:23:33.429042-04:00 ods-signerd[27391]: [notify] notify > timeout for zone mcmli.com > > 2019-10-01T10:23:33.429419-04:00 ods-signerd[27391]: [notify] unable to > bind address 2607:f2f8:af30::53: bind() failed Can't assign requested > address > > 2019-10-01T10:23:33.429536-04:00 ods-signerd[27391]: [notify] unable to > send notify retry 1 for zone mcmli.com to [slave server] > notify_send_udp() failed > > > It looks as if the notify command within signer is trying to bind to the > same address (and same port? I can't tell.) that it is already bound to. > > What am I doing incorrectly? > > thx. > > > > > > > > _______________________________________________ > Opendnssec-user mailing list > [email protected] > https://lists.opendnssec.org/mailman/listinfo/opendnssec-user -- Abdulkareem H. Ali Operations Team Leader CentralNic Group PLC London Stock Exchange Symbol: CNIC +44 20 3388 0600 www.CentralNic.com CentralNic Group PLC is a company registered in England and Wales with company number 8576358. Registered Offices: CentralNic, 4th Floor, Saddlers House, 44 Gutter Lane, London, EC2V 6BR. _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
