On Wed, 20 Dec 2006, Matt Patterson wrote:
I have a small issue. I'm attempting to setup 2 pdns-recursor servers on
our network in a cluster using the heartbeat high availability foo.
Here's my problem. In the configuration, it states that I need to set
local-addresses in order to get pdns-recursor up and running otherwise
it only listens on localhost. In previous versions, it apparently bound
to any but was changed due to security issues with some admins having
open resolvers. Here's where I start to run into an issue...Within my
cluster configuration, I'm doing an Active/Active setup so one server
takes one IP and the other gets a different IP. If one node in the
cluster fails, the IP moves over to the other server. This causes a
problem for pdns-recursor as that new IP is not in the configuration so
even though it has successfully moved over to the other server, it is
not serving up DNS so to the end user, it is down. Adding it to the
pdns configuration ahead of time causes an issue where the pdns-recursor
does not start as this is considered a mistake in the configuration.
Has anyone else run into an issue like this? Is there a way to get
pdns-recursor to bind to any?
Hi Matt.
I was in a similar situation with getting pdns listening on IP aliases
that aren't available at daemon startup. I wanted to have pdns running
and responding successfully to test queries and then bring up IP aliases
which were then advertised via OSPF to routers. The obvious way to do this
was to configure pdns to listen on 0.0.0.0, however pdns responses contain
the source IP of the main ethernet interface, not that of the IP alias.
The fix for me was to bind to the ethernet alias addresses, and use
the somewhat obsure Linux kernel sysctl net.ipv4.ip_nonlocal_bind to
allow binding to addresses that aren't present - i.e. perform a
sysctl -w net.ipv4.ip_nonlocal_bind=1 and add
net.ipv4.ip_nonlocal_bind=1
to your /etc/sysctl.conf to make it active at boot time.
This might be ideal in your case as well.
Best regards,
Chris
_______________________________________________
Pdns-users mailing list
[email protected]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
