address spoofing

sthaug at sthaug at
Sun Apr 25 10:22:35 UTC 1999

> > then, you can have (if you want) another bind listening on other
> > interfaces for other stuff.  like the "internal dns" server that you
> > mentioned.  or maybe a recursive, caching-only server that listens
> > only on  of course...they can speak to each other if need
> > be.  :)
> I tried 2 instances of BIND and they didn't work right.  One functioned
> and the other played dead (very dead ... as in the process blocked and
> would not wake up).  One needs 2 separate machines to get it to actually
> work right (times the amount of redundancy desired).  If you know the
> magic to make it work right, I'd sure like to know.  Maybe some kind of
> lock somewhere?

Works great here. You need to make sure that each bind instance has its
own set of named.conf/zone files/pid file/ndc channel, that they bind to
different interfaces. I also like to force them to have different query
ports, but this shouldn't be necessary as long as they are on different

Steinar Haug, Nethelp consulting, sthaug at

More information about the NANOG mailing list