How do I avoid "reply from unexpected source" message
Eulogio Robles
eulogio.robles at mi.cl
Tue Jul 26 12:36:56 UTC 2005
Our ISP is connecting our caching resolvers and primary/secondary severs
(separate groups of servers) behind load balancers, using different VIP's
for caching and primary. All servers are on the same LAN. Using different
LAN's is not possible.
Our problem is : when a caching resolver queries for a name whose NS is
listed on the primary/secondary DNS VIP, there is no response, because the
primary server sends the response back to the querying server, using its
real IP, and the response is rejected with the error message "reply from
unexpected source".
One solution is to use forward-only zones, to make all queries for our local
zone to be directed to he real IP's. But with ver 3000 primary local zones,
it is diffcult to manage. Is there any way to make Bind to accept responses
from certain IP's, even when he query was sent to a different IP?
Best regards,
E. Robles
More information about the bind-users
mailing list