Question on query-source, transfer-source, notify-source

Barry Finkel b19141 at anl.gov
Wed Aug 4 18:42:39 UTC 2010 

Another question about query-source:

Is there a difference between

     query-source address 1.2.3.4;
and
     query-source 1.2.3.4;

My reading of the ARM simplies that the two are the same, but I may
be getting different results.  I am not sure.  Two of my colleagues
ran a test last week that seemed to imply a difference, but I was not
around to see exactly what tests they ran.  This is BIND 9.7.1-P2.

I have looked at querylogs on a server with one DNS address and one
non-DNS address.  I have tried both formats of "query-source" above;
I see no difference.  What I do see is this - an SOA query via the
DNS address followed by an IXFR via the DNS address.  This IXFR is
REFUSED because this is a test server, and the master server (not under
my control) does not allow zone transfers from this test address.
Then I see an SOA query and an AXFR query, both on the DNS address.
This AXFR is also REFUSED.  Then I see an SOA query and an IXFR query
via the non-DNS address!  I have not looked at the code to see what
BIND might be doing in sending a DNS packet via the non-DNS address.
The BIND config on this machine has

     transfer-source 1.2.3.4 port 53;

so it should not be sending an IXFR or AXFR request via the non-DNS
address.

An addendum to my recent postings about two machines each with three
addresses.  The only reason I need all three addresses on each machine
is that I have published all six addresses, and these addresses are
configured in all of the machines on the three Class-B subnets that
my DNS server manages.  I do not want to have all of the system
administrators change their machine DNS server IP addresses.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Information Systems Division
Argonne National Laboratory          Phone:    +1 (630) 252-7277
9700 South Cass Avenue               Facsimile:+1 (630) 252-4601
Building 240, Room 5.B.8             Internet: BSFinkel at anl.gov
Argonne, IL   60439-4828             IBMMAIL:  I1004994

More information about the bind-users mailing list