From nobody@FreeBSD.org  Wed Jan 26 12:10:37 2005
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6914F16A4D5
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 26 Jan 2005 12:10:37 +0000 (GMT)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2EF0E43D41
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 26 Jan 2005 12:10:37 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id j0QCAawu091547
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 26 Jan 2005 12:10:36 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id j0QCAa7u091544;
	Wed, 26 Jan 2005 12:10:36 GMT
	(envelope-from nobody)
Message-Id: <200501261210.j0QCAa7u091544@www.freebsd.org>
Date: Wed, 26 Jan 2005 12:10:36 GMT
From: Adam Minowski <adam.minowski@t-systems.com.pl>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Bind 9 - query-source bug?
X-Send-Pr-Version: www-2.3

>Number:         76707
>Category:       i386
>Synopsis:       Bind 9 - query-source bug?
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    dougb
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jan 26 12:20:21 GMT 2005
>Closed-Date:    Wed Mar 23 08:34:01 GMT 2005
>Last-Modified:  Mon Sep 26 13:50:17 GMT 2005
>Originator:     Adam Minowski
>Release:        5.3-RELEASE-p4
>Organization:
T-Systems Poland
>Environment:
FreeBSD dshproxy.dsh.pl 5.3-RELEASE-p4 FreeBSD 5.3-RELEASE-p4 #0: Thu Jan 20 10:36:51 CET 2005 root@dshproxy.dsh.pl:/usr/obj/usr/src/sys/ami  i386

>Description:
I have FreeBSD runing as a router for network traffic, and also mailrelay. I have two network interfaces, one xl0: ip 10.233.2.10, and another one xll: ip 10.233.108.10 with aliases .2 .3 .4 at the end of address. Everything was working fine, until I've done system upgrade and start using bind9. Query-source in bind directive is not working properly. I have such config of dns regarding options:
options {
        directory       "/etc/namedb";
        pid-file        "/var/run/named/pid";
        dump-file       "/var/dump/named_dump.db";
        statistics-file "/var/stats/named.stats";
        listen-on       port 53 { 10.233.108.3; 10.233.108.4; 127.0.0.1; };
        query-source    address 10.233.108.4 ;
        transfer-source 10.233.108.4 ;
        notify-source 10.233.108.4;
};
When my dns querries another dns on xl1 side then it uses 10.233.108.4 address as required, but if another dns is on xl0 side then query comes from ip of xl0 interface!! 
>How-To-Repeat:

>Fix:
      
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-i386->dougb 
Responsible-Changed-By: vs 
Responsible-Changed-When: Wed Mar 9 18:08:41 GMT 2005 
Responsible-Changed-Why:  
Over to maintainer 

http://www.freebsd.org/cgi/query-pr.cgi?pr=76707 
State-Changed-From-To: open->feedback 
State-Changed-By: dougb 
State-Changed-When: Sun Mar 13 10:55:25 GMT 2005 
State-Changed-Why:  

I just upgraded the port to 9.3.1, it would be very useful if you could 
install that version (in /usr/local is fine) and give it a try. I will be 
updating the base soon, and it would help if I knew what I was facing. 

You can easily get the port version to start instead of the base by adding 
the following lines to /etc/rc.conf[.local]: 

named_program="/usr/local/sbin/named" 
named_flags="-u bind -c /etc/namedb/named.conf" 

Also, please read the documentation on the relevant options in 
/usr/share/doc/bind9/arm thoroughly to rule out the possibility 
of pilot error. 

Thanks, 

Doug 


http://www.freebsd.org/cgi/query-pr.cgi?pr=76707 
State-Changed-From-To: feedback->closed 
State-Changed-By: dougb 
State-Changed-When: Wed Mar 23 08:29:58 GMT 2005 
State-Changed-Why:  

Feedback timeout.  

It may be more useful to pursue this further on 
bind-users@isc.org if necessary.  

Good luck, 

Doug 

http://www.freebsd.org/cgi/query-pr.cgi?pr=76707 

From: "Bjoern A. Zeeb" <bzeeb@zabbadoz.net>
To: bug-followup@FreeBSD.org, adam.minowski@t-systems.com.pl
Cc:  
Subject: Re: i386/76707 : Bind 9 - query-source bug?
Date: Sat, 24 Sep 2005 14:22:36 +0000 (UTC)

 In case this is still worth noting:
 Might be that you are running into compat8 code. I had a
 similar problem with transfer-source that the 2nd soa_query
 did not use the configured IP. Turning of
 	use-alt-transfer-source no;
 seems to help there.

From: Adam.Minowski@t-systems.com.pl
To: "Bjoern A. Zeeb" <bzeeb@zabbadoz.net>
Cc: bug-followup@FreeBSD.org
Subject: Re: i386/76707 : Bind 9 - query-source bug?
Date: Mon, 26 Sep 2005 15:44:27 +0200

 It seems that you're right. I've deleted "use-alt-transfer-cource" from
 config and now everything is ok.
 Thanks
 
 --
 Adam Minowski
 
 
 
 
 |---------+---------------------------->
 |         |           "Bjoern A. Zeeb" |
 |         |           <bzeeb@zabbadoz.n|
 |         |           et>              |
 |         |                            |
 |         |           2005-09-24 16:22 |
 |         |                            |
 |---------+---------------------------->
   >--------------------------------------------------------------------------------------------------------------------------------------------|
   |                                                                                                                                            |
   |       To:       bug-followup@FreeBSD.org, adam.minowski@t-systems.com.pl                                                                   |
   |       cc:                                                                                                                                  |
   |       Subject:  Re: i386/76707 : Bind 9 - query-source bug?                                                                                |
   >--------------------------------------------------------------------------------------------------------------------------------------------|
 
 
 
 
 In case this is still worth noting:
 Might be that you are running into compat8 code. I had a
 similar problem with transfer-source that the 2nd soa_query
 did not use the configured IP. Turning of
              use-alt-transfer-source no;
 seems to help there.
 
 
 
 
 
>Unformatted:
