At Wed, 1 Oct 2008 10:08:36 -0700, Chris Buxton <[EMAIL PROTECTED]> wrote:
> > BIND9 has no problem with seeing new interfaces. You don't need rndc > > for > > that, it's quite automatic. You can use interface-interval to adjust > > the > > frequency of the checking. > > Only if named is running as root. As any other user, it doesn't have > the right to bind to port 53; therefore, any interface that appears > after named drops privileges is unavailable. (You might be able to > work around this on Linux by setting capabilities [libcap2].) BIND9 actually sets proper capabilities for Linux before doing setuid(). (Another option is to switch to IPv6, for which named uses a wildcard socket to receive queries by default:-) --- JINMEI, Tatuya Internet Systems Consortium, Inc.
