OpenWRT BIND NAMED Addendum

Wiki.TerraBase.info
Jump to navigation Jump to search

Here's an interesting item that applies to BIND / NAMED, beyond OpenWRT and the WRT AC Series of routers;

If one is using two BIND / NAMED Daemons on different servers that are connected via OpenVPN, the BIND / NAMED Daemon uses / perceives (slave / master, don't know which one it is) the OpenVPN Subnet IP Address, not the actual subnet each BIND / NAMED Daemon is on. For example;

  • Slave BIND / NAMED Daemon located in this subnet: 192.168.1.0 / 24, with this subnet IP Address: 192.168.1.1, and this OpenVPN IP Address: 172.16.2.10
  • Master BIND / NAMED Daemon located in this subnet: 192.168.2.0 / 24, with this subnet IP Address: 192.168.2.1, and this OpenVPN IP Address: 172.16.2.1
  • OpenVPN "subnet" connecting the two above subnets: 176.16.2.0 / 24

Oh, it should be noted in the above example that the BIND / NAMED Slave Daemon is running on a router which is also running an OpenVPN Client, which is connected to the other subnet that has a router configured in a similar manner (except it is the BIND / NAMED Master).

This whole scenario comes about when the BIND / NAMED Slave Server needs to transfer Zones from the Master BIND / NAMED Server. What IP Address should the Master allow-transfer from? The answer would seem to be 192.168.1.1, but it isn't. 172.16.2.10 is the correct answer.