:This patch isn't very good for us as we need to be able to bind
:nfsd to several IP addresses and still have it reply on the correct
:interface and I think your patch only allows one to be specified
:per set of nfsds?
:
:At the least we need to be able to specify multiple IP addresses
:and a "all IP addresses" mode, as in Ian's original patch, would
:be useful for us.
:
:I guess we could run bunches of nfsds - one bunch per IP, but this
:seems unnatural.
:
: David.
You can run a set of nfsd's on each IP that you want to bind to
with the patch. While it is true that this doesn't solve the
problem universally, it does solve the problem for most people
while at the same time implementing more appropriate security
characteristics. It just isn't a good idea to go binding to every
interface IP address in existance -- I know web servers with hundreds
of IP aliases that would simply blow up if we were to try to do that,
and other servers with hundreds of discrete, dynamically changing
interfaces (e.g. virtual frame interfaces). 'named' went the
'bind to everything' route and it was six years before the bugs got
worked out of it.
-Matt
Matthew Dillon
<[EMAIL PROTECTED]>
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
