a related problem is having N ip addrs bound to M nics on a host, where N > M.
if an ssl connection fails and debug is needed between the M:N:host and some
other ssl-speaking box, then it makes a difference if the ssl connection is
associated with the primary, or some aliased (set N-1) ip addr. client failure
semantics are primary address specific, for some value of ssl clients.
in theory you could alias an ns box's ip addrs (just did that, renumbering),
and have multi-addrs on a server authoritative for multi-zones, and not have
a flag day.
have fun, jobs are scarce as hen's teeth.