On 2018/10/16 16:12, Henrik Lund Kramshøj wrote: Looks like the email got held up somewhere, only just received on the 19th.
> "Fun fact, Unbound on OpenBSD reply to DNS requests received in Ethernet > packets with broadcast destination and IP destination being the IP of > the server} That is normal behaviour from the IP stack, it isn't specific to unbound or OpenBSD. > My script using Scapy was something like the below, but you can > probably just use, if on same subnet: > ... > packet=Ether(dst=broadcastmac,src=randommac)/IP(src=attacker, > dst=destination)/UDP(sport=testport,dport=insideport)/DNS(rd=1,id=0xdead,qd=DNSQR(qname="www.wikipedia.org")) > sendp(packet,loop=0) > > without the VXLAN header. For easier testing, you can also use "arp -s $ip_address ff:ff:ff:ff:ff:ff" on the machine you are trying to connect from - you can make all sorts of connection and they still work. For example, making an ssh connection to a Linux box also succeeds with a broadcast destination MAC.
