> On Mon, 17 Jul 2000, Jack Coates wrote:
> > On Mon, 17 Jul 2000, Aaron Turner wrote:
>
> > Actually Jack, in the wild you will see a significant portion of
> > requests coming from port 53. I forget why off the top of my head,
> > but it does happen. Also, remember that the >1024 is a Unix'ism and
> > isn't true in the Windows world.
>
> but I've never seen a DNS resolver coming _from_ UDP 53. That would
> break inbound resolution requests on my home firewall, which I use
> fairly frequently. I'm sure you've seen it or you wouldn't have said
> so, but I'd think it's got to be fairly rare. Whatever.
your home firewall is broken.
client resolvers almost always use an ephemeral port (i.e. > 1023)
however, if your client queries the local dns server which then queries
another dns server (i.e. a recursive query), the server-server request
will very likely have a source port of 53/udp.
older versions of bind always used a source port of 53/udp. newer versions
(i think > v8.1) use an ephemeral port but allow you to revert to the
older method with the directive:
query-source address * port 53
- brett
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
