Tony Mumm wrote:
We are monitoring a bunch of DNS servers in our data center for availability.
We use a combination of the A record and NS record probes. In some cases we
monitor a DNS server directly, and in other cases we use a layer 4 load balancer
to intelligently distribute load between devices.
Apparently, all DNS queries sent by these probes, regardless of the map or
device, bind to the same source UDP port. This is causing us some difficulty in
monitoring the array of servers behind our load balancers, as the layer 4
information (src port, destination port 53) is always the same. It matches, and
keeps alive, a single layer 4 session in the LBS. It limits our ability to
monitor the entire array of servers in the same way our customers would.
>
Is there a reason why all the DNS probes use the same source port? Would it be
possible to have it bind on a per query basis? Does this happen with other
probes that we haven't found yet?
Actually, all UDP probes are sent through two UDP source ports. Once the UDP ports are opened for the first outgoing
SNMP, DNS, or RADIUS packet, the source port numbers do not change.
Would it be acceptable if InterMapper permitted you to periodically rotate through different source port numbers,
perhaps changing every 5-10 minutes? All traffic would still use the same ports for all traffic, but these ports would
constantly be shifting over time.
Bill Fisher
Dartware, LLC
____________________________________________________________________
List archives:
http://www.mail-archive.com/intermapper-talk%40list.dartware.com/
To unsubscribe: send email to: [EMAIL PROTECTED]
