-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Mathieu,
On 07/26/2012 11:04 AM, gauthierl wrote: > Hello, > > Yesterday, I noticed for the first time that my Unbound server has > ping a lot of DNS servers (something like 4000 in 30 minutes). Unbound does not send ICMP itself. Does not ping, it sends DNS UDP datagrams. The ping-times it can report via unbound-control are really UDP DNS datagram roundtrip times, they are not ICMP ping packets. > I think it's the Unbound process that is responsible of all the > traffic but I prefer be sure and also I'm curious about the purpose > of this feature. > > Can anyone have information about it ? There can be port-closed ICMP replies from your machine, if a UDP reply hits a port on the machine that unbound has closed. This could be side-effect of a 'Kaminsky' attack on your machine, or simply replies bouncing off closed ports due to port randomization and UDP-delays. Best regards, Wouter > Thanks in advance, Mathieu > > _______________________________________________ Unbound-users > mailing list [email protected] > http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJQEQ2EAAoJEJ9vHC1+BF+Nw/cP/2t9G1pd+0smML0s6He0DH4w Z6Sd2EfDJrDDgzk9mMk38rd8KjSk9eand81DnpZcaJxZeVN3oCFxIPHEQJi+aYzL Nive/jxq6RhAP7ckhZVnEqM6IoXY9za9/I7GbM2m9CdOD2wMEyBjF7XWdBJ+9FaR Lekm28b+uh2LffUg+vg7rINzULc1aUZ5rRi2wwpzBoJFSAf/pB+SIhxJ97+CqFgH igGtohx68zN0Oi3uIGrH1ryaP19Q4moJlV7Vtj8Dr4Z9Hn+gLF3CgdmoYVY2muxx aKfCP4KqseGyH+T+BTHI6F/padjIiJ4u++QhxlwAxuWXh6coSslhZ/orFqIy0eWO lIf/B9h8EOWAOR/XHyAC6+0YAs/OQ6PORC/pkD454DOCbwO5RCLsimI2O8YbU2Rn +BkartbE5i/5oith4CGCUAWayhuVKLjK6nQQ9mmP28u9RcucFNp83UGFySBrf4zo CMn93emdPxRHnxSnwgKKBxOKf1MciHxAe0eG9NClMv/PpaY9J2EA6leim+OrGNls 5GXAocxPZ8ejGyfZz+qK4ypj+rwzBFggLmR6jsIyZaf+SbFjlsufg5yt85Qw6tE+ JDxkNyafszONPihbsn+fGNBWvEzQYDCDMfT/h5SMkt4sVEUSypOaen3P9DCmeVR8 6MpDH7hRzwm85BmOgF25 =24su -----END PGP SIGNATURE----- _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
