hello paul, Paul Wouters: > On Wed, 10 Jul 2013, [email protected] wrote: > >> im not achieving any local port randomization whatsoever > > What are your settings for outgoing-range: and outgoing-port-permit: ?
outgoing-range: 8192 outgoing-port-permit: 1024-65535 > >> in my config i have 0x20 enabled and 3 outgoing interfaces. Must i have >> 4 outgoing interfaces to enable local port randomization ? > > While having multiple IPs/interfaces adds to the randomization of source > address, it should be independant of the port randomization. > >> essentially the range of local ports is tiny - probably no more than 100 >> according to 2 different tests performed > > Are you behind a NAT that's causing your ports to get NATed > sequentially? my unbound: Version 1.4.20 linked libs: libevent 2.0.21-stable (it uses epoll), ldns 1.6.16, OpenSSL 1.0.1 14 Mar 2012 linked modules: validator iterator configured for x86_64-unknown-linux-gnu on Fri Jul 19 07:05:39 EST 2013 with options: '--with-ldns' '--with-libevent' connected to LAN cable not sure how any middleware would be mangling this - any suggestions ? > > Paul > _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
