At Mon, 02 Feb 2009 22:32:17 +0330, "Bind" <b...@dci.ir> wrote:
> maybe my first question type was wrong,sorry for terrible!,my question is: > when i run netstat -an,why my server has some stablished connection with its > own ip address through different source port to one client address? > > example: > > 192.168.1.1.51121 74.222.11.71.53 Connected192.168.1.1.58967 > 74.222.11.71.53 Connected192.168.1.1.46691 74.222.11.71.53 > Connected > > does it mean that,,client 74.222.11.71 [http://74.222.11.71/] at the time of > snapshot requests 3 dns queries from my server or something else? These are most likely queries sent from a BIND9 caching server as part of recursive name resolution. They are not 'open' ports, but are temporarily opened and connected to a specific remote server address for a particular query. > can we say the number of recursive-clients after run "rndc status" and > the output of "netstat -an |grep 53 | wc" point to the same thing > (regardless of difference to running time)? Not necessarily, because if named receives a same query from multiple clients it combines the query and only sends one query to the remote server. Also, there are other queries internally sent from named. --- JINMEI, Tatuya Internet Systems Consortium, Inc. _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
