On Mon, 31 Dec 2001 05:31, Jor-el wrote: > > DNS cache machine sents out requests from source port 54 (not obscure - > > every administrator of every DNS server on the net can easily discover > > this). > > Not sure I follow what you are saying here. Are you saying that it > is pretty easy for a DNS admin to figure out what port you are running the > DNS server on (if so how?) or are you saying that port 54 is a well agreed > upon port for this purpose. I doubt very much that it is the latter, since > http://www.iana.org/assignments/port-numbers states that port 54 is > assigned to XNS (whatever that is).
When a request has a source port of 54 the reply MUST have a destination port of 54. A DNS request is allowed to have any address as a source address (as the client program may be a non-root application which gets the first UDP port it can find which will be somewhat random). The ability to configure which source port is used for queries is a newer feature in bind (wasn't there in 4.x at least - not sure when it was added). Having the same port used for sending out queries and receiving queries from other machines (pretty much a default setup) just makes things more difficult to manage, secure, and analyse. -- http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/projects.html Projects I am working on http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
