The behaviour of source port allocation changed slightly since BIND 8.x
For details, consult answer 2.18 in:
ftp://rtfm.mit.edu/pub/usenet/news.answers/internet/tcp-ip/domains-faq/part1
I mentioned this in a previous email, but you may use the query-source
option in named.conf, to control which style of source port allocation
best suits your firewalled environment and security policy.
Cheers,
Chris.
Onno Kreuzinger wrote:
> Zitiere Tony Rall <[EMAIL PROTECTED]>:
>
> >
> > I fairly strongly disagree. If you block below 1024 you will be
> > blocking
> > lots of legitimate queries. Bind itself used to default to 53 as its
> > source port.
> >
> Just to add some confusion, akaik:
>
> client -> server
> >1024 53 (Query) UDP if size below 512, else TCP
> response reuses same ports/protocoll
>
> server -> server
> 53 53 UDP for fowarded queries, TCP for zone-transfers
> respose reuses same port/protocoll
>
> please correct this if its wrong !!
>
> regards
>
> Onno Kreuzinger
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
