In message <[email protected]>, Tony Finch <[email protected]> wrote:
>Ronald F. Guilmette via Unbound-users <[email protected]> wrote: >> >> For the outbound DNS query packets, does the router re-jigger the orginal >> source port numbers so that they will (hopefully) not conflict and so that >> the DNS response packets, when they arrive, can be directed appropriately >> to one machine or the other? > >Yes. The long version is RFC 4787. Thank you. I am and will be reading that. >> And if that is the case, then will my SOHO router catch fire if and when >> I elect to send out through it a set of 65536 or more separate DNS queries, >> all in rapid succession? > >Almost certainly :-) Even quite big NAT boxes will get indigestion if you >put a lot of DNS traffic through them. I didn't know that. So I learned something today. > In general it's best to keep >stateful middleboxes away from DNS servers. In your case you are probably >better off either setting up a DMZ at home (if they will give you multiple >IP addresses) or get a colo box for high volume DNS query traffic. Yes. Thank you. The latter is already in progress. (I am assuming ... perhaps incorrectly... that a -dedicated- box will not be absolutely necessary, as long as I have a dedicated and non-dynamic IP address with it.) Regards, rfg
