BIND and listening on interfaces
Barry Margolin
barmar at alum.mit.edu
Fri Aug 1 15:16:20 UTC 2014
In article <mailman.720.1406904401.26362.bind-users at lists.isc.org>,
Reindl Harald <h.reindl at thelounge.net> wrote:
> the thread yesterday reminded me on my Fedora bugrpeort
> https://bugzilla.redhat.com/show_bug.cgi?id=1073038#c3
> https://bugzilla.redhat.com/show_bug.cgi?id=1073038#c8
>
> i don't buy "Note that destination IP address must be
> known and set correctly in reply, otherwise clients
> will be confused" because how does it survive NAT
What's meant is that the source address of the reply must match the
destination address of the request. This is the how TCP behaves
automatically, since it involves connections, but all UDP packets are
independent. When BIND sends a reply message, the stack doesn't know
that it's related to a particular incoming message whose IPs should be
flipped.
It survives NAT because the router remembers how it translated the
incoming packet. When it sees an outgoing packet with the translated IP
and port, it undoes the translation.
--
Barry Margolin
Arlington, MA
More information about the bind-users
mailing list