BIND ignores queries from specific privileged source ports
Barry Margolin
barmar at alum.mit.edu
Mon Jun 10 16:18:33 UTC 2019
In article <mailman.677.1560175574.711.bind-users at lists.isc.org>,
Blake Hudson <blake at ispn.net> wrote:
> Thank you Mark. A popular NAT appliance manufacturer has some logic that
> attempts to keep the translated source port close to the untranslated
> source port which can sometimes result in the behavior I've described
> where DNS queries use the well known source port of protocols that are
> abuse prone:
Why would the original source port be close to any of these low port
numbers? Source ports should normally be ephemeral ports.
--
Barry Margolin
Arlington, MA
More information about the bind-users
mailing list