dns replies differ in src IP from query's dst IP (Bug?)
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Wed Nov 21 22:15:24 UTC 2001
>
> Thanks Mark, it's been of great help.
> Just to make sure I understood. It has nothing to do with NS implementation
> but rather with the IP stack?
> Thanks again
> Guy
Just binding to *.53 can result in replies getting the wrong source
address as it depend upon routing to get the right source address
and if there is asymetic routing occuring ...
BIND works around this by binding to each individual interface so
provided the stack doesn't have a bug (and some old UNIX stacks do)
you get the correct address in the return packet. The IPv6 advanced
API allows you to use *.53 and learn which interface the packet
was received over and to specify which interface address to use as
the source address in the reply.
Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list