[dns-operations] [Ext] Nameserver responses from different IP than destination of request

John Levine johnl at taugh.com
Tue Sep 8 16:54:54 UTC 2020


In article <6f32301724d95a24777dbf993c28b0e35f9b8501.camel at powerdns.com> you write:
>I cannot speak for any other piece of software, but the way PowerDNS
>Recursor uses connected UDP sockets to talk to authoritatives means
>that the kernel already drops responses from wrong addresses, ...

Seems to me that would be true for any software that uses the usual
BSD or linux socket calls that match the host and port on received
packets with recently sent ones. I'm having trouble figuring out how I
would even arrange to receive replies from the wrong host short of
using a raw socket that collected all incoming UDP packets, which
would make it hard to run anything else that uses UDP on the same
machine with the DNS client.






More information about the dns-operations mailing list