Re: bind() udp behavior 2.6.8.1

From: Adam Denenberg
Date: Thu Dec 16 2004 - 09:34:22 EST


I disagree. The linux server should be using unique Transaction ID's in the dns header for each unique dns request. Otherwise there is no way to distinguish them (same A record request). Of course the firewall is going to drop a reply that it thinks it already saw a reply for 30ms ago.

This appears to be a bug in the way glibc is handling things but i cannot be sure. That is the goal of my investigation.

adam

Please CC me i am not on the list.

On Dec 15, 2004, at 2:07 PM, Jan Harkes wrote:

On Wed, Dec 15, 2004 at 09:16:02AM -0500, Adam Denenberg wrote:
the Firewall from distinguishing unique dns requests. It sees a second
DNS request come from the linux server with the _same_ transaction ID in
the UDP header as it is marking that session closed since it already saw
the reply successfully. So for example the linux server is making a dns

Stupid guess here,

The reply got dropped after it passed your firewall and before it
reached the linux server. What you are seeing is simply a retransmit
which would also have happened if the original request got lost, or if
the reply was dropped before it reached your firewall, in which case the
firewall probably would have forwarded the retransmitted request without
a problem.

I would open the window before you throw the piece of garbage out.

Jan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/