Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 2153

Summary: Bind queries root nameservers on high ports
Product: [Retired] Red Hat Linux Reporter: rbharani
Component: bindAssignee: Bernhard Rosenkraenzer <bero>
Severity: medium Docs Contact:
Priority: medium    
Version: 5.2   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 1999-09-02 16:58:11 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description rbharani 1999-04-12 22:17:20 UTC

I believe this to be the case with both bind 8 and bind 4,
when running as a caching nameserver.

Linux defaults to using high ports when querying the root
nameservers, as described in the DNS HOWTO.   The problem
comes when Linux boxes are behind firewalls that deny
connectionless traffic on high ports from the outside - in
other words, the firewalls filter out the DNS response from
the root nameservers.

Other operating systems (other *nixes too) make these
queries via UDP to and from 53.   This issue is causing us
some problems in my enterprise, due to the supurrious
firewall hits we're getting.

Can the default behavior please be modified such that these
queries go out on UDP 53.  Thanks!

Comment 1 Jeff Johnson 1999-09-02 16:58:59 UTC
This isn't going to be fixed in Red Hat 6.1. I'm preserving the
report by resolving to REMIND.