Maintained by: NLnet Labs

[Unbound-users] no local port randomization ?

Paul Wouters
Tue Jul 9 19:18:15 CEST 2013


On Wed, 10 Jul 2013, shmick at riseup.net wrote:

> im not achieving any local port randomization whatsoever

What are your settings for outgoing-range: and outgoing-port-permit: ?

> in my config i have 0x20 enabled and 3 outgoing interfaces. Must i have
> 4 outgoing interfaces to enable local port randomization ?

While having multiple IPs/interfaces adds to the randomization of source
address, it should be independant of the port randomization.

> essentially the range of local ports is tiny - probably no more than 100
> according to 2 different tests performed

Are you behind a NAT that's causing your ports to get NATed
sequentially?

Paul