Maintained by: NLnet Labs

matching the source ip and port

pm8pm8 at t-online.de
Fri Aug 19 23:53:44 CEST 2016


Could you help me locate these checks in the source code?


Hi,

> When receiving a response to a DNS query, does Unbound match the source ip 
> of the response to the destination ip of the query and discard the response 
> if they do not match? Does it match the ports?
> I.e. apart from checking
> query.transactionID == response.transactionID
> does Unbound check for
> query.destinationIP == response.sourceIP
> and
> query.destinationPort == response.sourcePort?

Yes, it does. Without such checks the cache could be trivially poisoned.

--
Anand


----------------------------------------------------------------
Gesendet mit Telekom Mail <https://t-online.de/email-kostenlos> - kostenlos und sicher für alle!