Strange message in log

[Paul Vixie]

> > It means that 149.174.211.13 is a machine with multiple IP addresses, and
> > it's running an ancient version of BIND that doesn't ensure that replies
> > come from the same address that the query was sent to.  Your server sent a
> > query to one of its other addresses, but since the response came from a
> > different address, it's being ignored (as far as your server is concerned,
> > it looks like someone spoofing a DNS reply).

it's sunos, either 3.x or 4.x.  ntpd and tftp simply did not work on those
platforms when multihoming was in use, unless you could actually send your
packet to the same interface that it would use to get back to you.  nfs and
rpc were fairly insensitive to the source address of replies back then, so
sun didn't notice it.  there was nothing BIND could do about it -- no matter
what interface address you bound your socket() to, your udp packets would be
sent using the outbound interface's source address.  "pfaa."