dns query id not changing

Mark Andrews Mark_Andrews at isc.org
Thu Dec 16 21:31:34 UTC 2004


> Hello,
> 
> I am experiencing an issue on redhat 8 with the resolver where the
> "Transaction ID" in the dns query is not changing.  This is causing our
> firewall to drop packets b/c a second dns request is coming in with the
> same udp port, ip, and transaction id.  The firewall still has the
> first dns request in its state table and is causing the firewall to
> drop the susequent packets due to this.
> 
> Has anyone encountered this issue (possibly the resolver in glibc 2.2?)
> and know if there is a workaround?
> 
> thanks
> adam

	Get a decent firewall.  The transaction ID is allowed
	(expected) to be the same on retries of an query.  A firewall
	which blocks this is broken.

--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org



More information about the bind-users mailing list