multiple queries on same ip/port quad

Mark Andrews Mark_Andrews at isc.org
Mon Feb 23 20:48:09 UTC 2004 

> Is DNS supposed to be able to cope with a resolver asking a nameserver
> several UDP questions in quick succession using the same
> src-ip/dest-ip/src-port/dest-port quad?
> 
> I'm seeing a case where BIND 9.2.3 appears to be turning a deaf ear
> when the sender slips up and doesn't allocate a fresh src-port for
> each query.
> 
> This issue turned out to be the reason why galeon and mozilla would
> hang on netbsd-current.  If one clicked on a bunch of url's in quick
> succession, requesting that the pages all be put in different tabs,
> mozilla and galeon would just indicate "loading" forever.  When things
> worked well (eg. the clicks were spaced far enough apart in time), the
> resolver would allocate the next ephemeral port, one number lower than
> the last one for its source port.  When things got hot and heavy, the
> resolver would sometimes create the UDP socket and then switch
> threads.  The next thread would also require a UDP socket, find one
> open and use it.  The net effect was that several DNS queries would go
> out the same socket.  Even though each DNS query had a unique DNS
> transaction id, Bind would ignore all of the queries.  Now granted the
> ancient netbsd resolver could use some updating to make it
> thread-safe, but the question still remains, should Bind have been
> able to field the queries?

	I suspect that you are mis-analysising the situation.  There
	are lots of applications (including named itself when
	forwarding) that re-use the same udp socket when making
	recursive queries to named without waiting for response
	then de-muxing based in id.

	Do you have a stateful firewall between the resolver and
	named that looks at the DNS transaction id?

	Mark
	
> 
> -wolfgang
> -- 
> Wolfgang S. Rupprecht 		     http://www.wsrcc.com/wolfgang/
>        The above "From:" address is valid.  Don't mess with it.
> Gripe to your senators about spam:  http://www.wsrcc.com/spam/senators.html
> 
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list