porttest.dns-oarc.net tests failing on patched versions?

etirado.ext at orange-ftgroup.com etirado.ext at orange-ftgroup.com
Fri Jul 11 08:18:16 UTC 2008



If you have Firewalls, you can check the NAT table and see how the ports are used. 

Sequentially for example, wich may explain that you have a POOR result.

Emmanuel @ ISP Orange FR 
 


-----Message d'origine-----
De : bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] De la part de Jeremy C. Reed
Envoyé : vendredi 11 juillet 2008 02:10
À : Carlos Vicente
Cc : bind-users at isc.org
Objet : Re: porttest.dns-oarc.net tests failing on patched versions?

On Thu, 10 Jul 2008, Carlos Vicente wrote:

> BIND 9.4.2-P1
> # dig +short porttest.dns-oarc.net TXT @localhost
> z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
> "x.x.x.x is POOR: 26 queries in 0.8 seconds from 1 ports with std dev 0.00"
> 
> 
> # named -v
> BIND 9.5.0-P1
> 
> # dig +short porttest.dns-oarc.net TXT @localhost
> z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
> "x.x.x.x is POOR: 26 queries in 0.9 seconds from 1 ports with std dev 0.00"
> 
> This is RHEL 5.2
> 
> Any hints?

query-source defines a specific port. Some vendors actually ship 
named.conf with that enabled that way. See your new named logging -- it 
should have a warning message about that.

If that isn't it, maybe some bad device beyond you is doing port 
translation.


*********************************
This message and any attachments (the "message") are confidential and intended solely for the addressees. 
Any unauthorised use or dissemination is prohibited.
Messages are susceptible to alteration. 
France Telecom Group shall not be liable for the message if altered, changed or falsified.
If you are not the intended addressee of this message, please cancel it immediately and inform the sender.
********************************


More information about the bind-users mailing list