Open ports in Bind

JINMEI Tatuya / 神明達哉 Jinmei_Tatuya at
Mon Feb 2 23:19:56 UTC 2009

At Mon, 02 Feb 2009 22:32:17 +0330,
"Bind" <bind at> wrote:

> maybe my first question type was wrong,sorry for terrible!,my question is:
> when i run netstat -an,why my server has some stablished connection with its 
> own ip address through different source port to one client address?
> example:
>      Connected192. 
>      Connected192.      
> Connected
> does it mean that,,client [] at the time of 
> snapshot requests 3 dns queries from my server or something else?

These are most likely queries sent from a BIND9 caching server as part
of recursive name resolution.  They are not 'open' ports, but are
temporarily opened and connected to a specific remote server address
for a particular query.

> can we say the number of recursive-clients after run "rndc status" and
> the output of "netstat -an |grep 53 | wc" point to the same thing 
> (regardless of difference to running time)?

Not necessarily, because if named receives a same query from multiple
clients it combines the query and only sends one query to the remote
server.  Also, there are other queries internally sent from named.

JINMEI, Tatuya
Internet Systems Consortium, Inc.

More information about the bind-users mailing list