no port randomization with dig over IPv6 on mac os

神明達哉 jinmei at wide.ad.jp
Fri Dec 7 17:36:47 UTC 2018


At Fri, 7 Dec 2018 08:48:36 -0800,
Warren Kumari <warren at kumari.net> wrote:

> > * Jakob Dhondt:
> >
> > > I have just noticed that when using dig (different versions) on Mac OS
> > > (High Sierra) over IPv6 the source port is not randomized.
>
>
> Hmmm. I’d never noticed that, but I certainly wouldn’t have expected it -
> I’m also wondering *how* it is doing this — to increment by 2 it sounds
> like there is state being kept - perhaps dig simply relies on the kernel
> for the source port and isn’t randomizing at all ( and so the difference
is
> actually OS difference, and not dig differences?

dig directly uses a lower-level network API and handles anything above
it by itself (I guess that's because it wants to handle some invalid
cases like QID mismatch), so it's not surprising that it simply leaves
things like port randomization to the OS kernel.  I don't know if it
intentionally skips randomization, though - probably not, but that
doesn't matter much in practice either.

--
JINMEI, Tatuya
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20181207/8ffd2588/attachment.html>


More information about the bind-users mailing list