<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body style="overflow-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;"><div>Hi,</div><div><br></div><div>in line with out deprecation policy, I am notifying the mailing list about our preliminary</div><div>intent to deprecate the definition of the source ports and rely on the operating system</div><div>to provide reasonable ephemeral port range for outgoing UDP and TCP connections.</div><div><br></div><div>Specifying outgoing ports is a bad practice, it's already discouraged, it's prone to errors</div><div>(it's not only specifying single port, but specifying not enough ports removes a layer</div><div>of protection) and is already full of caveats like:</div><div><br></div><div><div> .. note:: The address specified in the :any:`query-source` option is used for both</div><div> UDP and TCP queries, but the port applies only to UDP queries. TCP</div><div> queries always use a random unprivileged port.</div></div><div><br></div><div><div> .. warning:: Specifying a single port is discouraged, as it removes a layer of</div><div> protection against spoofing errors.</div><div><br></div><div> .. warning:: The configured :term:`port` must not be the same as the listening port.</div></div><div><br></div><div>The deprecation will include:</div><div><br></div><div>* specifying **port** in following statements:</div><div> - `query-source`</div><div> - `query-source-v6`</div><div> - `transfer-source`</div><div> - `transfer-source-v6`</div><div> - `notify-source`</div><div> - `notify-source-v6`</div><div> - `parental-source`</div><div> - `parental-source-v6`</div><div>* following statements as whole:</div><div> - `use-v4-udp-ports`</div><div> - `use-v6-udp-ports`</div><div> - `avoid-v4-udp-ports`</div><div> - `avoid-v6-udp-ports`</div><div><br></div><div>These options will be marked as deprecated in BIND 9.20[1][2] and removed in BIND 9.22[3].</div><div><br></div><div>1. BIND 9.20 will be released early 2024</div><div>2. Most probably we will also enable the warning in BIND 9.18 to notify users</div><div>that skip versions.</div><div>3. BIND 9.22 will be release in early 2026</div><div><br></div>Ondrej<br><div>
<meta charset="UTF-8"><div dir="auto" style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;"><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;"><div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;"><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px;">--</div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px;">Ondřej Surý (He/Him)</div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px;">ondrej@isc.org</div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px;"><br></div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px;">My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.</div></div></div></div>
</div>
<br></body></html>