copying the question section

James Ralston qralston+ml.bind-workers at andrew.cmu.edu
Fri Aug 9 21:40:57 UTC 2002


On Tue, 6 Aug 2002, Josh Littlefield wrote:
> I think RFC2181, sec. 4.1 already updates this part of RFC1035 to
> say that the source IP address must be the address to which the
> query was sent (unless that would be an illegal source address).

I checked, and you are correct; my bad.  Specifically, RFC2181 states:

    4.1. UDP Source Address Selection

    To avoid these problems, servers when responding to queries using
    UDP must cause the reply to be sent with the source address field
    in the IP header set to the address that was in the destination
    address field of the IP header of the packet containing the query
    causing the response.  If this would cause the response to be sent
    from an IP address that is not permitted for this purpose, then
    the response may be sent from any legal IP address allocated to
    the server.  That address should be chosen to maximise the
    possibility that the client will be able to use it for further
    queries.  Servers configured in such a way that not all their
    addresses are equally reachable from all potential clients need
    take particular care when responding to queries sent to anycast,
    multicast, or similar, addresses.

"You are in a twisty maze of RFCs, all updating each other..."

-- 
James Ralston, Information Technology
Software Engineering Institute
Carnegie Mellon University, Pittsburgh, PA, USA



More information about the bind-workers mailing list