Thursday 9 June 2016

Re: ANN: DNS resolver changes in yakkety

Martin Pitt [2016-05-31 22:45 +0200]:
> resolved, which you can probably do in the order of a minute. It does
> not use source port randomization though

I was wrong, resolved does do source port randomization. It creates a
new socket for every lookup, and since [1] (from 2007) the kernel
randomizes UDP source ports by itself. That isn't obvious at first
sight, so I missed it (and the guys on dns-operations@ too, I
presume).

Martin

[1] https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=32c1da70

--
Martin Pitt | http://www.piware.de
Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org)

--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel