[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Resolver problems
2009/12/3 Robert Elz <kre%munnari.oz.au@localhost>:
> The only real problem here looks to be that the router is broken, and is
> sending its reply from the wrong port.
> Get the router fixed, there's no other good solution.
I can't deny that the router is at fault. Unfortunately I fear that
there is no chance of getting it fixed soon...
There seem to be (at least) two alternatives here:
1) Installation of a filtering DNS proxy on the NetBSD box which sends
NXDOMAIN replies to all AAAA queries.
2) Re-writing the source port number of the faulty UDP packets.
Any tips wrt solution 1?
Which configuration would be necessary for PF to do this? (i.e.: UDP +
sourceIP=192.168.2.1 + sourcePort=3072 + destinationIP=192.168.2.5 +
maybe_something_else -> sourcePort:=53)
Main Index |
Thread Index |