[nsd-users] NSD 4.12.0rc1 pre-release
A. Schulze
sca at andreasschulze.de
Fri Apr 18 21:28:09 UTC 2025
Am 17.04.25 um 09:58 schrieb Yorgos Thessalonikefs via nsd-users:
> Hi Andreas,
>
> On 16/04/2025 23:17, A. Schulze via nsd-users wrote:
>> 4. any chance, that https://github.com/NLnetLabs/nsd/pull/437 find it's way in 4.12?
>> a similar change in active in unbound-1.23.0rc2 and works well there.
> This change was heading to 4.12 but we pulled it because it was breaking software that implicitly sends the SOA probe over UDP.
> Maybe a more lenient approach should be used, but the change needs more development time at the moment; not something that could be addressed for this release cycle.
Hello Yorgos,
I added #437 to my build. It works, somehow...
I cannot imagine a scenario for any (resolver?) software to implicitly send a SOA probe over UDP to port 853 / not port 53
Could you clarify this, please?
There is also a difference to the same solution for that problem in unbound:
While "netstat -lnpu" does not show open UDP sockets for DoT and DoH on unbound, NSD is different:
"netstat -lnpu" shows an open Port for Do53 and DoT. Do53/UDP does timeout on Port 853, though.
It looks like #437 works very different the the code implemented in unbound.
Andreas
More information about the nsd-users
mailing list