[Unbound-users] no local port randomization ?
shmick at riseup.net
shmick at riseup.net
Fri Jul 19 17:29:35 UTC 2013
hello paul,
Paul Wouters:
> On Wed, 10 Jul 2013, shmick at riseup.net wrote:
>
>> im not achieving any local port randomization whatsoever
>
> What are your settings for outgoing-range: and outgoing-port-permit: ?
outgoing-range: 8192
outgoing-port-permit: 1024-65535
>
>> in my config i have 0x20 enabled and 3 outgoing interfaces. Must i have
>> 4 outgoing interfaces to enable local port randomization ?
>
> While having multiple IPs/interfaces adds to the randomization of source
> address, it should be independant of the port randomization.
>
>> essentially the range of local ports is tiny - probably no more than 100
>> according to 2 different tests performed
>
> Are you behind a NAT that's causing your ports to get NATed
> sequentially?
my unbound:
Version 1.4.20
linked libs: libevent 2.0.21-stable (it uses epoll), ldns 1.6.16,
OpenSSL 1.0.1 14 Mar 2012
linked modules: validator iterator
configured for x86_64-unknown-linux-gnu on Fri Jul 19 07:05:39 EST 2013
with options: '--with-ldns' '--with-libevent'
connected to LAN cable
not sure how any middleware would be mangling this - any suggestions ?
>
> Paul
>
More information about the Unbound-users
mailing list