DNS versus NAT ?
Tony Finch
dot at dotat.at
Thu Jun 13 08:59:18 UTC 2019
Ronald F. Guilmette via Unbound-users <unbound-users at nlnetlabs.nl> wrote:
>
> For the outbound DNS query packets, does the router re-jigger the orginal
> source port numbers so that they will (hopefully) not conflict and so that
> the DNS response packets, when they arrive, can be directed appropriately
> to one machine or the other?
Yes. The long version is RFC 4787.
> And if that is the case, then will my SOHO router catch fire if and when
> I elect to send out through it a set of 65536 or more separate DNS queries,
> all in rapid succession?
Almost certainly :-) Even quite big NAT boxes will get indigestion if you
put a lot of DNS traffic through them. In general it's best to keep
stateful middleboxes away from DNS servers. In your case you are probably
better off either setting up a DMZ at home (if they will give you multiple
IP addresses) or get a colo box for high volume DNS query traffic.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
North Utsire, South Utsire: Easterly, veering southeasterly, 5 to 7,
occasionally 4 at first. Slight or moderate, occasionally rough. Rain or
showers. Good, occasionally moderate.
More information about the Unbound-users
mailing list