[ale] still trying to figure it out

Jason Day jasonday at worldnet.att.net
Mon Aug 4 10:46:43 EDT 2003


On Mon, Aug 04, 2003 at 08:32:04AM -0400, Geoffrey wrote:
> Something else about this I've just noted.  Doesn't make sense to me, 
> but then again I don't know enough about this stuff.  The successful dns 
> query shows the following:
> 
> User Datagram Protocol, Src Port: 1024 (1024), Dst Port: domain (53)
> 
> Whereas the unsuccessful shows:
> 
> User Datagram Protocol, Src Port: 63002 (63002), Dst Port: domain (53)

I'm just guessing, but I believe the source port is a high number
because it's NAT'ed.  Your router needs to know who to route the reply
back to, and it does that by munging the source port and keeping track
of which source port belongs to which NAT'ed box.

Have you considered installing a caching nameserver on your
firewall/router?  I know at this point you want to figure out what is
wrong, and I can relate, but a caching nameserver seems like a good
idea.
-- 
Jason Day                                       jasonday at
http://jasonday.home.att.net                    worldnet dot att dot net
 
"Of course I'm paranoid, everyone is trying to kill me."
    -- Weyoun-6, Star Trek: Deep Space 9
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale





More information about the Ale mailing list