Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 9 Dec 2012 00:05:25 +0000 (UTC)
From:      Rene Ladan <rene@FreeBSD.org>
To:        doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org
Subject:   svn commit: r40310 - translations/nl_NL.ISO8859-1/books/faq
Message-ID:  <201212090005.qB905Pcb046377@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: rene
Date: Sun Dec  9 00:05:25 2012
New Revision: 40310
URL: http://svnweb.freebsd.org/changeset/doc/40310

Log:
  Somehow CVS revision 1.1100 was not merged in, fix this.

Modified:
  translations/nl_NL.ISO8859-1/books/faq/book.xml

Modified: translations/nl_NL.ISO8859-1/books/faq/book.xml
==============================================================================
--- translations/nl_NL.ISO8859-1/books/faq/book.xml	Sat Dec  8 23:51:04 2012	(r40309)
+++ translations/nl_NL.ISO8859-1/books/faq/book.xml	Sun Dec  9 00:05:25 2012	(r40310)
@@ -7503,23 +7503,30 @@ Key F15        A        A        Menu Wo
 
       <qandaentry>
 	<question id="extra-named-port">
-	  <para>BIND (<command>named</command>) is listening on port 53
-	    and some other high-numbered port.  What is going on?</para>
+	  <para>BIND (<command>named</command>) is listening on
+	    some other high-numbered ports.  What is going on?</para>
 	</question>
 
 	<answer>
 	  <para>BIND uses a random high-numbered port for outgoing
-	    queries.  If you want to use port 53 for outgoing queries,
-	    either to get past a firewall or to make yourself feel
-	    better, you can try the following in
-	    <filename>/etc/namedb/named.conf</filename>:</para>
-
-	  <programlisting>options {
-	query-source address * port 53;
-};</programlisting>
-
-	  <para>You can replace the <literal>*</literal> with a single
-	    IP address if you want to tighten things further.</para>
+	    queries.  Recent versions of it choose a new, random UDP
+	    port for each query.  This may cause problems for some
+	    network configurations, especially if a firewall blocks
+	    incoming UDP packets on particular ports.  If you want to
+	    get past that firewall, you can try the
+	    <literal>avoid-v4-udp-ports</literal> and
+	    <literal>avoid-v6-udp-ports</literal> options to avoid
+	    selecting random port numbers within a blocked range.</para>
+ 
+	  <warning>
+	    <para>If a port number (like 53) is specified via the
+	      <literal>query-source</literal> or
+	      <literal>query-source-v6</literal> options in
+	      <filename>/etc/namedb/named.conf</filename>, randomized
+	      port selection will not be used.  It is strongly
+	      recommended that these options not be used to specify
+	      fixed port numbers.</para>
+	  </warning>
 
 	  <para>Congratulations, by the way.  It is good practice to
 	    read your &man.sockstat.1; output and notice odd



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201212090005.qB905Pcb046377>