From owner-freebsd-questions@FreeBSD.ORG Fri Sep 27 23:20:08 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 360C9F66 for ; Fri, 27 Sep 2013 23:20:08 +0000 (UTC) (envelope-from kudzu@tenebras.com) Received: from mail-ob0-f176.google.com (mail-ob0-f176.google.com [209.85.214.176]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 024AB21B0 for ; Fri, 27 Sep 2013 23:20:07 +0000 (UTC) Received: by mail-ob0-f176.google.com with SMTP id uy5so3689525obc.35 for ; Fri, 27 Sep 2013 16:20:01 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=zdMfyu5+HN+4U/GNySaItFi5Rj/wznzxjU1V8n8yq6U=; b=jgR5eHJ6ZZ3E7O9IoU73/69puufn1gvqvfqx+JqYlLG0w0thI77s3C/JlZ6ODkVp8a /yd8vPVDUgBZe0Snd7RuO4t64Yx4ODKi8sm7gvsE3n/QFMI2ytBlpySlEGuCagy3h2+O AkofHFumwdx8MuiUqZ6G68TSuctadY+8/O60s2SF80cBD2JSll5/SBkCnVvLnBxDCwHI +JdCA+jzIzny999Gt5rPwtaAlY+VCAySxxi/xnevD+eYy64KmFNNEeNr5Ry4tDnoPwSv QyXm4j3sBWxeaIEdhachjX3NR0C2AZCTFOTk7JrFYCCLxRjYPj9h6BDZtGwQghqCET/S 5wMw== X-Gm-Message-State: ALoCoQmURBMa4V5Nd2Has0PF0A7hYn580m4Rp8lOAJ0eoKAYORg/V0o3rZqkxJa0QgqWWOeKqMKt MIME-Version: 1.0 X-Received: by 10.182.121.137 with SMTP id lk9mr8052553obb.32.1380324001441; Fri, 27 Sep 2013 16:20:01 -0700 (PDT) Received: by 10.60.21.69 with HTTP; Fri, 27 Sep 2013 16:20:01 -0700 (PDT) In-Reply-To: <524610BE.4020904@fjl.co.uk> References: <5245CC59.5060204@laposte.net> <524600CF.3040609@fjl.co.uk> <13463C66-C15D-48E0-B926-CA0BF6580CAD@elde.net> <524610BE.4020904@fjl.co.uk> Date: Fri, 27 Sep 2013 16:20:01 -0700 Message-ID: Subject: Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53 From: Michael Sierchio To: "freebsd-questions@freebsd.org" Content-Type: text/plain; charset=ISO-8859-1 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Sep 2013 23:20:08 -0000 On Fri, Sep 27, 2013 at 4:11 PM, Frank Leonhardt wrote: > On 27/09/2013 23:08, Terje Elde wrote: >> >> On 28. sep. 2013, at 00:03, Frank Leonhardt wrote: >> >>> If I understand the way it works correctly, the resolver pulls a list of >>> the NS and hard-sets the port number for each to 53 (via a manifest >>> constant) . See libc/resolv/res_init.c. All you need to do(!) is change this >>> to a value of your choice and recompile libc >> >> Sorry, but this is startin to look a lot like a complicated solution to a >> problem that isn't really there... >> > It was more of an explanation as to /why/ it's not easy to do what asked in > the original reasonable-sounding question. Beg to differ. The question isn't reasonable. There's no point in having a dns recursive resolver listening on a port other than the one that clients will contact it on. Far better to have the authoritative server listen on 127.53.0.1 and use the routable address for the cache, which can forward requests for the authoritative server when appropriate. - M