When receiving a response to a DNS query, does Unbound match the source ip of the response to the destination ip of the query and discard the response if they do not match? Does it match the ports?
I.e. apart from checking
query.transactionID == response.transactionID
does Unbound check for
query.destinationIP == response.sourceIP
and
query.destinationPort == response.sourcePort?
Can you point me to the function in the source code where this check does or does not happen?
Any help is appreciated.
Gesendet mit Telekom Mail - kostenlos und sicher für alle!
When receiving a response to a DNS query, does Unbound match the source ip
of the response to the destination ip of the query and discard the response
if they do not match? Does it match the ports?
I.e. apart from checking
query.transactionID == response.transactionID
does Unbound check for
query.destinationIP == response.sourceIP
and
query.destinationPort == response.sourcePort?
Yes, it does. Without such checks the cache could be trivially poisoned.
Could you help me locate these checks in the source code?
Hi,
When receiving a response to a DNS query, does Unbound match the source ip
of the response to the destination ip of the query and discard the response
if they do not match? Does it match the ports?
I.e. apart from checking
query.transactionID == response.transactionID
does Unbound check for
query.destinationIP == response.sourceIP
and
query.destinationPort == response.sourcePort?
Yes, it does. Without such checks the cache could be trivially poisoned.