On 30/10/2019 02:33, Aaron D. Gifford wrote:
On a FreeBSD system running PowerDNS authoritative server 4.2.0, I
noticed this:
# sockstat -4
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
root pdns_serve 40055 4 udp4 192.168.50.12:53
<http://192.168.50.12:53> *:*
root pdns_serve 40055 6 tcp4 192.168.50.12:53
<http://192.168.50.12:53> *:*
root pdns_serve 40055 8 tcp4 192.168.50.12:55401
<http://192.168.50.12:55401> 127.0.0.1:3306 <http://127.0.0.1:3306>
root pdns_serve 40055 9 tcp4 192.168.50.12:54277
<http://192.168.50.12:54277> 127.0.0.1:3306 <http://127.0.0.1:3306>
root pdns_serve 40055 16 udp4 192.168.50.12:19413
<http://192.168.50.12:19413> *:*
...
Why is it listening on UDP port 19413? I thought I'd disabled various
subsystems that might want to listen on a TCP or UDP port.
If you restart pdns I think you'll find it binds to a different random
port, which almost certainly means it's a socket which has been created
for the purpose of sending *outbound* UDP packets. I see the same here:
$ sudo netstat -naup | grep pdns
udp 0 0 0.0.0.0:53 0.0.0.0:*
17497/pdns_server
udp 0 0 0.0.0.0:12579 0.0.0.0:*
17497/pdns_server
udp6 0 0 :::53 :::*
17497/pdns_server
udp6 0 0 :::11846 :::*
17497/pdns_server
$ sudo systemctl restart pdns
$ sudo netstat -naup | grep pdns
udp 0 0 0.0.0.0:53 0.0.0.0:*
12560/pdns_server
udp 0 0 0.0.0.0:17662 0.0.0.0:*
12560/pdns_server
udp6 0 0 :::53 :::*
12560/pdns_server
udp6 0 0 :::16544 :::*
12560/pdns_server
Although pdns auth no longer has a recursor option, and I have
expand-alias turned off, I suspect it is for sending NOTIFY packets.
Anyway, it's not a listening port, so you don't need to worry about it.
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
