svn commit: r40310 - translations/nl_NL.ISO8859-1/books/faq

Rene Ladan rene at
Sun Dec 9 00:05:26 UTC 2012

Author: rene
Date: Sun Dec  9 00:05:25 2012
New Revision: 40310

  Somehow CVS revision 1.1100 was not merged in, fix this.


Modified: translations/nl_NL.ISO8859-1/books/faq/book.xml
--- translations/nl_NL.ISO8859-1/books/faq/book.xml	Sat Dec  8 23:51:04 2012	(r40309)
+++ translations/nl_NL.ISO8859-1/books/faq/book.xml	Sun Dec  9 00:05:25 2012	(r40310)
@@ -7503,23 +7503,30 @@ Key F15        A        A        Menu Wo
 	<question id="extra-named-port">
-	  <para>BIND (<command>named</command>) is listening on port 53
-	    and some other high-numbered port.  What is going on?</para>
+	  <para>BIND (<command>named</command>) is listening on
+	    some other high-numbered ports.  What is going on?</para>
 	  <para>BIND uses a random high-numbered port for outgoing
-	    queries.  If you want to use port 53 for outgoing queries,
-	    either to get past a firewall or to make yourself feel
-	    better, you can try the following in
-	    <filename>/etc/namedb/named.conf</filename>:</para>
-	  <programlisting>options {
-	query-source address * port 53;
-	  <para>You can replace the <literal>*</literal> with a single
-	    IP address if you want to tighten things further.</para>
+	    queries.  Recent versions of it choose a new, random UDP
+	    port for each query.  This may cause problems for some
+	    network configurations, especially if a firewall blocks
+	    incoming UDP packets on particular ports.  If you want to
+	    get past that firewall, you can try the
+	    <literal>avoid-v4-udp-ports</literal> and
+	    <literal>avoid-v6-udp-ports</literal> options to avoid
+	    selecting random port numbers within a blocked range.</para>
+	  <warning>
+	    <para>If a port number (like 53) is specified via the
+	      <literal>query-source</literal> or
+	      <literal>query-source-v6</literal> options in
+	      <filename>/etc/namedb/named.conf</filename>, randomized
+	      port selection will not be used.  It is strongly
+	      recommended that these options not be used to specify
+	      fixed port numbers.</para>
+	  </warning>
 	  <para>Congratulations, by the way.  It is good practice to
 	    read your &man.sockstat.1; output and notice odd

More information about the svn-doc-all mailing list