Hi,

What is the allowed UDP port range from which a client may execute DNS queries?

I tought that it is at least from 1024 up to 65535 inclusive.
I found sime sites where the DNS queries are timing out if they come from port
1024. (For example: network54.com).
Is this a firewall configuration issue somewhere (may be at network54.com, or on my site, or one of the ISP's site)?

I do not really think it is on my side since most of the DNS resolution is successfull for other domains.

The http://www.squish.net/dnscheck/ is a great tool, thanks a lot for that.
Is it possible to have an update on this tool to make the DNS query source
port configurable?

Hi,

Most of the DNS servers and resolver library going to be updated due to the yesterday's disclosure of the weak security of DNS protocol against of the DNS cache poisoning attack via spoofed answer packets. Since the cryptographically strong randomization of the source port is a used workaround to improve on that security problem, it is going to be even more difficult to debug DNS related problems if a router blocks the IP packets if their source port is outside of a given arbitrary range. Is it possible to improve on the web interface to optionally fix the source port for the query? That would greatly improve on the dnscheck tool.

Bests,
Attila