[dnsdist] dnsdist restrict udp source port

Remi Gacogne remi.gacogne at powerdns.com
Thu May 11 10:35:45 UTC 2023

Hi Mahdi,

On 11/05/2023 10:47, Mahdi Adnan via dnsdist wrote:
>   Is it possible to restrict dnsdist to a certain port range, something 
> similar to what pdns have "udp-source-port-min, udp-source-port-max, 
> or udp-source-port-avoid"? I couldn't find such an option on the man 
> page or in the documentation.

I'm afraid there is no such option, dnsdist is relying on the operating 
system to get random source ports.
In theory you could set a source port in addition to an address in the 
'source' parameter of "newServer" when defining a backend and then only 
this port will be used to reach the backend, but this will not not work 
if you want to use more than one source port using the 'sockets' 
parameter, and more importantly will prevent dnsdist from opening more 
than one TCP connection to the backend which is very likely not what you 

Best regards,
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20230511/f75d0802/attachment.sig>

More information about the dnsdist mailing list