[Dnsmasq-discuss] DNS - ICMP - Destination unreachable (Port unreachable) ?

Simon Kelley simon at thekelleys.org.uk
Tue May 12 22:22:53 BST 2015


The most likely reason is that something opens a UDP port and sends the
query, and then gives up, or gets an answer from somewhere else, and
closes the UDP socket. When the answer comes back, there's nothing
listening on the destination port, so the kernel generates the ICMP port
unreachable message.

My money would be a on Web browser.

Cheers,

Simon.



On 12/05/15 18:35, Nikita N. wrote:
> Hi All,
> was wandering about those ICMP frames, which keep coming out always
> right after every Dnsmasq responses.
> What is their origin?
> What is their purpose?
> 
> Just to be sure what I'm talking about, here how it happens:
> 1) client (192.168.2.2) -> gateway (192.168.2.1), DNS Standard query
> about mylocalsite.com
> 2) gateway -> client, DNS Standard query response A 192.168.2.1
> (Wireshark "Request in" pointer is to #1)
> 3) client -> gateway, ICMP Destination unreachable (Port unreachable)
> (Wireshark "Request in" pointer is also to #1)
> 
> That ICMP frame has IPv4 section, Src: 192.168.2.2 (client), Dst:
> 192.168.2.1 (gateway)
> But the ICMP section shows the opposite, Src: 192.168.2.1, Dst:
> 192.168.2.2
> Whose UDP section, Src Port: 53 (53), Dst Port: 5xxxx
> 
> I googled around, and I can't see any ICMP echo ping preceding, so I
> don't understand where those ICMP are from, and/what are their purpose.
> Maybe are generated by Dnsmasq, as some kind of alternate DNS response?
> Maybe are generated by gateway linux kernel, as some kind of standard
> behavior?
> Maybe are generated by the client software/web browser?
> 
> Thanks
> 




More information about the Dnsmasq-discuss mailing list