[Dnsmasq-discuss] DNS - ICMP - Destination unreachable (Port unreachable) ?

Nikita N. nikitan at operamail.com
Wed May 13 08:58:58 BST 2015 

Hi Albert,
thank you for your hints, I'm going to setup as you suggest, and see
what happens.

Anyway, you wrote something very interesting here:
> a DNS answer is always through IPv4, either over UDP or TCP.
TCP?? :)
Do you mean, I can send a TCP frame from port 53 to Dnsmasq with a DNS
query?
And I will receive a TCP frame from Dnsmasq with the DNS query response?

-- 
  Nikita N.
  nikitan at operamail.com


On Wed, May 13, 2015, at 12:43 AM, Albert ARIBAUD wrote:
> Hi Nikita,
> 
> Le Tue, 12 May 2015 23:49:55 -0700, "Nikita N." <nikitan at operamail.com>
> a écrit :
> 
> > Hi Simon,
> > thanks for the bet! :)
> > So if I'm understanding correctly, it is nothing related to Dnsmasq,
> > right?
> 
> Right.
> 
> > By your opinion, what is the purpose of such a ICMP/UDP frame sent from
> > src port 53?
> > Is that some kind of alternate DNS mechanism?
> > Is that anything standard behavior?
> 
> It is standard behaviour. ICMP(v4) is used as a signalling mechanism
> alongside IPv4 (e.g. for 'unreachable host' notifications)
> 
> > >> When the answer comes back, there's nothing listening on the destination port
> > 
> > I always see those ICMP at gateway side, so I guess the gateway must
> > have received at least that answer back.
> > Is that answer back supposed to be a simple UDP frame or another ICMP
> > frame?
> 
> ICMP is never used for application data; a DNS answer is always
> through IPv4, either over UDP or TCP.
> 
> > Also, client and gateway are on different machines, loopback is not
> > possible, why I can't see neither the UDP/ICMP answer back, nor the
> > query?
> > How would I set Wireshark, to sniff out those 2 mysterious UDP frame?
> 
> Ideally, running Wireshark on a dual-Ethernet machine inserted on the
> client's wire. In less ideal cases, run an instance of wireshark or
> tcpdump on the client and one on the server, capture to file with
> both, then fire two wireshark instances on any machine, have each one
> load a capture and compare them visually. 
> 
> Amicalement,
> -- 
> Albert.

-- 
http://www.fastmail.com - The professional email service

More information about the Dnsmasq-discuss mailing list