Incorrect work with DNS

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Incorrect work with DNS

macach
Hello

I have noticed some strange requests to DNS and unused persistent connections to DNS
IP 127.0.0.1.36426 > 127.0.0.1.53: 61459+ SRV? _stun._udp.stun.antisip.com. (45)
IP 127.0.0.1.44172 > 127.0.0.1.53: 36283+ SRV? _stun._udp.stun.antisip.com. (45)
IP 127.0.0.1.44201 > 127.0.0.1.53: 50026+ SRV? _stun._udp.stun.antisip.com. (45)
IP 127.0.0.1.58385 > 127.0.0.1.53: 36417+ A? linphone.org. (30)
IP 127.0.0.1.53 > 127.0.0.1.58385: 36417 1/0/0 A 5.135.31.160 (46)
IP 127.0.0.1.35924 > 127.0.0.1.53: 17568+ SRV? _sips._tcp.sip.linphone.org. (45)
IP 127.0.0.1.53 > 127.0.0.1.35924: 17568 3/0/2 SRV sip6.linphone.org.:443 20 100, SRV sip1.linphone.org.:5223 10 100, SRV sip6.linphone.org.:5223 0
100 (147)
IP 127.0.0.1.45788 > 127.0.0.1.53: 9850+ SRV? _sips._tcp.sip.antisip.com. (44)
IP 127.0.0.1.53 > 127.0.0.1.45788: 9850 2/0/1 SRV sip.antisip.com.:5061 0 100, SRV sip.antisip.com.:9091 0 100 (100)
IP 127.0.0.1.42058 > 127.0.0.1.53: 34596+ A? sip.antisip.com. (33)
IP 127.0.0.1.53 > 127.0.0.1.42058: 34596 1/0/0 A 91.121.30.149 (49)
IP 127.0.0.1.59776 > 127.0.0.1.53: 58822+ A? sip.antisip.com. (33)
IP 127.0.0.1.53 > 127.0.0.1.59776: 58822 1/0/0 A 91.121.30.149 (49)
IP 127.0.0.1.41728 > 127.0.0.1.53: 57014+ A? sip6.linphone.org. (35)
IP 127.0.0.1.53 > 127.0.0.1.41728: 57014 1/0/0 A 54.37.202.229 (51)
IP 127.0.0.1.42457 > 127.0.0.1.53: 16800+ A? sip1.linphone.org. (35)
IP 127.0.0.1.53 > 127.0.0.1.42457: 16800 1/0/0 A 91.121.209.194 (51)
IP 127.0.0.1.58936 > 127.0.0.1.53: 10223+ A? sip6.linphone.org. (35)
IP 127.0.0.1.53 > 127.0.0.1.58936: 10223 1/0/0 A 54.37.202.229 (51)
IP 127.0.0.1.59617 > 127.0.0.1.53: 18760+ A? example.org. (29)
IP 127.0.0.1.53 > 127.0.0.1.59617: 18760 1/0/0 A 93.184.216.34 (45)
IP 127.0.0.1.59082 > 127.0.0.1.53: 17524+ A? example.org. (29)
IP 127.0.0.1.53 > 127.0.0.1.59082: 17524 1/0/0 A 93.184.216.34 (45)
IP 127.0.0.1.52658 > 127.0.0.1.53: 47851+ A? ipv4only.arpa. (31)
IP 127.0.0.1.53 > 127.0.0.1.52658: 47851 2/0/0 A 192.0.0.171, A 192.0.0.170 (63)
IP 127.0.0.1.38856 > 127.0.0.1.53: 61459+ SRV? _stun._udp.stun.antisip.com. (45)
IP 127.0.0.1.47879 > 127.0.0.1.53: 36283+ SRV? _stun._udp.stun.antisip.com. (45)
IP 127.0.0.1.44295 > 127.0.0.1.53: 50026+ SRV? _stun._udp.stun.antisip.com. (45)
IP 127.0.0.1.52809 > 127.0.0.1.53: 61459+ SRV? _stun._udp.stun.antisip.com. (45)
IP 127.0.0.1.39400 > 127.0.0.1.53: 36283+ SRV? _stun._udp.stun.antisip.com. (45)
IP 127.0.0.1.47625 > 127.0.0.1.53: 50026+ SRV? _stun._udp.stun.antisip.com. (45)
IP 127.0.0.1.53 > 127.0.0.1.52809: 61459 NXDomain 0/1/0 (90)
IP 127.0.0.1.53 > 127.0.0.1.39400: 36283 NXDomain 0/1/0 (90)
IP 127.0.0.1.53 > 127.0.0.1.47625: 50026 NXDomain 0/1/0 (90)
IP 127.0.0.1.37585 > 127.0.0.1.53: 20822+ A? stun.antisip.com. (34)
IP 127.0.0.1.53 > 127.0.0.1.37585: 20822 1/0/0 A 91.121.30.149 (50)
IP 127.0.0.1.35823 > 127.0.0.1.53: 64624+ A? stun.antisip.com. (34)
IP 127.0.0.1.53 > 127.0.0.1.35823: 64624 1/0/0 A 91.121.30.149 (50)
IP 127.0.0.1.46346 > 127.0.0.1.53: 32288+ A? stun.antisip.com. (34)
IP 127.0.0.1.53 > 127.0.0.1.46346: 32288 1/0/0 A 91.121.30.149 (50)
IP 127.0.0.1.53 > 127.0.0.1.36426: 61459 NXDomain 0/1/0 (90)
IP 127.0.0.1.53 > 127.0.0.1.44201: 50026 NXDomain 0/1/0 (90)
IP 127.0.0.1.53 > 127.0.0.1.44172: 36283 NXDomain 0/1/0 (90)
IP 127.0.0.1.53 > 127.0.0.1.38856: 61459 NXDomain 0/1/0 (90)
IP 127.0.0.1.53 > 127.0.0.1.47879: 36283 NXDomain 0/1/0 (90)
IP 127.0.0.1.53 > 127.0.0.1.44295: 50026 NXDomain 0/1/0 (90)


IP 127.0.0.1.36426 > 127.0.0.1.53: 61459+ SRV? _stun._udp.stun.antisip.com. (45)
Was asked 9 times, but I do not have "_stun._udp.stun.antisip.com" in my config. I set stun server to be "stun.antisip.com".

stun.antisip.com - asked 3 times.

What are these and how it is related to application:
ipv4only.arpa.
example.org

What are these permanent connections to my DNS proxy used for?

udp        0      0 127.0.0.1:41728         127.0.0.1:53            ESTABLISHED 2189/AppRun.wrapped
udp        0      0 127.0.0.1:42058         127.0.0.1:53            ESTABLISHED 2189/AppRun.wrapped
udp        0      0 127.0.0.1:42457         127.0.0.1:53            ESTABLISHED 2189/AppRun.wrapped
udp        0      0 127.0.0.1:58936         127.0.0.1:53            ESTABLISHED 2189/AppRun.wrapped
udp        0      0 127.0.0.1:59776         127.0.0.1:53            ESTABLISHED 2189/AppRun.wrapped

Thank you.

_______________________________________________
Linphone-users mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/linphone-users