Report information
The Basics
Id:
41202
Status:
open
Priority:
Medium/Medium
Queue:
bind9-public
People
Owner:
Nobody in particular
Requestors:
Robert Edmonds <edmonds@debian.org>
Cc:
AdminCc:
BugTracker
Version Fixed:
(no value)
Version Found:
(no value)
Versions Affected:
(no value)
Versions Planned:
(no value)
Priority:
P3 Low
Severity:
S3 Low
CVSS Score:
(no value)
CVE ID:
(no value)
Component:
BIND Utilities
Area:
feature
Dates
Created:Mon, 30 Nov 2015 14:06:56 -0500
Updated:Fri, 07 Jul 2017 01:26:44 -0400
Closed:Not set

This bug tracker is no longer active.

Please go to our Gitlab to submit issues (both feature requests and bug reports) for active projects maintained by Internet Systems Consortium (ISC).

Due to security and confidentiality requirements, full access is limited to the primary maintainers.

History
  Mon, 30 Nov 2015 14:06:56 -0500 Robert Edmonds <edmonds@debian.org> - Ticket created
Subject: No IANA registration for port 953
Date: Mon, 30 Nov 2015 14:05:36 -0500
To: bind9-bugs@isc.org
From: "Robert Edmonds" <edmonds@debian.org>

Hi, BIND's default rndc port is 953, but I could not find an assignment for this in the IANA "Service Name and Transport Protocol Port Number Registry": http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.txt which shows that well-known ports 914-988 are unassigned. -- Robert Edmonds edmonds@debian.org
  Mon, 30 Nov 2015 15:24:00 -0500 Mark Andrews <marka@isc.org> - Correspondence added
Subject: Re: [ISC-Bugs #41202] No IANA registration for port 953
Date: Tue, 01 Dec 2015 07:23:56 +1100
To: bind9-bugs@isc.org
From: "Mark Andrews" <marka@isc.org>

This is deliberate. There is no need for a port to be registered for this as it is entirely private use. rndc.conf provides a adequate way to remember the port between invocations. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
Mon, 30 Nov 2015 15:24:00 -0500 The RT System itself - Status changed from 'new' to 'open'
  Mon, 30 Nov 2015 16:05:22 -0500 Evan Hunt <each@isc.org> - Correspondence added
CC:
Subject: Re: [ISC-Bugs #41202] No IANA registration for port 953
Date: Mon, 30 Nov 2015 21:05:21 +0000
To: "Mark Andrews via RT" <bind9-bugs@isc.org>
From: "Evan Hunt" <each@isc.org>

> This is deliberate. There is no need for a port to be registered > for this as it is entirely private use. rndc.conf provides a > adequate way to remember the port between invocations. However, our use of 953 as a default could be problematic if some other service came along which wanted to reserve that port. It wouldn't hurt to ask IANA to recognize the existing usage.
  Mon, 30 Nov 2015 16:17:05 -0500 Robert Edmonds <edmonds@debian.org> - Correspondence added
Subject: Re: [ISC-Bugs #41202] No IANA registration for port 953
Date: Mon, 30 Nov 2015 16:17:02 -0500
To: "Evan Hunt via RT" <bind9-bugs@isc.org>
From: "Robert Edmonds" <edmonds@debian.org>

Evan Hunt via RT wrote: > > This is deliberate. There is no need for a port to be registered > > for this as it is entirely private use. rndc.conf provides a > > adequate way to remember the port between invocations. > > However, our use of 953 as a default could be problematic if some other > service came along which wanted to reserve that port. It wouldn't hurt > to ask IANA to recognize the existing usage. Yes, in fact Unbound used to default to port 953 for *its* control port, following the BIND example, apparently on the assumption that no one would want to run BIND and Unbound (with default configs) on the same machine :-) When I prodded NLnetLabs about that issue, they went to IANA and were assigned port 8953 ("ub-dns-control"). It doesn't seem like there's much need for a daemon's control port to be in the "System Port" range. I also wonder if it makes sense to support AF_LOCAL sockets for the control socket, if you had no need to manage remote servers. (I believe the current rndc default is for named to bind to the loopback interface, so I suspect a lot of users only use rndc locally.) You could even avoid cryptographic authentication entirely and rely only on Unix filesystem permissions for access control. -- Robert Edmonds edmonds@debian.org
Wed, 02 Dec 2015 13:17:12 -0500 Vicky Risk <vicky@isc.org> - Queue changed from #6 to #3
Wed, 02 Dec 2015 13:17:13 -0500 Vicky Risk <vicky@isc.org> - Priority P3 Low added
Wed, 02 Dec 2015 13:17:13 -0500 Vicky Risk <vicky@isc.org> - Severity S3 Low added
Tue, 12 Jan 2016 10:47:48 -0500 Stephen Morris <stephen@isc.org> - Area feature added
Tue, 12 Jan 2016 10:47:48 -0500 Stephen Morris <stephen@isc.org> - Component BIND Utilities added
Fri, 07 Jul 2017 01:26:44 -0400 Vicky Risk <vicky@isc.org> - Queue changed from #3 to bind9-public