Author: Nick Chalk Date: To: hampshire Subject: [Hampshire] Are UDP responses allowed from a different source port?
One for the network gurus.
I have a Linux device that's monitoring two SIP
servers. The health check method is to connect to
port 5060/udp on each server, issue an OPTIONS
command, then listen for a successful response.
These health checks always succeed on one server,
and always fail on the other. A packet dump shows
that the successful server responds from 5060/udp;
the failing server allocates a high port - around
50000/udp - for its response. Both servers are
sending success responses.
The packet trace shows a UDP SIP request from the
Linux box, to 5060/udp on the failing SIP server.
There's then a successful SIP response from the
server, to the correct destination port on the
Linux box, from the newly-allocated high port. The
Linux box then responds with an ICMP Destination
Port Unreachable.
So, the question is whether this is correct
behaviour on the part of the Linux box. I've yet
to find a reference to UDP that mentions filtering
on the source port of a datagram. The destination
port obviously has to be correct, but I'm unclear
on whether the source port also has to match.
Has anyone seen this behaviour before? Any
references?
Thanks,
Nick.
--
Nick Chalk ................. once a Radio Designer
Confidence is failing to understand the problem.
