Re: [Fed-Talk] OS X chatting with DNS server via port 5353
Re: [Fed-Talk] OS X chatting with DNS server via port 5353
- Subject: Re: [Fed-Talk] OS X chatting with DNS server via port 5353
- From: Michael <email@hidden>
- Date: Thu, 15 Mar 2007 09:18:48 -0400
On Mar 15, 2007, at 8:58 AM, Neal Emerald wrote:
Port 5353 is for multicast DNS - which is part of Bonjour.
For a list of ports used by Apple applications:
http://docs.info.apple.com/article.html?artnum=106439
Yes, I know port 5353 is Bonjour but why does OS X need to chat with
the defined DNS servers as part of Bonjour. It's not looking up
hostnames when it's doing this. I have not been able to find away to
cleanly disable this. On a home system why would I want my house
systems to be chatting with the ISP's DNS servers?
In many fed. environments we don't like systems that chat a lot and
advertise their presence to everyone especially outside our local
subnet, i.e. the local subnet means we have a netmask of
255.255.254.0 covering one or two buildings and our DNS servers are
outside that range.
** If our networking people were to directly block this traffic like
they do 135-139 then OS X would throw continual errors.
Michael
On Mar 15, 2007, at 8:54 AM, Michael wrote:
Why does OS X continually chat with your DNS server via port 5353?
I have verified that this is not DNS lookups, i.e. I lose no
functionally when I block this traffic; however, depending on how
this traffic is blocked my logs fill up with different types of
messages.
I gather OS X is trying to advertise to the DNS server what
services it offers. This is something that should be possible to
turn off without creating megabytes of logs.
Michael
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden