Why is my server using a well known port as source port
Is it normal that my server is requesting 8.8.8.8 dns with 22/udp as source port? How can i get it to use unregistered ports only
Solution 1:
Is it normal that my server is requesting dns with 22/udp as source port?
No.
You would expect DNS queries from a client to use either:
-
a random ephemeral port (which you can adjust in
/proc/sys/net/ipv4/ip_local_port_range
but is typically 32769-60999) -
when no port randomization is used: UDP port 53