Ports used during Zone transfers (9.0.1)
Robert Gahl
bgahl at bawcsa.org
Thu Dec 21 23:20:44 UTC 2000
At 02:42 PM 12/21/2000 -0800, Robert Gahl wrote:
>I have gotten 9.0.1 master and slave talking to one another as long as I
>don't have my standard access-list stuff in my router up. The minute I
>reinstate my filters, the two systems stop talking to one another. Here are
>the standard rules I have been using (legacy for 8.x bind):
>
>! DNS queries
>access-list 111 permit udp any any eq domain
>access-list 111 permit tcp 64.210.184.0 0.0.0.255 208.45.103.18 0.0.0.0 eq
>domain
>
>where the 64.210.184.0 network is where the master server lives. The slave
>lives in the 63.146.119.0 network. So, I added the following rule to allow
>the zone data to flow:
>
>access-list 111 permit tcp 64.210.184.0 0.0.0.255 63.146.119.0 0.0.0.255 eq
>domain
>
>but no go. And, since 9.0.1 doesn't really use named-xfer (at least,
>according to the docs it doesn't), I'm not entirely sure what is going on
>when a zone is transferred from the master to the slave.
>
>Does anyone have any information on what ports are used? I've tried
>snooping, but living behind a switch is making that problematic :(
I hate it when I make stupid errors. I had the IP addresses swapped. That
is, I had to-from rather than from-to.
Nevermind :(
And, the answer to my original question is that there was no difference:
port 53 still used for the initial inquiry.
===
Bob Gahl Bicycle (Ryan Vanguard) Mobile || @
ARPA/Internet: bgahl at bawcsa.org || !_ \
URL: http://www.bawcsa.org/bgahl/ || (*)-~--+--(*)
"Sahn joong moe low ful how jee yah ching wong" - "When the
mountain has no tigers, the monkey will also declare himself
king." Chinese Proverb
More information about the bind-users
mailing list