query problem ?? - B root Server
Ronan Flood
ronan at noc.ulcc.ac.uk
Tue Feb 22 17:56:31 UTC 2005
"rene mathis" <rene at solosaina.ch> wrote:
> I also tried out to force the source port for queries to be 53.
> The reason is that if there were responses from b.root-servers.net they came
> to a high port (the same as the source port) and from another ip adress
> (192.228.79.200/2/3) than the query was sent to (192.228.79.201). And so the
> answer from the root server was dropped by our firewall. Since I have changed
> the source port to be 53, the response comes back to port 53 as well and it
> gets through our firewall.
Interesting, I see blocked UDP from 192.228.79.200/2/3 port 53
in my firewall logs.
> Maybe there are better solutions for this problem?
Should b.root-servers.net be doing this? Even getting past the
firewall, I'd expect the receiving resolver to drop the response
as coming from an unexpected source.
--
Ronan Flood <R.Flood at noc.ulcc.ac.uk>
working for but not speaking for
Network Services, University of London Computer Centre
(which means: don't bother ULCC if I've said something you don't like)
More information about the bind-users
mailing list