Name Server Question
Barry Margolin
barmar at alum.mit.edu
Mon Jan 1 06:15:21 UTC 2007
In article <en9s7l$24kp$1 at sf1.isc.org>, seekuel <seekuel at gmail.com>
wrote:
> On 12/30/06, Barry Margolin <barmar at alum.mit.edu> wrote:
> > My guess is that your firewall is only allowing DNS out to your ISP's
> > server. When you use your own server, it tries to send DNS to the root
> > servers, and this is being blocked by the firewall.
> Is there any way to determine this issue? UDP port 53 is open but TCP is
> closed.
You should open both, although most of the time it should only need UDP.
You're talking about OUTBOUND, right? The source port of these outbound
queries is a high-numbered port. Your firewall should allow "from
1024-65535 to 53" outbound. Can you check the firewall's log to see if
it's blocking anything to or from the nameserver?
P.S. Please don't top-post, it gets the conversation out of order.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list