Problem with 2 named's running on one Linux box.
Steve Cooper
scooper at allegro.com
Wed Dec 15 22:10:33 UTC 1999
Here is our situation:
We have one Red Hat 6.1 Linux box running both an internal name server
(on port 53) and and external name server (on port 5353), running a
current version of Bind 8.X. The Internic shows our two name servers as
NS's belonging to our ISP. These two boxes are set up as slaves,
pointing to our Linux box, port 5353, as the master. Our Cisco router
is blocking in-coming port 53 requests to the Linux box, but allowing
in-coming port 5353 requests from our ISP's systems.
Our ISP claims that this will not work. They say that zone transfers
will occur over port 5353, but SOA requests will still come in (or try
to) over port 53 and this is not configurable. So, the slave servers
are currently unable to see if the serial number has changed, so they
never initiate a zone transfer.
Is this correct? Do we have to open port 53 in the Cisco to allow this
to work? If so, how do we allow SOA questions, but not general NS
questions on port 53?
Thanks for your help.
More information about the bind-users
mailing list