Ports used during Zone transfers (9.0.1)
Robert Gahl
bgahl at bawcsa.org
Thu Dec 21 22:42:57 UTC 2000
I have gotten 9.0.1 master and slave talking to one another as long as I
don't have my standard access-list stuff in my router up. The minute I
reinstate my filters, the two systems stop talking to one another. Here are
the standard rules I have been using (legacy for 8.x bind):
! DNS queries
access-list 111 permit udp any any eq domain
access-list 111 permit tcp 64.210.184.0 0.0.0.255 208.45.103.18 0.0.0.0 eq
domain
where the 64.210.184.0 network is where the master server lives. The slave
lives in the 63.146.119.0 network. So, I added the following rule to allow
the zone data to flow:
access-list 111 permit tcp 64.210.184.0 0.0.0.255 63.146.119.0 0.0.0.255 eq
domain
but no go. And, since 9.0.1 doesn't really use named-xfer (at least,
according to the docs it doesn't), I'm not entirely sure what is going on
when a zone is transferred from the master to the slave.
Does anyone have any information on what ports are used? I've tried
snooping, but living behind a switch is making that problematic :(
Thanks.
===
Bob Gahl Bicycle (Ryan Vanguard) Mobile || @
ARPA/Internet: bgahl at bawcsa.org || !_ \
URL: http://www.bawcsa.org/bgahl/ || (*)-~--+--(*)
"Sahn joong moe low ful how jee yah ching wong" - "When the
mountain has no tigers, the monkey will also declare himself
king." Chinese Proverb
More information about the bind-users
mailing list