udp packets and firewalls
Wayne Vigeant
wvigeant at ma.ultranet.com
Tue May 30 23:49:32 UTC 2000
I'm currently working with a customer who has a single Internet
access point. The customer's firewall allows dns queries from the
Internet to pass through to an internal nameserver.
The customer wants to add a second Internet access point and allow
dns queries to pass through both of the Internet access points.
The customer's firewall is a packet filter and allows UDP packets
to port 53 to pass in either direction (inbound or outbound). Is
it safe to say that since only UDP packets are being allowed that
a query which comes in to the internal network through a firewall
in Singapore can be replied to by a response which passes outward
through a firewall in Tokyo?
Does the nameserver making the query care if the reply follows the
same path as the query? It would appear not to matter but I just want
to be sure bind doesn't care.
Thanks.
More information about the bind-users
mailing list