Why are root servers hitting my firewall?
Kevin Darcy
kcd at daimlerchrysler.com
Thu Feb 1 23:18:28 UTC 2001
Those are almost certainly responses to queries that your internal
nameservers sent. Looks like your firewall rules are asymmetric. If you
want to block all DNS to the outside world, make sure you block
destination port 53 outbound.
- Kevin
jelliot at my-deja.com wrote:
> My firewall logs indicate that some of the root name servers are
> hitting its external interface and being denied. They're hitting high
> numbered ports. There are no DNS servers on my network that would be
> of use to anyone on the internet, they are all authoritative only for
> zones within my private organization.
>
> While there's probably no harm, I'd be interested to know what's going
> on.
>
> Thanks.
>
> Sent via Deja.com
> http://www.deja.com/
More information about the bind-users
mailing list