Firewall issue (was Re: Non-existent host/domain)
hiro yamada
tokyolindy at hotmail.com
Tue Mar 13 12:57:22 UTC 2001
Hi there,
Hi Mark,
] From: Mark.Andrews at nominum.com
] I wrote:
] >
] > I have a problem to install bind8.2.3-REL on Solaris2.5.1/Intel86
] > as an upgrade from bind4.9.6-REL. Its compilation was successful.
] > "/var/adm/messages" says as follows.
] >
] >
-----------------------------------------------------------------------------
] > ----
] > named[6991]: starting (/etc/named.conf). named 8.2.3-REL Mon Mar 12
] > 11:46:05 JST 2001
] > root at ns.xxxxxx.ne.jp:/usr/local/src/bind8.2.3/src/bin/named
] > named[6991]: hint zone "" (IN) loaded (serial 0)
] > named[6991]: Zone "0.0.127.in-addr.arpa" (file 0.0.127.in-addr.arpa): No
] > default TTL ($TTL <value>) set, using SOA minimum instead
]
] Use a $TTL directive to fix this. See RFC 2308 and/or
] http://www.nominum.com/resources/faqs/bind-faq.html
] > >www.cdnow.com
] > Server: localhost
] > Address: 127.0.0.1
] >
] > ;; res_mkquery(0, www.cdnow.com, 1, 1)
] > timeout (5 secs)
] > timeout (10 secs)
] > timeout (20 secs)
] > timeout (40 secs)
]
] BIND 8, behaves like any other dns client and uses a system assigned
] port to make queries. Please ensure that your firewall allow these
] through and the answers back. You can also fix the port used for
] UDP queries via query-source.
All right, I inserted A $TTL line into db files and got a syslog without
any error in it. But I still was NOT able to resolve remote names.
Local names were fine. Then, I removed a firewall and tried the
query again. The result was GOOD! Named resolved remote names at
last.
So, I'd like to know which ports should I open for bind8.2.3-REL ?
When it was bind4.9.6-REL, I opend port 53 on tcp and udp which worked
well. Do I need open other ports too this time?
Thank you for your suggestions,
TL
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
More information about the bind-users
mailing list