Probelms with the Nameserver behind a firewall
Greg Chavez
greg at capu.net
Thu Mar 15 13:19:24 UTC 2001
I would probably address these concerns to a Linux list then. From the
perspective of BIND, all that it requires from the firewall is a hole for
UDP and TCP 53, bidrectionally. If the DNS server is otherwise
operational (that is, it works upstream from the firewall), then you need
to explore what is happening at the firewall - that is a matter suitable
for a more Linux-oriented forum. Besides, I know virtually nothing about
Linux ip chains :(
Good luck, though.
--Greg
On Wed, 14 Mar 2001, Rogelio E. Castillo Haro wrote:
>
> mmm, sorry,
> how I know if I'm use a hide nat...I'm use ipchains in a Linuxbox...
> slackware with kernel 2.2.13
>
> Thanks.
>
> Greg Chavez wrote:
>
> > Suggestions:
> >
> > o Allow TCP 53
> > o Make sure you're not running hide NAT on the box, that would just be
> > darn silly
> > o If you're running static NAT, make sure it's working properly
> > o sniff your internal and external interfaces, and look for TCP or UDP
> > port 53 packets - that is, see where and if the drops are occurring and
> > go from there
> >
> > --Greg Chavez
> >
> > On Wed, 14 Mar 2001, Mukund Ravipaty wrote:
> >
> > >
> > >
> > > Hi ,
> > >
> > > I have just put my Primary Nameserver behind a firewall. I have
> > > allowed UDP out on port 53 Incoming/Outgoing on the firewall for the
> > > box . Does anyone know of any problems, or has ever encountered any
> > > problems.
> > >
> > > Regards
> > >
> > > Mukund
> > >
> > >
>
> --
> Rogelio E. Castillo Haro
> rcastillo at glo.org.mx
>
> Vive libre o muere!!!
> Linux 2001 :)
>
>
>
>
More information about the bind-users
mailing list