From owner-freebsd-questions Wed Apr 24 6:28: 1 2002 Delivered-To: freebsd-questions@freebsd.org Received: from dire.bris.ac.uk (dire.bris.ac.uk [137.222.10.60]) by hub.freebsd.org (Postfix) with ESMTP id 7032637B405 for ; Wed, 24 Apr 2002 06:27:53 -0700 (PDT) Received: from mail.ilrt.bris.ac.uk by dire.bris.ac.uk with SMTP-PRIV with ESMTP; Wed, 24 Apr 2002 14:26:19 +0100 Received: from cmjg (helo=localhost) by mail.ilrt.bris.ac.uk with local-esmtp (Exim 3.16 #1) id 170Mkk-0000R7-00; Wed, 24 Apr 2002 14:24:10 +0100 Date: Wed, 24 Apr 2002 14:24:10 +0100 (BST) From: Jan Grant X-X-Sender: cmjg@mail.ilrt.bris.ac.uk To: Benjamin Krueger Cc: "Kevin Kinsey, DaleCo, S.P." , freebsd-questions Subject: Re: DNS port Number, Protocol In-Reply-To: <20020423214716.I56505@rain.macguire.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, 23 Apr 2002, Benjamin Krueger wrote: > * Kevin Kinsey, DaleCo, S.P. (kdk@daleco.biz) [020423 21:36]: > > > From: "Benjamin Krueger" > > > * Kevin Kinsey, DaleCo, S.P. (kdk@daleco.biz) [020422 16:07]: > > > > I've been having some DNS troubles > > > > with AT&T wireless (!) and my server. > > > > > > > > Everyone says my DNS is fine (except > > > > AT&T). Some lightning bolt just hit me and > > > > I decided to check if upd/53 was open > > > > from outside....it isn't. > > > > > > > > What's the chance that whatever they're > > > > using wants upd/53 instead of tcp/53? > > > > > > > > Kevin Kinsey > > > > > > Well, considering DNS uses udp 53, and only falls back on tcp 53 for > > overly > > > large transfers I'd say the chances are pretty good. =) > > > > > > Can you describe the actual problem you're having? > > > > > > -- > > > Benjamin Krueger > > > > > New thought is that blocked ICMP echo request > > does not allow their server to utilize UDP port > > #53 for DNS.....sound likely? > > > > Kevin Kinsey > > While blocking ICMP is not always the most clever of ideas, it shouldn't > prevent UDP from working. Your best bet here is to pull out your trusty packet > sniffer and watch to see if the dns server is recieving any of the packets. I don't know if this has already been covered, but if you've opened up port 53 (UDP _and_ TCP) and you want your named to be able to resolve, as well as answer queries, then you need to ensure it's sending its own queries on port 53. By default, I think it still uses transient port numbers (which, on recent stable, have moved up into the high port range). -- jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/ Tel +44(0)117 9287088 Fax +44 (0)117 9287112 RFC822 jan.grant@bris.ac.uk Semantic rules, OK? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message