From owner-freebsd-questions Mon Apr 1 16:50:33 2002 Delivered-To: freebsd-questions@freebsd.org Received: from saratoga.linuxpowered.net (saratoga.linuxpowered.net [63.121.110.48]) by hub.freebsd.org (Postfix) with ESMTP id 06E4E37B405 for ; Mon, 1 Apr 2002 16:50:26 -0800 (PST) Received: (from mail@localhost) by saratoga.linuxpowered.net (8.12.1/8.12.1/Debian -2) id g320oKGo004498 for freebsd-questions@freebsd.org; Mon, 1 Apr 2002 16:50:20 -0800 Received: from saratoga.linuxpowered.net (www-data@localhost [127.0.0.1]) by saratoga.linuxpowered.net (8.12.1/8.12.1/Debian -2) with SMTP id g320oHkP004487 for ; Mon, 1 Apr 2002 16:50:17 -0800 Received: from gate-wa.graphon.com ([63.121.110.34]) (SquirrelMail authenticated user aphro) by webmail.linuxpowered.net with HTTP; Mon, 1 Apr 2002 16:50:17 -0800 (PST) Message-ID: <62321.63.121.110.34.1017708617.squirrel@webmail.linuxpowered.net> Date: Mon, 1 Apr 2002 16:50:17 -0800 (PST) Subject: Re: port 1024 and system BIND From: "nate" To: In-Reply-To: <006501c1d9f0$c3e3f700$b300a8c0@wenk> References: <006501c1d9f0$c3e3f700$b300a8c0@wenk> X-Priority: 3 Importance: Normal X-MSMail-Priority: Normal X-Mailer: SquirrelMail (version 1.2.4) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Virus-Scanned: by AMaViS perl-11 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > : > : Bind is using udp port 1024 to ask other name servers questions. You > can > : change this behavior with query-source in named.conf. > : > > I'm hoping this can help out with some trouble I've been having with DNS. > Three questions: > > 1. Is 1024 the port used for zone transfers? > 2. Are there any other ports that BIND uses (outside of 53)? > 3. If so, what activities happen on what ports? By default I believe BIND uses a random port above 1024 for everything, if you have a restrictive firewall you can change this behavior in named.conf: query-source address * port 53; may be the directive. i think its to reduce BIND's dependence on running as uid root. if you force it to use port 53 for everything you may not be able to run it as non root (I haven't tried forcing it to 53) nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message