Root server DNS traffic across Linux/ipchains firewall?

Steve Snyder swsnyder at home.com
Thu Oct 21 18:48:08 UTC 1999


Joseph S D Yao wrote:
> 
> > I'm setting up a firewall on my Linux box.  This machine is running
> > Linux kernel v2.2.13 and BIND v8.2.1.  For some reason I'm getting
> > output from my box to root nameservers on a high port number.  Can
> > anyone explain this?
> 
> If you don't want this, use option:
>        query-source address * port 53;

I do use this option - as shown in my original post.

What I'm seeing is that while the input/output traffic to/from
my ISP's nameservers is respecting the exclusive use of port 53,
traffic with root nameservers does not.  BIND is still attempting
to communicate via a high port number.


More information about the bind-users mailing list