newbie ?? aboutgetting DNS running

[Barry Margolin]

In article <8e7skt$9nh$1 at dfw-ixnews3.ix.netcom.com>,
CLint Davis <clint.davis at hds.com> wrote:
>I have a subnetted class C from my ISP.  I will do my own DNS. I went
>to Network Solutions and got a domain name.  To do my own DNS, ISP support
>says they have to do nothing. Right?
>
>I am using FreeBSD 3.3, and used books description on setting up a basic
>DNS, 2 NS and a couple of CNAME machines.
>
>I fire up "named" and I can use nslookup to display my records.  Problem
>occurs when I use nslookup to resolve, say yahoo.com.  Nslookup hangs.  My
>sniffer on the outbound network to the Internet shows 2000 packets/sec going
>to one of the root nameservers.  I peg my T1 line with DNS traffic.
>
>Im a newbie with DNS ( at least doing my own ) and dont know if this is
>correct or an indication of setup problems.  Does DNS suck a ton of data
>from root servers at startup?

No.  I'm not sure why you're sending so much.  It shouldn't be sending
queries any faster than it's receiving queries from the local clients.

But is your sniffer showing anything coming back?  If not, I suspect the
problem is that you have a packet filter blocking the reply traffic.  Make
sure your router allows inbound traffic to high-numbered UDP ports (BIND 8
uses a dynamic source port).  If you need to block this, then you'll need
to use the "query-source" option in named.conf to specify a static source
port for outbound queries (see p.381 of the DNS & BIND book).

-- 
Barry Margolin, barmar at genuity.net
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.