forwarders and resolv.conf
Kevin Darcy
kcd at daimlerchrysler.com
Tue May 16 03:00:55 UTC 2000
Rick Francis wrote:
> can a firewall running resolv.conf to resolve externally only be the target
> of a forwarders directive from a primary internal nameserver?
The firewall is useless as a forwarder unless it is listening on port 53 and
sending valid answers back to the query packets it receives there. If you are
"running resolv.conf only" (to paraphrase your description), this implies that
you have nothing running on port 53. Therefore your firewall is currently
useless as a forwarder.
You'd need to run a nameserver on your firewall or, if your firewall software
has the ability, transparently forward or "proxy" DNS through it to some
external nameserver(s).
Your machine's resolv.conf file has *nothing* to do with whether it is running
a nameserver or in any way managing port 53. I think you're just confusing the
issue by referring to it.
- Kevin
More information about the bind-users
mailing list