ICMP/ Firewall issue
Igmar Palsenberg
maillist at chello.nl
Thu Oct 19 12:43:21 UTC 2000
On Wed, 18 Oct 2000, Rahcel Hannaway wrote:
> Is it possible to stop the DNS server sending out ICMP packets to
> check the user. I am currently getting no lookups from the server as
> the firewall admin has disallowed ICMP - I have included a remote
> lookup below - what can I do so that ICMP traffic is not needed for a
> lookup ?
Then your admin is an idiot. ICMP is needed for proper TCP / IP operation.
Let him / her only disable ICMP echo, but leave the rest open. Many
programs rely on their proper operation.
> from nslookup prompt with server set as our new server which is behind
> the firewall
>
> >www.hannaway.com
> Server: {server name}
> Address: {ip address}
>
> *** {server name} can't find www.hannaway.com: No response from server
It's probably sending ICMP echo packets, but I'm not sure.
> Thanks
>
> Rachel
Igmar
More information about the bind-users
mailing list