ICMP/ Firewall issue
Igmar Palsenberg
maillist at chello.nl
Fri Oct 20 12:39:31 UTC 2000
> The _DNS_ server doesn't send out ICMP packets in the
> normal course of business. It receives queries (usually)
> on UDP port 53 and sends the response as a UDP packet
> sourced on port 53. It can also do transactions using
> TCP (usually port 53 on the server side). It should
> never send ICMP messages unless the server process has,
> for some reason failed to allocate and listen on UDP and
> TCP port 53.
> In your case, I'd want to make sure that port 53 isn't
> being blocked.
No, but TCP/IP does use ICMP do do diagnostics kind of things. Completely
blocking ICMP makes TCP/IP blind.
> Scott
Igmar
More information about the bind-users
mailing list