Bind 8.3.1 on win2000 with port mapping

WebReactor Networks bind at webreactor.net
Tue Feb 19 14:15:39 UTC 2002 

Jeff:

You need to open port 53/UDP as well as 53/TCP.  Most name server lookups are executed via UDP.


-------- Original Message --------
Subject: Bind 8.3.1 on win2000 with port mapping
Date: Tue, 19 Feb 2002 00:24:25 -0700
From: "Jeff Rasmussen" <jeffras at hotmail.com>
Organization: XMission http://www.xmission.com/
To: comp-protocols-dns-bind at moderators.isc.org
Newsgroups: comp.protocols.dns.bind

Can some one please tell me exactly what ports need to be open on a firewall
to allow successful dns services?    I have tcp port 53 open and when i try
to get to the dns server from the outside i get a no response from server
error.

Here is my basic configuration:
______________                _________
|                                |              |                     |
|    Nat Enabled      |              |    Win2k      |
|    Router                |              |  with dns    ||
|    (64.122.17.55)    |--------\  | (10.0.0.147) ||
|    with DHCP &    |--------/  |  Bind 8.3.1  |
|    port mapping    |              |                     |
|_____________ |              |_________|
            |  |
            |  |
            \/
______________              ___________
|                                 |             |                        |
|        Firewall           |--------\ |    nodes         |
|    (10.*.*.*)            |--------/ |                        |
|______________|             |__________|

infiniteflash.com is registered with name servers if.infiniteflash.com
(64.122.17.55)
and ns1.infiniteflash.com(64.122.17.55) -- I don't have my secondary name
server (ns1) online yet.

I have tried configuring bind a number of ways with no luck.
here are my current files:
___________________
named.conf
____________________

// named.conf bind configuration file


options {
        directory "C:\WINNT\system32\dns\etc";
 query-source address * port 53;
 // Place additional options here.
};

// Zones


zone "infiniteflash.com" in {
      type master;
      file "db.infiniteflash.com";
};

zone "55.17.122.64.in-addr.arpa" in {
        type master;
        file "db.64.122.17.55";
};

zone "0.0.127.in-addr.arpa" in {
        type master;
        file "db.127.0.0";
};



// Read in Cache (Zone Hints)

zone "." in {
        type hint;
        file "db.cache";
};
 ___________________________________
 db.64.122.17.55
___________________________________

$TTL 3h

@ IN SOA if.infiniteflash.com. admin.infiniteflash.com. (
   28 ; Serial
   3h ; Refresh after 3 hours
   1h ; Retry after 1 hour
   1w ; Expire after 1 week
   1h ) ; Negative caching TTL of 1 hour

;
; Name Servers
;

 IN NS  if.infiniteflash.com.


;
; Pointer Records (point to canonical names)
;

 IN PTR  if.infiniteflash.com.
_____________________________________
db.infiniteflash.com
_____________________________________

$TTL 3h

;
; Start of Authority
;

infiniteflash.com. IN SOA if.infiniteflash.com. admin.infiniteflash.com. (
   26 ; Serial
   3h ; Refresh after 3 hours
   1h ; Retry after 1 hour
   1w ; Expire after 1 week
   1h ) ; negative caching TTL of 1 hour

;
; Name Servers
;

infiniteflash.com.  IN NS  if.infiniteflash.com.

;
; Host Addresses (canonical names)
;

localhost.infiniteflash.com.   IN A  127.0.0.1
if.infiniteflash.com.   IN A  64.122.17.55

;
; Multi-homed Hosts
;

; none

;
; Aliases
;

www.infiniteflash.com.    IN A  64.122.17.55
ftp.infiniteflash.com.    IN A  64.122.17.55
mail.infiniteflash.com.    IN A  64.122.17.55
pop.infiniteflash.com.     IN A  64.122.17.55
smtp.infiniteflash.com.    IN A  64.122.17.55
__________________________________________________

Thank you for any insite you can give me.
Jeff Rasmussen

More information about the bind-users mailing list