Bind 8.3.1 on win2000 with port mapping
Chris F
freaknetboy at yahoo.com
Tue Feb 19 14:22:30 UTC 2002
53/tcp is only used for zone transfers.
Only open 53/tcp to those whom you trust to pull your
zones.
If this is a public/internet nameserver, then open up
53/udp to the world.
--- WebReactor Networks <bind at webreactor.net> wrote:
> Jeff:
>
> You need to open port 53/UDP as well as 53/TCP.
> Most name server lookups are executed via UDP.
>
>
> -------- Original Message --------
> Subject: Bind 8.3.1 on win2000 with port mapping
> Date: Tue, 19 Feb 2002 00:24:25 -0700
> From: "Jeff Rasmussen" <jeffras at hotmail.com>
> Organization: XMission http://www.xmission.com/
> To: comp-protocols-dns-bind at moderators.isc.org
> Newsgroups: comp.protocols.dns.bind
>
> Can some one please tell me exactly what ports need
> to be open on a firewall
> to allow successful dns services? I have tcp port
> 53 open and when i try
> to get to the dns server from the outside i get a no
> response from server
> error.
>
> Here is my basic configuration:
> ______________ _________
> | | |
> |
> | Nat Enabled | | Win2k
> |
> | Router | | with
> dns ||
> | (64.122.17.55) |--------\ | (10.0.0.147) ||
> | with DHCP & |--------/ | Bind 8.3.1 |
> | port mapping | |
> |
> |_____________ | |_________|
> | |
> | |
> \/
> ______________ ___________
> | | |
> |
> | Firewall |--------\ | nodes
> |
> | (10.*.*.*) |--------/ |
> |
> |______________| |__________|
>
> infiniteflash.com is registered with name servers
> if.infiniteflash.com
> (64.122.17.55)
> and ns1.infiniteflash.com(64.122.17.55) -- I don't
> have my secondary name
> server (ns1) online yet.
>
> I have tried configuring bind a number of ways with
> no luck.
> here are my current files:
> ___________________
> named.conf
> ____________________
>
> // named.conf bind configuration file
>
>
> options {
> directory "C:\WINNT\system32\dns\etc";
> query-source address * port 53;
> // Place additional options here.
> };
>
> // Zones
>
>
> zone "infiniteflash.com" in {
> type master;
> file "db.infiniteflash.com";
> };
>
> zone "55.17.122.64.in-addr.arpa" in {
> type master;
> file "db.64.122.17.55";
> };
>
> zone "0.0.127.in-addr.arpa" in {
> type master;
> file "db.127.0.0";
> };
>
>
>
> // Read in Cache (Zone Hints)
>
> zone "." in {
> type hint;
> file "db.cache";
> };
> ___________________________________
> db.64.122.17.55
> ___________________________________
>
> $TTL 3h
>
> @ IN SOA if.infiniteflash.com.
> admin.infiniteflash.com. (
> 28 ; Serial
> 3h ; Refresh after 3 hours
> 1h ; Retry after 1 hour
> 1w ; Expire after 1 week
> 1h ) ; Negative caching TTL of 1 hour
>
> ;
> ; Name Servers
> ;
>
> IN NS if.infiniteflash.com.
>
>
> ;
> ; Pointer Records (point to canonical names)
> ;
>
> IN PTR if.infiniteflash.com.
> _____________________________________
> db.infiniteflash.com
> _____________________________________
>
> $TTL 3h
>
> ;
> ; Start of Authority
> ;
>
> infiniteflash.com. IN SOA if.infiniteflash.com.
> admin.infiniteflash.com. (
> 26 ; Serial
> 3h ; Refresh after 3 hours
> 1h ; Retry after 1 hour
> 1w ; Expire after 1 week
> 1h ) ; negative caching TTL of 1 hour
>
> ;
> ; Name Servers
> ;
>
> infiniteflash.com. IN NS if.infiniteflash.com.
>
> ;
> ; Host Addresses (canonical names)
> ;
>
> localhost.infiniteflash.com. IN A 127.0.0.1
> if.infiniteflash.com. IN A 64.122.17.55
>
> ;
> ; Multi-homed Hosts
> ;
>
> ; none
>
> ;
> ; Aliases
> ;
>
> www.infiniteflash.com. IN A 64.122.17.55
> ftp.infiniteflash.com. IN A 64.122.17.55
> mail.infiniteflash.com. IN A 64.122.17.55
> pop.infiniteflash.com. IN A 64.122.17.55
> smtp.infiniteflash.com. IN A 64.122.17.55
> __________________________________________________
>
> Thank you for any insite you can give me.
> Jeff Rasmussen
>
>
__________________________________________________
Do You Yahoo!?
Yahoo! Sports - Coverage of the 2002 Olympic Games
http://sports.yahoo.com
More information about the bind-users
mailing list