Disable TCP/53

George Young gyoung at gldata.com
Fri Feb 22 04:55:09 UTC 2002




George Young / G-L Data, Inc / Morristown, NJ / 732.433.7900


<-----Original Message-----
<From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
<Behalf Of Tan Chun Han/ITNOC/PBB/PBBG
<Sent: Thursday, February 21, 2002 1:49 AM
<To: phn at icke-reklam.ipsec.nu
<Cc: Phoon Koak Wai/ITNOC/PBB/PBBG; bind-users at isc.org
<Subject: Re: Disable TCP/53
<
<
<
<
<hi phn, as far as i know, DNS should use UDP/53 only and not 
<TCP, that =
<is
<why
<our FW is configured for UDP, unless there's zone transfers. 
<as for our=
<
<case, this
<is only our Internal DNS for it to resolve MX records and www 
<addresses=
<.
<therefore we don't need TCP/53 for name server resolving.
<
<thanks and regards
<
<
<
<
<
<
<phn at icke-reklam.ipsec.nu@isc.org on 21/02/2002 02:26:16 PM
<
<Sent by:  bind-users-bounce at isc.org
<
<
<To:   comp-protocols-dns-bind at isc.org
<cc:
<
<Subject:  Re: Disable TCP/53
<
<
<
<Tan Chun Han/ITNOC/PBB/PBBG <tanch at publicbank.com.my> wrote:
<
<> Hi, our firewall keeps detecting and rejecting TCP/53 queries.
<> Does bind by default use TCP/53 and UDP/53? Is there any way 
<to disab=
<le
<> TCP/53, thus enabling UDP/53?
<
<Your firewall is errounesly denying TCP/53
<
<Fix the fw config and the messages will go away.
<
<
<
<
<--
<Peter H=E5kanson
<        IPSec  Sverige      (At the Riverside of Gothenburg, 
<home of Vo=
<lvo)
<           Sorry about my e-mail address, but i'm trying to 
<keep spam o=
<ut.
<        Remove "icke-reklam" and it works.
<
<
<=
<
<
<
<


More information about the bind-users mailing list