Running public Bind Server from behind firewall

Furley, Stephen FURLES at
Tue Jun 7 09:01:40 UTC 2005

Try putting 'query-source address * port 53; in your named.conf file.
It's in the sample file that comes with Fedora, and probably other
distributions, but is commented out.

> From: bind-users-bounce at on behalf of Kurt
> Sent: Tuesday, June 07, 2005 6:47:07 AM
> To: John McGowan
> Cc: bind-users at
> Subject: Re: Running public Bind Server from behind firewall
> Auto forwarded by a Rule
> On 6/6/05, John McGowan <mcgowan at> wrote:
> > I've been running bind for a while now without any problems.  server
> > on public ip space behind a L2 transparent firewall.
> >=3D20
> > I just reconfigured the server to be on a private ip address and
> > it behind a new firewall that is not a L2 transparent firewall.  I
> > setup a "Mapped IP" on the firewall, but for some reason DNS doesn't
> > work like it should.  looks like responses to queries done by the
> > server aren't getting back.
> >=3D20
> > The thing that's confusing me is that all other services on the
> > that were moved are working fine SMTP, POP, HTTP.  DNS is the only
> > service that is having problems.
> >=3D20
> > Is there something obvious that I would have to change in my
> > to support a bind server running on a private ip address behind a
> > firewall?  (keep in mind that the firewalls i'm running are
> > with identical policies, the only difference is the introduction of
> > private ip network)
> >=3D20
> Does your named.conf contain a "blackhole" statement? If it does and
> the queries are coming from the private IP address of your firewall,
> that could be your problem.

More information about the bind-users mailing list