FW: Running public Bind Server from behind firewall
mcgowan at lynch2.com
Tue Jun 7 21:21:16 UTC 2005
John McGowan wrote:
>Cranfield, Matthew wrote:
>>Try putting 'query-source address * port 53; in your named.conf file.
>>It's in the sample file that comes with Fedora, and probably other
>>distributions, but is commented out.
>Thanks for all the suggestions... My named.conf file is very simple, and
>I tried it with and without the query-source address. The firewall
>*should* have all that stuff open... My gut was telling me that it had
>something to do with the firewall not mapping the ips properly.
>However, was secretly hoping for someone to tell me that I have to turn
>on the "run as private ip" switch.
Figured out exactly what the problem was... My ISP had a router who's
ARP table had a long timeout value. It was holding onto an old mac
address for that particular IP, causing all sorts of network
problems... On the surface it seemed like it was just BIND that was
having the problems, but everything was pretty much hosed.
More information about the bind-users