unable to resolve one specific domain (hotmail.co.uk)

Faehl, Chris cfaehl at rightnow.com
Wed Apr 25 16:31:20 UTC 2007


Thanks for the update. I've been at least acknowledged by msnhst at microsoft.com, they're looking into it - I will include this information in my report to them, as the primary reason we set query-source address to 53 is that we had problems with some nameservers that didn't allow non-privileged ports to query (probably a legacy issue). 


-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On Behalf Of Graeme Fowler
Sent: Wednesday, April 25, 2007 10:16 AM
To: bind-users at isc.org
Subject: Re: unable to resolve one specific domain (hotmail.co.uk)

x_bind-users_x at nospam.pz.podzone.net wrote:
> I'm open to comments as to the sanity of doing this, or if there's a
> better way, but hosts can now resolve hotmail.co.uk and mail is free
> flowing to that domain again.

A post on a closed UK-academic-centric mailing list just now stated that 
hotmail seem to be blocking UDP queries with source port == 53.

My testing (using dig's "-b ipaddress#port" option) shows that they're 
refusing connections with privileged source ports. Anything >1023 gets a 
response.

If you have:

query-source address * port 53;  # or < 1024

Then comment it out and restart.

Graeme





More information about the bind-users mailing list