Name Server Question
barmar at alum.mit.edu
Mon Jan 1 06:15:21 UTC 2007
In article <en9s7l$24kp$1 at sf1.isc.org>, seekuel <seekuel at gmail.com>
> On 12/30/06, Barry Margolin <barmar at alum.mit.edu> wrote:
> > My guess is that your firewall is only allowing DNS out to your ISP's
> > server. When you use your own server, it tries to send DNS to the root
> > servers, and this is being blocked by the firewall.
> Is there any way to determine this issue? UDP port 53 is open but TCP is
You should open both, although most of the time it should only need UDP.
You're talking about OUTBOUND, right? The source port of these outbound
queries is a high-numbered port. Your firewall should allow "from
1024-65535 to 53" outbound. Can you check the firewall's log to see if
it's blocking anything to or from the nameserver?
P.S. Please don't top-post, it gets the conversation out of order.
Barry Margolin, barmar at alum.mit.edu
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users