DNS behind firewall

Saif Ahmed smohammed at cmc.iq
Sun May 20 14:07:32 UTC 2012


Hi, 
I have configured authuritive only DNS,
It's respond well internally 
But not answer the public quires, 

options {
  directory "/etc/named";
  // version statement - inhibited for security
  // (avoids hacking any known weaknesses)
  version "not currently available";
  // allows notifies only from master
  allow-notify {172.20.10.10; };
  // disables all zone transfer requests
  allow-transfer{"none"; };
  allow-query { any; };
  query-source address * port 53;
  recursion no;
  pid-file "/var/run/named/named.pid";

below the tcpdump "udp port 53" result

17:05:03.913856 IP (tos 0x0, ttl 106, id 6612, offset 0, flags [none], proto
UDP (17), length 52)
    peach.dnsstuff.com.pmsm-webrctl > 192.168.30.100.domain: [udp sum ok] 1+
A? com.iq. (24)
17:05:03.914396 IP (tos 0x0, ttl 64, id 28758, offset 0, flags [DF], proto
UDP (17), length 73) 

Waiting for your advise;

Thanks A lot 

Saif





More information about the bind-users mailing list