akhader at ies.etisalat.ae
Wed Jul 27 12:04:20 UTC 2016
You can use tcpdump on your DNS server to take the trace.
Command would be like below.
tcpdump -i any port 53 -w trace.pcap
You can share trace.pcap with us.
Ejaz <mejaz at cyberia.net.sa> wrote:
>The traffic will go to router which is handled by the Network dept. The fear that may router can crash if we start enabling the packet capture since it is layer 7.
>Is advisable, if we deny outbound UDP port 0 from the DNS servers, after enabling firewall.
>From: S Carr [mailto:sjcarr at gmail.com]
>Sent: Wednesday, July 27, 2016 10:51 AM
>To: Ejaz <mejaz at cyberia.net.sa>
>Cc: bind-users <bind-users at lists.isc.org>
>Subject: Re: outgoing-traffic
>On 27 July 2016 at 08:41, Ejaz <mejaz at cyberia.net.sa> wrote:
>> Thanks for all.
>> But the strange thing is that if the request comes on 53 port then it
>> should go only from 53 is it?? Why goes out from 0, any clue would be
>> highly appreciate.
>Where's the packet capture to review?
>Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>bind-users mailing list
>bind-users at lists.isc.org
More information about the bind-users