Different forwarder for cerain response ip (result ip )
Reindl Harald
h.reindl at thelounge.net
Sat Sep 16 12:31:29 UTC 2017
Am 16.09.2017 um 14:26 schrieb Alberto Colosi:
>>your answer to "Actually my situation is a bit strange . But as
>>explanation i can say that our upstream provider do dns manipulation on
>>normal ports 53 tcp/udp" coming with "port 53 is only open directed to
>>forwarders" and "I think u should read how DNS works, TLD and so on
>>simply drop forwarders only use TLD" is nonsense
>
> nonsense ? :O I use from tons of years and even on single computers
that has no meaning in any language, but if you want to play the
expierience card i play mine: professional dns/network admin for some
hundret domains including write named backends....
> *_forwarders are not a needed stuff even for caching even for
> authoritative_*
>
> use only TLD but if port 53 is closed you have no "normal" way to gain
> access to root TLD DNS engines
and *hence* he wants to forward the traffic to a dns server on port 443
*which has access and can do recursion* - so just stop it - none of your
responses is helpful for anybody, it's just noise
> ------------------------------------------------------------------------
> *From:* bind-users <bind-users-bounces at lists.isc.org> on behalf of
> Reindl Harald <h.reindl at thelounge.net>
> *Sent:* Saturday, September 16, 2017 2:12 PM
> *To:* bind-users at lists.isc.org
> *Subject:* Re: Different forwarder for cerain response ip (result ip )
>
>
> Am 16.09.2017 um 13:30 schrieb Alberto Colosi:
>> I read so well your answer and wasn't an answer to you
>>
>>
>> in all case , who said I can't use port 53 if blocked ?
>> 😲 are many ways without a VPN that usually is a paid
>> service or a company service for who have it.
>>
>>
>> In all case even VPN even 443 is open, can be dropped 😲 ... pass 443
>> (browser) but not VPN.
>>
>>
>> In all case here wasn't a discussion on hacking or bypassing protections
>> or limitations! So I'll quit any other answer on this topic over the
>> real question.
>
> jesus fix your quoting style and english - non of your responses was in
> any case helpful and other than you people with expierience guess what
> the reason for somenon.default configs likely is
>
> your answer to "Actually my situation is a bit strange . But as
> explanation i can say that our upstream provider do dns manipulation on
> normal ports 53 tcp/udp" coming with "port 53 is only open directed to
> forwarders" and "I think u should read how DNS works, TLD and so on
> simply drop forwarders only use TLD" is nonsense
>
> when the ISP of his upstream internet connection mangles traffic on port
> 53 and you still recommend drop forwarders and use port 53 who is the
> one which don't undertand DNS or the topic
>
> can you please refrain from answering to each and every post in a thread
> you obvisouly don't understand?
>
>> ------------------------------------------------------------------------
>> *From:* bind-users <bind-users-bounces at lists.isc.org> on behalf of
>> Reindl Harald <h.reindl at thelounge.net>
>> *Sent:* Saturday, September 16, 2017 12:59 PM
>> *To:* bind-users at lists.isc.org
>> *Subject:* Re: Different forwarder for certain response ip (result ip )
>>
>>
>> Am 16.09.2017 um 12:50 schrieb Alberto Colosi:
>>> even on hotel ......... why not to use a BIND on unix or window on ur
>>> box u r using ?
>>
>> did you read what i repsoned and too and did you try to understand my
>> answer?
>>
>> a default bind with recursion won't work when it can't connect to the
>> world in case it is redirected to a hotel nameserver and when you can
>> only connect to 80/443, well then your BIND on the box you are using may
>> use a nameserver you own in the web running on 443
>>
>>> ------------------------------------------------------------------------
>>> *From:* bind-users <bind-users-bounces at lists.isc.org> on behalf of
>>> Reindl Harald <h.reindl at thelounge.net>
>>> *Sent:* Saturday, September 16, 2017 12:46 PM
>>> *To:* bind-users at lists.isc.org
>>> *Subject:* Re: Different forwarder for certain response ip (result ip )
>>>
>>>
>>> Am 16.09.2017 um 12:32 schrieb Matus UHLAR - fantomas:
>>>> 1. who runs DNS servers on port 443?
>>>
>>> likely people which where bitten by hotel access points where 53 is
>>> catched to a internal nameserver and outgoing only 80/443 are possible,
>>> the same reason many people have a VPN server on 443
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
> bind-users Info Page - lists.isc.org Mailing Lists
> <https://lists.isc.org/mailman/listinfo/bind-users>
> lists.isc.org
> To see the collection of prior postings to the list, visit the
> bind-users Archives. Using bind-users: To post a message to all the list
> members, send ...
More information about the bind-users
mailing list