<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:st1="urn:schemas-microsoft-com:office:smarttags" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<!-- Template generated by Exclaimer Mail Disclaimers on 03:27:43 Wednesday, 21 March 2012 -->
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<style type="text/css">P.e033d674-3a3b-4ac4-8167-2659823254ee {
        MARGIN: 0cm 0cm 0pt
}
LI.e033d674-3a3b-4ac4-8167-2659823254ee {
        MARGIN: 0cm 0cm 0pt
}
DIV.e033d674-3a3b-4ac4-8167-2659823254ee {
        MARGIN: 0cm 0cm 0pt
}
TABLE.e033d674-3a3b-4ac4-8167-2659823254eeTable {
        MARGIN: 0cm 0cm 0pt
}
DIV.Section1 {
        page: Section1
}
</style>
<meta name="Generator" content="Microsoft Word 11 (filtered medium)">
<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]--><o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags" name="PersonName" /><!--[if !mso]>
<style>
st1\:*{behavior:url(#default#ieooui) }
</style>
<![endif]--><style>
<!--
 /* Font Definitions */
 @font-face
        {font-family:Tahoma;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
 /* Style Definitions */
 p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman";}
a:link, span.MsoHyperlink
        {color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {color:blue;
        text-decoration:underline;}
span.EmailStyle18
        {mso-style-type:personal-reply;
        font-family:Arial;
        color:navy;}
@page Section1
        {size:8.5in 11.0in;
        margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
        {page:Section1;}
-->
</style>
</head>
<body lang="EN-US" link="blue" vlink="blue">
<p class="e033d674-3a3b-4ac4-8167-2659823254ee"></p>
<div class="Section1">
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">I don’t think the target is blocking as I get the following:<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy"><o:p> </o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">dig www.dubaiairport.com<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy"><o:p> </o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">; <<>> DiG 9.8.1 <<>> www.dubaiairport.com<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">;; global options: +cmd<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">;; Got answer:<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36668<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy"><o:p> </o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">;; QUESTION SECTION:<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">;www.dubaiairport.com.          IN      A<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy"><o:p> </o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">;; ANSWER SECTION:<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">www.dubaiairport.com.   7200    IN      A       213.42.55.169<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy"><o:p> </o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">;; AUTHORITY SECTION:<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">dubaiairport.com.       172799  IN      NS      dcaowa01.dubaiairport.com.<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">dubaiairport.com.       172799  IN      NS      svr-b003.dubaiairport.com.<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy"><o:p> </o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">;; Query time: 337 msec<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">;; SERVER: 192.94.73.20#53(192.94.73.20)<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">;; WHEN: Wed Mar 21 19:25:08 2012<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">;; MSG SIZE  rcvd: 100<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy"><o:p> </o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy">The point is your firewall should NOT block outbound queries for port 53 or other ports.   There is a well know cache poisoning attack
 based on knowing the outbound (source) port that is going to be used so the port should be randomized.   Port 53 MUST be accessible on the target DNS server as that is the one that is going to answer the query.<o:p></o:p></span></font></p>
<p class="MsoNormal"><font size="2" color="navy" face="Arial"><span style="font-size:
10.0pt;font-family:Arial;color:navy"><o:p> </o:p></span></font></p>
<div>
<div class="MsoNormal" align="center" style="text-align:center"><font size="3" face="Times New Roman"><span style="font-size:12.0pt"></span></font></div>
</div>
</div>
<p></p>
<p class="e033d674-3a3b-4ac4-8167-2659823254ee"> </p>
<p class="e033d674-3a3b-4ac4-8167-2659823254ee"> </p>
<p class="e033d674-3a3b-4ac4-8167-2659823254ee"></p>
<div class="Section1">
<div>
<div class="MsoNormal" align="center" style="text-align:center"><font size="3" face="Times New Roman"><span style="font-size:12.0pt">
<hr size="2" width="100%" align="center" tabindex="-1">
</span></font></div>
<p class="MsoNormal"><b><font size="2" face="Tahoma"><span style="font-size:10.0pt;
font-family:Tahoma;font-weight:bold">From:</span></font></b><font size="2" face="Tahoma"><span style="font-size:10.0pt;font-family:Tahoma"> bind-users-bounces+jlightner=water.com@lists.isc.org
 [mailto:bind-users-bounces+jlightner=water.com@lists.isc.org] <b><span style="font-weight:bold">On Behalf Of
</span></b><st1:PersonName w:st="on">babu dheen</st1:PersonName><br>
<b><span style="font-weight:bold">Sent:</span></b> Wednesday, March 21, 2012 3:14 PM<br>
<b><span style="font-weight:bold">To:</span></b> Matus UHLAR - fantomas; <st1:PersonName w:st="on">
bind-users@lists.isc.org</st1:PersonName><br>
<b><span style="font-weight:bold">Subject:</span></b> Re: Name Resolution issue with one domain</span></font><o:p></o:p></p>
</div>
<p class="MsoNormal"><font size="3" face="Times New Roman"><span style="font-size:
12.0pt"><o:p> </o:p></span></font></p>
<div>
<div style="right:auto">
<p class="MsoNormal" style="background:white"><strong><b><font size="3" color="black" face="Times New Roman"><span style="font-size:12.0pt;color:black">Dear All,</span></font></b></strong><font color="black"><span style="color:black"><br>
 <br>
When i executed #dig <a href="http://www.dubaiairport.com">www.dubaiairport.com</a>, i am getting bleow response
</span><o:p></o:p></font></p>
</div>
<div style="right:auto">
<p class="MsoNormal" style="background:white"><font size="3" color="black" face="Times New Roman"><span style="font-size:12.0pt;color:black"> <o:p></o:p></span></font></p>
</div>
<span style="right:auto">
<div style="right:auto">
<p class="MsoNormal" style="background:white"><font size="3" color="black" face="Times New Roman"><span style="font-size:12.0pt;color:black">;<span style="background:#FF007F"> <<>> DiG 9.3.4-P1 <<>>
</span><a href="http://www.dubaiairport.com"><span style="background:#FF007F">www.dubaiairport.com</span></a><br>
<span style="background:#FF007F">;; global options:  printcmd<br>
;; connection timed out; no servers could be reached</span><o:p></o:p></span></font></p>
</div>
<div style="right:auto">
<p class="MsoNormal" style="background:white"><font size="3" color="black" face="Times New Roman"><span style="font-size:12.0pt;color:black"> <o:p></o:p></span></font></p>
</div>
<div style="right:auto">
<p class="MsoNormal" style="background:white"><font size="3" color="black" face="Times New Roman"><span style="font-size:12.0pt;color:black"> When i checked the firewall logs, as you all confirmed, traffic is leaving from both non standard and standard port.
 But firewall logs clearly shows that traffic from source port =53 and its getting dropped. But other DNS traffic towards various domains also going with source port 53 for which we have no issue.<o:p></o:p></span></font></p>
</div>
<div style="right:auto">
<p class="MsoNormal" style="background:white"><font size="3" color="black" face="Times New Roman"><span style="font-size:12.0pt;color:black"> <o:p></o:p></span></font></p>
</div>
<div style="right:auto">
<p class="MsoNormal" style="background:white"><font size="3" color="black" face="Times New Roman"><span style="font-size:12.0pt;color:black"> Is this port restriction done at remote domain firewall?<br>
 Is there any way to enforce non standard port for this domain query at our BIND level from our side?<o:p></o:p></span></font></p>
</div>
<div style="right:auto">
<p class="MsoNormal" style="background:white"><font size="3" color="black" face="Times New Roman"><span style="font-size:12.0pt;color:black"> <o:p></o:p></span></font></p>
</div>
<div style="right:auto">
<p class="MsoNormal" style="background:white"><font size="3" color="black" face="Times New Roman"><span style="font-size:12.0pt;color:black"> <o:p></o:p></span></font></p>
</div>
<div style="right:auto">
<p class="MsoNormal" style="background:white"><font size="3" color="black" face="Times New Roman"><span style="font-size:12.0pt;color:black;background:
#FF409F">Mar 21 21:50:26 start_time="2012-03-21 21:47:54" duration=151 policy_id=20 service=dns proto=17
 src zone=Inter-Connect dst zone=External action=Permit sent=403 rcvd=0 src=10.1.1.1 dst=213.42.52.75 src_port=53 dst_port=53 src-xlated ip=10.1.1.1 port=53 dst-xlated ip=213.42.52.75 port=53 session_id=512159 reason=Close - AGE OUT</span><o:p></o:p></font></p>
</div>
<div style="right:auto">
<p class="MsoNormal" style="background:white"><font size="3" color="black" face="Times New Roman"><span style="font-size:12.0pt;color:black"> <o:p></o:p></span></font></p>
</div>
<div style="right:auto">
<p class="MsoNormal" style="background:white"><font size="3" color="black" face="Times New Roman"><span style="font-size:12.0pt;color:black;background:
#FF409F">Mar 21 21:50:46 start_time="2012-03-21 21:49:15" duration=90 policy_id=24 service=dns proto=17
 src zone=Inter-Connect dst zone=External action=Permit sent=927 rcvd=0 src=10.1.1.1 dst=213.42.52.79 src_port=53 dst_port=53 src-xlated ip=10.1.1.1 port=53 dst-xlated ip=213.42.52.75  port=53 session_id=451904 reason=Close - AGE OUT<br>
</span><br style="right:auto">
Regards<o:p></o:p></font></p>
</div>
<div style="right:auto">
<p class="MsoNormal" style="background:white"><font size="3" color="black" face="Times New Roman"><span style="font-size:12.0pt;color:black">Babu<o:p></o:p></span></font></p>
</div>
</span>
<div>
<p class="MsoNormal" style="background:white"><font size="3" color="black" face="Times New Roman"><span style="font-size:12.0pt;color:black"><o:p> </o:p></span></font></p>
</div>
<div>
<div>
<div>
<p class="MsoNormal" style="background:white"><b><font size="2" color="black" face="Arial"><span style="font-size:10.0pt;font-family:Arial;color:black;
font-weight:bold">From:</span></font></b><font size="2" color="black" face="Arial"><span style="font-size:10.0pt;font-family:Arial;color:black">
 Matus UHLAR - fantomas <uhlar@fantomas.sk><br>
<b><span style="font-weight:bold">To:</span></b> <st1:PersonName w:st="on">bind-users@lists.isc.org</st1:PersonName>
<br>
<b><span style="font-weight:bold">Sent:</span></b> Wednesday, 21 March 2012 11:41 AM<br>
<b><span style="font-weight:bold">Subject:</span></b> Re: Name Resolution issue with one domain</span></font><font color="black"><span style="color:black"><o:p></o:p></span></font></p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt;background:white"><font size="3" color="black" face="Times New Roman"><span style="font-size:12.0pt;color:black"><br>
On 21.03.12 09:23, <st1:PersonName w:st="on">Mark Andrews</st1:PersonName> wrote:<br>
>Stupid firewall rules in front of the nameservers.  They block<br>
>traffic sent from port 53 which is the port lots of nameservers<br>
>used to send query traffic.  When will firewall administrators learn<br>
>that the source ports can be anything, that they are not significant,<br>
>and that blocking traffic based on the source port is stupid.<br>
<br>
maybe the admin set that up to force local servers using random ports, <br>
instead of 53, for outgoing requests. Nobody should use port 53 for <br>
_ougtoing_ requests.<br>
<br>
>bsdi# dig -b 0.0.0.0#53 www.dubaiairport.com @svr-b003.dubaiairport.com<br>
>09:13:17.909493 211.30.172.21.53 > 213.42.52.75.53:  18071+$ [1au] A? www.dubaiairport.com. ar: OPT UDPsize=4096 (49)<br>
>09:13:22.918018 211.30.172.21.53 > 213.42.52.75.53:  18071+$ [1au] A? www.dubaiairport.com. ar: OPT UDPsize=4096 (49)<br>
>09:13:27.928099 211.30.172.21.53 > 213.42.52.75.53:  18071+$ [1au] A? www.dubaiairport.com. ar: OPT UDPsize=4096 (49)<br>
><br>
>; <<>> DiG 9.9.0rc2 <<>> -b 0.0.0.0#53 www.dubaiairport.com @svr-b003.dubaiairport.com<br>
>;; global options: +cmd<br>
>;; connection timed out; no servers could be reached<br>
>bsdi#<br>
<br>
-- <br>
Matus UHLAR - fantomas, <a href="mailto:uhlar@fantomas.sk" ymailto="mailto:uhlar@fantomas.sk">
uhlar@fantomas.sk</a> ; <a href="http://www.fantomas.sk/" target="_blank">http://www.fantomas.sk/</a><br>
Warning: I wish NOT to receive e-mail advertising to this address.<br>
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.<br>
Quantum mechanics: The dreams stuff is made of. <br>
_______________________________________________<br>
Please visit <a href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank">
https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list<br>
<br>
bind-users mailing list<br>
<a href="mailto:bind-users@lists.isc.org" ymailto="mailto:bind-users@lists.isc.org">bind-users@lists.isc.org</a><br>
<a href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
<br>
<o:p></o:p></span></font></p>
</div>
</div>
</div>
</div>
<p></p>
<p class="e033d674-3a3b-4ac4-8167-2659823254ee"><font face="Arial"><font color="fuchsia"><font style="FONT-FAMILY: Arial; FONT-SIZE: 10pt" size="2"></font></font></font> </p>
<p class="e033d674-3a3b-4ac4-8167-2659823254ee"> </p>
<p class="e033d674-3a3b-4ac4-8167-2659823254ee"><font face="Arial"><font color="fuchsia"><font style="FONT-FAMILY: Arial; FONT-SIZE: 10pt" size="2">Athena<font size="1">®</font>, Created for the Cause</font><font size="1">™
</font></font></font></p>
<p class="e033d674-3a3b-4ac4-8167-2659823254ee"><font size="2" face="Arial">Making a Difference in the Fight Against Breast Cancer</font></p>
<p class="e033d674-3a3b-4ac4-8167-2659823254ee"><font size="2" face="Arial"></font> </p>
<p class="e033d674-3a3b-4ac4-8167-2659823254ee"><font size="2" face="Arial"></font> </p>
<p class="e033d674-3a3b-4ac4-8167-2659823254ee"><font face="Arial"><font size="2"><strong>How and Why I Should Support Bottled Water!<br>
</strong>Do not relinquish your right to choose bottled water as a healthy alternative to beverages that contain sugar, calories, etc. Your support of bottled water will make a difference! Your signatures count! Go to
<a href="http://www.bottledwatermatters.org/luv-bottledwater-iframe/dswaters">http://www.bottledwatermatters.org/luv-bottledwater-iframe/dswaters</a> and sign a petition to support your right to always choose bottled water. Help fight federal and state issues,
 such as bottle deposits (or taxes) and organizations that want to ban the sale of bottled water. Support community curbside recycling programs. Support bottled water as a healthy way to maintain proper hydration. Our goal is 50,000 signatures. Share this petition
 with your friends and family today!</font></font></p>
<p class="e033d674-3a3b-4ac4-8167-2659823254ee"><font size="2" face="Arial"></font> </p>
<p class="e033d674-3a3b-4ac4-8167-2659823254ee"><span style="FONT-FAMILY: Arial; FONT-SIZE: 10pt">---------------------------------<br>
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information
 is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.<br>
----------------------------------</span><span style="FONT-FAMILY: 'Courier New'; FONT-SIZE: 9pt"><o:p></o:p></span></p>
<p> </p>
<p></p>
<p></p>
</body>
</html>