[H-GEN] Bind from behind a firewall
Greg Black
gjb at gbch.net
Wed Sep 10 22:13:09 EDT 2003
[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
On 2003-09-11, Snowy Angelique Maslov aka 'Snowpony' wrote:
> On Thu, 11 Sep 2003, Rick Phillips wrote:
>
> > > If your box 192.168.2.185 is connected to the Internet
> > > through your ADSL
> > > modem/router/firewall, which appears to have the outside
> > > world ip-address
> > > 203.63.166.202 then you will have to make a NAT entry in your
> > > ADSL modem to
> > > allow incoming traffic to 192.168.2.185 on port 53.
> >
> > That has been set up since day one but no luck - will add UDP to see if that
> > fixes it.
>
> Considering DNS uses UDP & TCP - Im guessing it will particular since UDP is
> used for queries and TCP for zone transfers ;).
Close, but not quite right -- UDP is used for queries that fit
in a UDP packet; TCP is the fallback mechanism for queries whose
answers are truncated in a UDP response. In any event,
firewalls need a hole punched through them for both TCP and UDP
on port 53.
Cheers, Greg
--
Greg Black <gjb at gbch.net> <http://www.gbch.net/gjb.html>
GPG signed mail preferred; further information in headers.
--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'. See http://www.humbug.org.au/
More information about the General
mailing list