Re: bind 9.2.2 recursive lookup problem
On Fri, 13 Jun 2003 01:42, Simon McCartney wrote:
> Have you got any firewall's between you and the big bad world? I've seen
> Checkpoint FW-1 dropping DNS UDP packets, claiming they were badly formed
> and part of an attack, when afaics they were fine, coming from a BIND 9.2.1
> debian box.
Here's a way a problem can occur.
Have a DNS server on the net configured to only use port 1434, 137..139, or
445 for it's queries.
Most firewalls block those ports for obvious reasons. So when your name
server tries to answer a query from such a machine it gets blocked.
Now the reported problem occurred with BIND being on the client end. If you
have BIND configured to use a source port that happens (for some reason) to
be considered bad by the firewall at the other end (or at some ISP in
between) then a similar result can occur.
Try using traceroute with the "-p" option or hping to send UDP packets to port
53 and see what happens.
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page