|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
[PLUG] Re: FW: BIND troubleshooting / help
|
On Wed, 6 Aug 2003, kaze wrote:
> --> [mailto:plug-admin@lists.phillylinux.org]On Behalf Of Paul
> --> Sent: Wednesday, August 06, 2003 12:47 PM
> --> To: plug@lists.phillylinux.org
> --> Subject: Re: [PLUG] FW: BIND troubleshooting / help
> -->
> -->
> --> kaze wrote:
> -->
> --> >Is it possible IPtables on the machines is somehow to blame?
> --> >
> --> >What can I do next to troubleshoot?
> --> >
> --> >
> -->
> --> For one use nmap or nmapfe to scan port 53 to see if it's open.
>
> Yeah, it's been open, even all the way to the outside - but does it block
> outgoing somehow? Or is some reply blocked, I know on the Cisco ACL you have
> to allow from anyone to port 53, and from anyone's port 53 to ports over 53
> on tcp and udp. I'm probably reaching and just screwed something basic up...
I do not understand your question. You say it is open but then you seem to think
it is blocked. zone transfers are by default done via port 53 tcp. Most other
dns things are 53 udp. You seem to know this but at teh same time you do not
seem sure, so I mentioned it again for clarity. From your trace in the previous
message it looks to me like you have something blocked. It is hard to tell for
sure without sniffing the packets with tcpdump or something. You do not have
iptables turned on, on the nameservers so you??
--
......Tom Registered Linux User #14522 http://counter.li.org
tdiehl@rogueind.com My current SpamTrap -------> mtd123@rogueind.com
_________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
|
|