Date: Tue, 24 Jul 2001 19:06:18 +1000 From: "MurrayTaylor" <taylorm@bytecraftsystems.com> To: <freebsd-questions@freebsd.org> Subject: Ipfw and DNS on point to point link Message-ID: <01cf01c1141f$e69a5420$2a7627cb@bytecraft.au.com>
next in thread | raw e-mail | index | archive | help
Given that my DNS server is on the end of a frame relay
point to point link which has a a particular IP number set and I
have a Public IP number range assigned which I am using
for my hosts, should I block all DNS udp and tcp to the external
address?
I currently have ipfw rules to alow both addresses to be
visible and I seem to get traffic to both, although the external one
gets most by quite a large margin.
The public IP is the official DNS address.
(ext) +-----------+ (int)
x.y.z.1 ------- x.y.z.2| ext int| a.b.c.1 ------- a.b.c.0/25 lan
| |
+-----------+
The box is my DNS master server, with an offsite secondary at my ISP.
There is no reference to the x.y.z.2 number in any DNS records.
However historically the x.y.z IP nos were allowed through the ipfw rules
and obviously some traffic has attached itself to the x.y.z numbers in the
past.
So - can any see any good reason to hold open the x.y.z numbers?
cheers
mjt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01cf01c1141f$e69a5420$2a7627cb>