Date: Wed, 4 Dec 2002 22:41:21 +1100 From: Stanley Hopcroft <Stanley.Hopcroft@ipaustralia.gov.au> To: FreeBSD-ISP@FreeBSD.ORG Subject: Anyone had any problems with BIND-9 forwarding queries through PIX devices ? Message-ID: <20021204224119.G214@IPAustralia.Gov.AU>
next in thread | raw e-mail | index | archive | help
Dear Sir or Madam, We have been using the ports version of BIND 9 on 4.7-RELEASE (and 4.6-RELEASE before) without any problems. Recently however, forwarded queries to our provider frequently take ~ 12 seconds to resolve (for names that should be cached). (packet traces show 4 A queries and then the response belatedly). We became aware through the same symptoms that PIX firewalls (with recent firmware) do not handle source port 53 queries very well. Is anyone aware of any problems with BIND 9.21 as far as forwarding goes, especially with PIX ? We have been forced to downgrade to the release version of BIND-8; this seems to perform better. Yours sincerely. -- ------------------------------------------------------------------------ Stanley Hopcroft ------------------------------------------------------------------------ '...No man is an island, entire of itself; every man is a piece of the continent, a part of the main. If a clod be washed away by the sea, Europe is the less, as well as if a promontory were, as well as if a manor of thy friend's or of thine own were. Any man's death diminishes me, because I am involved in mankind; and therefore never send to know for whom the bell tolls; it tolls for thee...' from Meditation 17, J Donne. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021204224119.G214>