Date: Tue, 13 Mar 2001 15:39:43 -0500 (EST) From: Peter Brezny <peter@black.purplecat.net> To: freebsd-net@freebsd.org Subject: problem with secondary dns update through ipfw firewall Message-ID: <Pine.BSF.4.05.10103131533440.17531-100000@black.purplecat.net>
next in thread | raw e-mail | index | archive | help
I've got a problem with secondary DNS servers not being able to get
updates from my primary through it's firewall.
The firewall rules on the primary dns server (pertaining to dns) look like
this. I thought I had my bases covered...
# Allow DNS traffic from internet to query your DNS (for reverse
# lookups etc).
$fwcmd add allow tcp from any 53 to $ns1 53 setup
$fwcmd add allow udp from any to $ns1 53
$fwcmd add allow udp from $ns1 53 to any
I've also got:
query-source address 209.16.228.145 port 53;
In my named.conf on the primary dns server...
However when secondaries create zone files, they are blank. I get the
feeling it's a firewall problem because, when i configure the secondaries
to use an internal address of the primary dns server (which has a
keep-state allow all internal rule) in my test environment, the updates
occur as expected.
TIA
pb
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.10103131533440.17531-100000>