Date: Thu, 23 May 2019 08:35:40 +0200 (CEST) From: Wojciech Puchar <wojtek@puchar.net> To: Kevin Oberman <rkoberman@gmail.com> Cc: Wojciech Puchar <wojtek@puchar.net>, FreeBSD Ports ML <freebsd-ports@freebsd.org> Subject: Re: problem with bind911 or 914 Message-ID: <alpine.BSF.2.20.1905230835090.86087@puchar.net> In-Reply-To: <CAN6yY1tmuyQJvPCr-g1-CNwR0DhRzYa%2BK5PDDCeaBBLanoGdYQ@mail.gmail.com> References: <alpine.BSF.2.20.1905222047170.66370@puchar.net> <CAN6yY1tmuyQJvPCr-g1-CNwR0DhRzYa%2BK5PDDCeaBBLanoGdYQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > Looks to me like either a firewall or policy issue, not BIND. > > Back a decade ago, many firewalls defaulted to blocking tcp/53. This was > based on the unfortunate decision to list the use of tcp/53 as "SHOULD" in > the RFC instead of "MUST", but this should produce a timeout,not a host > unreachable. "host unreachable" is should be the result of an ICMP message > coming back from a router. no it wasn't any firewall setting but net.inet.tcp.soreceive_stream=1
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.20.1905230835090.86087>