Date: Sat, 28 Sep 2013 18:32:00 +0200 From: Terje Elde <terje@elde.net> To: Frank Leonhardt <frank2@fjl.co.uk> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53 Message-ID: <A86693BE-6DAB-4D40-9848-80A2B81003EF@elde.net> In-Reply-To: <5246DEB3.7090002@fjl.co.uk> References: <5245CC59.5060204@laposte.net> <524600CF.3040609@fjl.co.uk> <13463C66-C15D-48E0-B926-CA0BF6580CAD@elde.net> <524610BE.4020904@fjl.co.uk> <CAHu1Y70bkt7g%2B95uUA_zUBt6NGbBKQvtcWpEeLM7rB0eFg6y_w@mail.gmail.com> <5246DEB3.7090002@fjl.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On 28. sep. 2013, at 15:50, Frank Leonhardt <frank2@fjl.co.uk> wrote: > Given that BIND can happily listen on ports other than 53 and OpenBSD allo= ws a port to be specified against each nameserver in resolv.conf, it does no= t seem an unreasonable question to me. Just to avoid any misunderstanding...=20 Not sure if I misunderstood what you're trying to do, but the way I recall i= t, you have two boxes, one running with one recursive and one authoritative n= ameserver, and you wanted a second box to quey the recursive nameserver on t= he first box, which is running on another port than 53? Given your setup, that's a valid question.=20 It's getting down to patching the resolver I felt was a bit overkill, and a p= ossible source of future pain.=20 How to solve it is a perfectly valid question.=20 Personally I'd just think it cleaner to solve it by running a caching resolv= er on the second host (on port 53), that could forward queries where you'd l= ike, rather than patching or usik firewall redirects.=20 Terje=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?A86693BE-6DAB-4D40-9848-80A2B81003EF>