LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (http://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   named -- using which port? (http://www.linuxquestions.org/questions/linux-newbie-8/named-using-which-port-523967/)

icechong 01-30-2007 01:41 AM

named -- using which port?
 
Hi there,

I have just setting up a BIND server. when i activate the iptables allow ONLY TCP port 53(others all drop), the BIND server doesnt work well anymore.

other than port 53, which port or any other thing i should open up?

thanks.

acid_kewpie 01-30-2007 01:58 AM

well DNS is 99% UDP... don't drop UDP/53.

icechong 01-30-2007 02:18 AM

Quote:

Originally Posted by acid_kewpie
well DNS is 99% UDP... don't drop UDP/53.



how about TCP/53?

acid_kewpie 01-30-2007 02:32 AM

what about it... that'll be about 1% if that. TCP would only be a last resort for dns if the client even supports it. most dns servers won't listen for TCP at all.

icechong 01-30-2007 05:57 AM

Hi Acid_kewpie,

problem solved after i allow UDP/53. thanks very much for your support.

icechong

nx5000 01-30-2007 06:09 AM

AFAIK TCP will be used for reliable long queries or for zone transfers.
So if you block TCP/53 you might get intermitent failures in case udp packets are reorderd.
I wouldn't block TCP/53. rfc says that both transport methods can be used.


All times are GMT -5. The time now is 07:28 AM.