added both tcp and udp port 53, still seeing the log messages. Best,
Shiling On Mon, Nov 21, 2016 at 5:45 PM, Anand Buddhdev <ana...@ripe.net> wrote: > On 22/11/2016 00:27, schilling wrote: > > > Thanks for the insight. > > I added the following rule > > sudo firewall-cmd --permanent --direct --get-all-rules > > [sudo] password for admin: > > ipv4 filter OUTPUT 0 -d 10.10.10.100 -p tcp -m tcp --dport=53 -j ACCEPT > > where 10.10.10.100 is our DNS master, still receiving the error. > > Why have you only allowed TCP port 53? What about UDP port 53? BIND > first sends a UDP query to the master for the zone's SOA record, to > determine if it needs to transfer the zone or not. > > Regards, > Anand >
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users