On Thursday 06 March 2003 04:32 pm, Paolo M wrote:
> Did you check with a Windows box too? I am remembering
> I also got this error from a Windows box but now I am
> no more sure about it (I only use Jaguar at home).

The past year or so I've not allowed any but UDP port 53 thru the 
firewall. But when I got tired of lengthy delays and often down ISP 
nameservice I enabled named with "forward only", and finally broke down 
and created a private internal namespace/zone for the company.

Had not yet changed the internal DHCP to point the internal mostly-NT 
systems at my nameserver. But had pointed my desktop Mac at it. This 
morning when I opened my morning-ritual 18 URLs all at once with 
Chimera-ne-Camino, was having a lot of problems. Some got thru quickly, 
others much slower, many but not all timed out.

Adjusted ipfw rules to log denied packets to/from my Mac and quickly saw 
TCP port 53 being denied. Opened up port 53 to internal TCP and cured 
the problem.

One thing I suspect is my FreeBSD 4.7-p6 nameserver responds in such a 
way as to make MacOS X think TCP is legal. I don't believe the Mac ever 
tried TCP talking to the ISP nameservice.

-- 
David Kelly N4HHE, [EMAIL PROTECTED]
=====================================================================
The human mind ordinarily operates at only ten percent of its
capacity -- the rest is overhead for the operating system.


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message

Reply via email to