On Thursday 06 March 2003 04:32 pm, Paolo M wrote: > Did you check with a Windows box too? I am remembering > I also got this error from a Windows box but now I am > no more sure about it (I only use Jaguar at home).
The past year or so I've not allowed any but UDP port 53 thru the firewall. But when I got tired of lengthy delays and often down ISP nameservice I enabled named with "forward only", and finally broke down and created a private internal namespace/zone for the company. Had not yet changed the internal DHCP to point the internal mostly-NT systems at my nameserver. But had pointed my desktop Mac at it. This morning when I opened my morning-ritual 18 URLs all at once with Chimera-ne-Camino, was having a lot of problems. Some got thru quickly, others much slower, many but not all timed out. Adjusted ipfw rules to log denied packets to/from my Mac and quickly saw TCP port 53 being denied. Opened up port 53 to internal TCP and cured the problem. One thing I suspect is my FreeBSD 4.7-p6 nameserver responds in such a way as to make MacOS X think TCP is legal. I don't believe the Mac ever tried TCP talking to the ISP nameservice. -- David Kelly N4HHE, [EMAIL PROTECTED] ===================================================================== The human mind ordinarily operates at only ten percent of its capacity -- the rest is overhead for the operating system. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message