At 12:03 PM 1/24/00 -0500, Justin Fisher wrote:
>I have made changes to my local DNS server that is located on the
>Protected Network and the changes are not being propagated out to the
>internet. I had a tunnel open on UDP port 53, and have just opened up TCP
>53 as well. I can't understand why changes are not being sent out (even
>after updating the serial number of the DNS database). I am now
>suspecting that the changes are being blocked from being sent out or that
>queries are not being allowed inbound.
>Any help anyone could offer would be greatly appreciated.
Comments:
* DNS is UDP port 53 only, so a TCP inbound tunnel is not necessary.
* Your DNS Server is on your PROTECTED network? Why? It should be on
the PSN (Private Service Network).
* Do you see anything in your log files or on the gb console that would
indicate the DNS requestes are arriving at the EXTERNAL interface, and are
being rejected?
* Chances are that nothing is being blocked from "going out", at least
not by default. More likely that requests are blocked when they arrive on
the EXT interface.
* Have your "Verified" your configuration to look for config errors?
Another test: Ask someone else who has a name server to perform a "zone
transfer" of one of the domains in your DNS database. They would only need
to know your gb IP address and the domain name of a domain you host, and
you will need to allow them to do zone transfers if you have that function
restricted. (see your DNS/BIND documentation for details on restricting
zone transfers).
----------
Joe Biniskiewicz Tel: 805 496-6043
EdgeGate Networks Fax: 805 435-2000
Thousand Oaks, CA 91360 <mailto:[EMAIL PROTECTED]>
----------
