If it's "query-able" it needs 53 tcp/udp open? I think you mean it needs
53/udp open. The only reason it would need 53/tcp open, is if you were
doing a zone transfer (such as a secondary NS would do), or a handful of
other situations.
Jonathan
At 11:23 AM 8/13/2001 +0200, you wrote:
>>How can you use DNS and not open port 53?
>
>depends on whether you have specialized your DNS machines are not. You
>can run a caching-only DNS for your inside ip�s that is not query-able
>from internet, so you can block 53 to that DNS.
>
>but if a DNS is to be query-able, it needs 53 udp/tcp open.
>
>Len
>
>
>http://MenAndMice.com/DNS-training
>http://BIND8NT.MEIway.com : ISC BIND 8.2.4 for NT4 & W2K
>http://IMGate.MEIway.com : Build free, hi-perf, anti-abuse mail gateways
>
>
>Please visit http://www.ipswitch.com/support/mailing-lists.html to be
>removed from this list.
>
>An Archive of this list is available at:
>http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
