On Wed, 21 Feb 2001, Colin McKinnon wrote:
>
> masquerading for TCP _and_ UDP?
Yup - that was the only way that quiries from the name server would be
answered by the internet. Does bind actually _use_ TCP?? From my
understanding (abiet limited) DNS requests are UDP packets. Your browser
(or whatever) waits for, say, 90 seconds and times out if no reply is
recieved. TCP would involve too much overhead for a name lookup. Is this
right??
> I think I would do it by adding input firewall rules allowing connections
> to port 53 from the internal network but disallowing from everywhere else.
See above...
Sorry if I am picking brains and loose strings - I just wanna _understand_
what the fsck is going on here.
>
> HTH
>
> Colin
Cheers Colin
Monkey
Linux feeder 2.2.18
12:13pm up 30 min, 1 user, load average: 0.10, 0.04, 0.04
--------------------------------------------------------------------
http://www.lug.org.uk http://www.linuxportal.co.uk
http://www.linuxjob.co.uk http://www.linuxshop.co.uk
--------------------------------------------------------------------
