if you are running your own internal DNS server to handle the DNS traffic
then set a rule to forward all TCP/UDP port 53 to the server.
-Sean
----- Original Message -----
From: "Ugo Bellavance" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Wednesday, October 17, 2007 8:27 PM
Subject: [pfSense Support] Re: Inbound TCP/53, auto?
Vivek Khera wrote:
On Oct 17, 2007, at 4:16 PM, Ugo Bellavance wrote:
Are TCP packets automatically accepted by pfsense or should I open
TCP/53 at wide? I query DNS servers directly, I don't use my ISP's DNS
servers for many reasons, so I can't just open TCP/53 for these DNS
servers.
enable the DNS proxy on pfsense. it will use the public DNS servers you
configure. then point your clients to the pfsense proxy (which DHCP on
pfsense will do automatically).
end of problem.
No,
as I said we don't use external DNS servers because we have high DNS load
(between 200 and 500 DNS queries/sec) and we don't want to have any extra
steps in a DNS query. We don't want to run more services than necessary
on pfsense so the dns proxy and DHCP server are off on the pfsense.
Thanks,
Ugo
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
