Re: resolving names it is really slow slow with CentOS5.x using named

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Lars Hecking wrote:
>> options {
>>          directory "/var/named";
>>          dump-file "/var/named/data/cache_dump.db";
>>          statistics-file "/var/named/data/named_stats.txt";
>>          memstatistics-file "/var/named/data/named_mem_stats.txt";
>>          listen-on port 53 { 127.0.0.1; 172.25.50.10; };
>>          version "DNS Server v2.0";
>>          dnssec-enable no;
>>          query-source port 53;
>>          forwarders { 208.67.220.220; 208.67.222.222; };
>> };
>  
>> As you can see, I need to use "query-source port" param too with forwarders to
>> resolv names (and this is really really ugly).
>  
>  Explicit query-source port breaks port randomisation and is highly insecure.
>  Your problem may be an incorrectly configured firewall that only accepts
>  outgoing queries originating from source port 53 - it needs to accept all
>  outgoing queries for destination port 53.
> 
> 

Thanks lars. Correctly, firewall could be the problem, but it isn't. Because 
Ubuntu and Windows 2003/2008 doesn't have problems with it ... and resolves 
perfectly ... And I don't have configured this firewall to accept dns queries 
originating from source port 53 ...




> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
> 


-- 
CL Martinez
carlopmart {at} gmail {d0t} com
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux