Michael,
I run a caching DNS and it's of course authoritative for my internal
private network. (Where I use the .home TLD. Shouldn't get any requests
for that domain, I believe.)
"Michael H. Warfield" wrote:
<multiple snips>
> > Any idea of why I get so many packets on port 53? DENY'd so far, but...
>
> TCP or UDP? Both are used by DNS but for generally different tasks.
The traffic I'm receiving is udp.
> You should not be seeing TCP traffic on 53 unless requests are
> larger than what can be handled in a single UDP packet. Those are
> typically zone transfers and you probably don't want that.
Is there anywhere I can restrict who can request a zone transfer? (I do
run a secondary DNS in my little network. ;-)
If I understand your reasoning I should probably accept all incoming udp
from port 53 to any unprivileged port, no matter what the source address
is?
Regards
Gustav
--
pgp = Pretty Good Privacy.
To get my public pgp key, send an e-mail to: [EMAIL PROTECTED]
Visit my web site at http://www.schaffter.com
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
