On Tue, Mar 15, 2011 at 01:08:57PM -0500, Martin McCormick wrote:
> Is there a recommended set of firewall rules that insure that all
> necessary DNS traffic can enter and leave, even the larger
> packets that result from dns-sec?
>
> We want port 53 traffic from anywhere, in this case and
>
ISC has deployed two test zones with specially configured servers
to support the testing of firewalls and EDNS.
You can test the firewall rules using:
dig edns-v4-ok.isc.org txt (IPv4)
dig edns-v6-ok.isc.org txt (IPv6)
These queries will only b
In message <1200b563-8a00-4c0a-822d-85733143f...@mac.com>, Chuck Swiger writes
:
> On Mar 15, 2011, at 11:08 AM, Martin McCormick wrote:
> > Is there a recommended set of firewall rules that insure that all
> > necessary DNS traffic can enter and leave, even the larger
> > packets that result from
On Mar 15, 2011, at 11:08 AM, Martin McCormick wrote:
> Is there a recommended set of firewall rules that insure that all
> necessary DNS traffic can enter and leave, even the larger
> packets that result from dns-sec?
# allow UDP DNS queries out to the world, and in to your nameservers
## It's f
Is there a recommended set of firewall rules that insure that all
necessary DNS traffic can enter and leave, even the larger
packets that result from dns-sec?
We want port 53 traffic from anywhere, in this case and
can send it anywhere, and want to be sure that no port 53
traffic is being
5 matches
Mail list logo
