>If you would be so kind as to run the nmap test again from your location and >let >me know if you're seeing the correct - or at least *more* correct >answers, I'd >appreciate it.
Bill, It looks good now. Starting Nmap 5.51 ( http://nmap.org ) at 2014-10-01 12:47 MST Nmap scan report for www3.greenbuilder.com (205.238.182.102) Host is up (0.087s latency). PORT STATE SERVICE 53/tcp open domain 53/udp open domain >I know Bill's issue is solved, but I want to point out that anyone running DNS >>would be wise to not block TCP/53. TCP service for queries is specified in >the >protocol design, and not just for transfers. Failing UDP queries should >result in >retries over TCP >With response sizes growing (dnssec, ipv6), answers are more likely to be too >>large for UDP. Eli, Good advice leaving TCP/53 open as well. I haven't done much in the way of IPv6, but one thing is certain. It's coming, and DNS responses aren't going to get any smaller. It's best to be future ready. Thanks! John A. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
