On 6/19/15, 1:16 PM, "bind-users-boun...@lists.isc.org on behalf of Reindl Harald" <bind-users-boun...@lists.isc.org on behalf of h.rei...@thelounge.net> wrote:
>Am 19.06.2015 um 18:44 schrieb Mike Hoskins (michoski): >> I suppose the only way to avoid any "intermediate" firewalls would be to >> place everything you run on a LAN segment hanging directly off your >> router/Internet drop with host based firewalls > >well, if the router is from Cisco and has NAt enabled there are dns >ALG's breaking zone-transfers in several ways.... been there done that >until forced the ISP to never ever ship a default Cisco deivce to us Over the years I've learned that trusting defaults is rarely sane, regardless of vendor. Having been involved in many discussions related to this sort of thing...I've sadly also learned that, much like BCP38, things which seem "simple" to fix from the outside often aren't. :-) _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
