I've got a problem with secondary DNS servers not being able to get
updates from my primary through it's firewall.
The firewall rules on the primary dns server (pertaining to dns) look like
this. I thought I had my bases covered...
# Allow DNS traffic from internet to query your DNS (for reverse
# lookups etc).
$fwcmd add allow tcp from any 53 to $ns1 53 setup
$fwcmd add allow udp from any to $ns1 53
$fwcmd add allow udp from $ns1 53 to any
I've also got:
query-source address 209.16.228.145 port 53;
In my named.conf on the primary dns server...
However when secondaries create zone files, they are blank. I get the
feeling it's a firewall problem because, when i configure the secondaries
to use an internal address of the primary dns server (which has a
keep-state allow all internal rule) in my test environment, the updates
occur as expected.
TIA
pb
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
