North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
(Can you turn off HTML when posting to lists? TIA) * email@example.com (Paul Gilbert) [Fri 27 Aug 2004, 14:49 CEST]: > I have a friend whom has a problem with we believe DNS. In this case the > ISP is NTL. He has a stateful firewall and is running NAT you can see from > the tcp dump below that he sends the query to one DNS server but another > responds thus breaking the firewall state and therefore it never resolves. Breaking the DNS protocol, too - cf. BIND's old "Response from unexpected source" syslog messages. http://archives.neohapsis.com/archives/incidents/2000-02/0032.html http://archives.neohapsis.com/archives/incidents/2000-02/0044.html Haven't seen one of those in a while, actually - has BIND gotten better at binding sockets to specific interface addresses (it has) or has it stopped reporting such instances? > Should the provider have the forwarding option on there servers or does he > need to punch another hole in his firewall. Punching holes is not likely to work as it's NAT that breaks... -- Niels.