Hello Nanog, I am trying get zone trasfer from a host, but it seems that because of firewals?, I can not get any record. They acknowelged that there is a host behind the firewalls but they claim it should not affect it. (I don't believe it.) But I don't know how to check/prove that if certain host can receive/send an UDP packet. TIA, Tatsuya かわさき TK3197 = = = = = = Business Network Telecom (BNT) ビジネスネットワークテレコム株式会社 〒111-0053 東京都台東区浅草橋3-8-5 31山京ビル6階 TEL 03-5687-3945 FAX 03-5687-6009 http://www.giganet.net
Hello Nanog,
I am trying get zone trasfer from a host, but it seems that because of firewals?, I can not get any record. They acknowelged that there is a host behind the firewalls but they claim it should not affect it. (I don't believe it.) But I don't know how to check/prove that if certain host can receive/send an UDP packet.
Zone transfers are handled via TCP, not UDP. See if you can telnet to port 51 on their nameserver; if you can't get a connection established, you won't be able to do a zone transfer.
TIA, Tatsuya
Matt
On Sun, 27 Sep 1998, Matthew Petach wrote:
Hello Nanog,
I am trying get zone trasfer from a host, but it seems that because of firewals?, I can not get any record. They acknowelged that there is a host behind the firewalls but they claim it should not affect it. (I don't believe it.) But I don't know how to check/prove that if certain host can receive/send an UDP packet.
Zone transfers are handled via TCP, not UDP. See if you can telnet to port 51 on their nameserver; if you can't get a connection established, you won't be able to do a zone transfer.
I think you mean port 53. This is both TCP and UDP. I thought DNS used both TCP and UDP. Thus firewall that is blocking UDP traffic will cause zone updates to fail. name 42/udp nameserver whois 43/tcp nicname # usually to sri-nic domain 53/tcp domain 53/udp Cheers
TIA, Tatsuya
Matt
I think you mean port 53. This is both TCP and UDP. I thought DNS used both TCP and UDP. Thus firewall that is blocking UDP traffic will cause zone updates to fail.
You're right, my mistake. Sorry! :(
name 42/udp nameserver whois 43/tcp nicname # usually to sri-nic domain 53/tcp domain 53/udp
Matt
I think you mean port 53. This is both TCP and UDP. I thought DNS used both TCP and UDP. Thus firewall that is blocking UDP traffic will cause zone updates to fail. name 42/udp nameserver whois 43/tcp nicname # usually to sri-nic domain 53/tcp domain 53/udp
Queries are done via UDP; zone transfers are always fully TCP. ag
On Sun, 27 Sep 1998, Matthew Petach wrote: | Date: Sun, 27 Sep 1998 21:11:32 -0700 (PDT) | From: Matthew Petach <mpetach@netflight.com> | To: Tatsuya Kawasaki <tatsuya@giganet.net> | Cc: nanog@merit.edu | Subject: Re: UDP packet/DNS server | | > | > Hello Nanog, | > | > I am trying get zone trasfer from a host, but it seems that because of | > firewals?, I can not get any record. | > They acknowelged that there is a host behind the firewalls but they claim | > it should not affect it. (I don't believe it.) | > But I don't know how to check/prove that if certain host can | > receive/send an UDP packet. | | Zone transfers are handled via TCP, not UDP. See if you | can telnet to port 51 on their nameserver; if you can't That's port 53... | get a connection established, you won't be able to do | a zone transfer. | | > TIA, | > Tatsuya | | Matt | Mathias Koerber | Tel: +65 / 471 9820 | mathias@staff.singnet.com.sg SingNet NOC | Fax: +65 / 475 3273 | mathias@koerber.org Q'town Tel. Exch. | PGP: Keyid: 768/25E082BD, finger mathias@singnet.com.sg 2 Stirling Rd | 1A 8B FC D4 93 F1 9A FC BD 98 A3 1A 0E 73 01 65 S'pore 148943 | Disclaimer: I speak only for myself * Eifersucht ist eine Leidenschaft, die mit Eifer sucht, was Leiden schafft *
Zone transfers are handled via TCP, not UDP. See if you can telnet to port 51 on their nameserver; if you can't
That's port 53.
Yes, yes, I should know better than to answer questions while watching Urusei Yatsura. I really did mean port 53, I just kept glancing over at the TV to read the subtitles, and my mind wandered off. :( Again, my apologies for confusing anyone.
Stephen
Matt
participants (6)
-
Aaron Goldblatt
-
Mathias Koerber
-
Matthew Petach
-
Megatron
-
Stephen Stuart
-
Tatsuya Kawasaki