DNS Ports
Andrew
server,i permit tcp 53/80 and udp 53. But if I try to
launch nslookup on my server for response of dns, the
command don't run e return "server not found", if i remove
network filter is all ok. What port can i add to filter?
thank you, sincerely
Andrew
Herb Martin
news:150901c4f262$49033400$a401...@phx.gbl...
DNS uses UDP 53 for most queries ad TCP 53
for zone transfers and some limited query support.
NSLookup may give a false error (right after the
command) and down below actually answer the
question.
So if you post your NSLookup output we can
determine if that is the (unimportant) problem,
or if you get the answer you sought with that
error you can just ignore it.
--
Herb Martin
Andrea
and try to browse internet from the server, server don't
resolve domain name and browse internet is impossible, if i
remove filter i can,
thank you
>.
>
Herb Martin
news:11d001c4f265$dd83af30$a301...@phx.gbl...
> but if i turn on network filter, with 80/53 tcp and 53 udp
> and try to browse internet from the server, server don't
> resolve domain name and browse internet is impossible, if i
> remove filter i can,
Unless you have other DNS configuration issues
that prevent it from working with the firewall filters
enabled then you have not correctly configured the
firewall filter.
Much depends on what filtering software you are
using (even Windows has 4 or 5 built-in choices
on various operating systems and even within
different subsystems of the same machine.)
Some require "mirrored filters" (inboud and outbound),
some do that automatically.
You will have to give us more info about the filtering
software and exactly where and what you typed.
--
Herb Martin
Kevin D. Goodknecht Sr. [MVP]
Andrew <anon...@discussions.microsoft.com> commented
Then Kevin replied below:
These are two different issues, p[lease read inline.
> Dear sir, i try to enable windows network filter on my
> server,i permit tcp 53/80 and udp 53.
Port filtering on the interface will cause inconsistent results because it
also filters outgoing connections. When an application makes an outgoing
connection it will use a port higher than port 1024. If you only open port
80/53 you are opening then incoming port but closing the outgoing ports
>1024.
I suggest you use packet filtering in RRAS if you need a poor mans firewall
or purchase a firewall product.
254018 - How to Configure Input Filters for Services That Run Behind Network
Address Translation:
http://support.microsoft.com/default.aspx?scid=kb;en-us;254018
But if I try to
> launch nslookup on my server for response of dns, the
> command don't run e return "server not found", if i remove
> network filter is all ok. What port can i add to filter?
> thank you, sincerely
> Andrew
I believe the actual message is "Can't find _server_ _name_ for address
<ipaddress>" The key words here are "nslookup" and "server name" IOW
nslookup can't find the server name by doing a reverse lookup on the IP
address. This fools a lot of users into thinking that something is wrong
with DNS when it is actually Nslookup doing something you didn't ask it to
do and scaring you by telling you it can't find the server name. This will
also cause DNS to time out and cause nslookup to switch to the alternate DNS
server.
You can ignore this or create a reverse lookup zone and PTR for the DNS
server IP in TCP/IP properties.
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================