Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: bind 9 forwarders: use UDP or TCP?
Top Forums UNIX for Advanced & Expert Users bind 9 forwarders: use UDP or TCP? Post 302422221 by honglus on Tuesday 18th of May 2010 12:50:49 AM
Old 05-18-2010
Quote:
Originally Posted by fpmurphy
As far as I know you need to have port 53 open for both UDP and TCP.

Most normal DNS traffic uses UDP not TCP. However AXFR uses TCP
to replicate zone data.
yes, TCP 53 is needed for zone transfer "slave type", but I couldn't find any info about protocol used for r" forward type"

---------- Post updated at 02:50 PM ---------- Previous update was at 10:53 AM ----------

I think sub-zone using forwaders is not going to work.
I ended up using sub-zone delegation, which use UDP only.

CTX124727 - How to Configure DNS Delegation Using BIND - Citrix Knowledge Center
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

TCP/UDP Ports

Just starting to work with unix, wondering if there is any good on-line documentation explaining TCP/UDP ports, how to use them, etc... Thanks.... (1 Reply)
Discussion started by: eugene_mayo
1 Replies

2. IP Networking

TCP/UDP Ports

Just wondering if anyone knows of any good on-line documentation on TCP/UDP Ports. Basically i want to know how to check if they are in use, learn how to close them, etc... Thanks... (5 Replies)
Discussion started by: eugene_mayo
5 Replies

3. UNIX for Dummies Questions & Answers

what are forwarders when you talk about DNS?

i am looking to setup my own home domain name server. i am having a problem though... "forwarders" what are they? is that the space where i put my ISP's DNS ip addresses, or is it something else? (1 Reply)
Discussion started by: xyyz
1 Replies

4. UNIX for Advanced & Expert Users

3600 tcp/udp, trap-daemon, text relay-answer

3600 tcp/udp, trap-daemon, text relay-answer Does anyone know what this service is responsible for, or how significant it is? Thanks.....James (1 Reply)
Discussion started by: cassj
1 Replies

5. UNIX for Dummies Questions & Answers

How to check the TCP/UDP port of a connection

Hi, Users are connecting thru a KCML Client to UNIX machine, and I want to know which TCP/UDP port that client uses? How can I check the port of a user logged in? Regards, Tayyab (2 Replies)
Discussion started by: tayyabq8
2 Replies

6. UNIX for Dummies Questions & Answers

Problem with named forwarders

Hello all, I'm having a problem with DNS for external websites. I'm running OpenBSD currently, for named. Internal sites are working perfectly, however if I try to get out to any outside website, it won't resolve. The results of nslookup are: My named.conf file looks like this: I've tried... (0 Replies)
Discussion started by: mmarino713
0 Replies

7. AIX

TCP/UDP port range for default AIX NFS?

May I know what is the TCP/UCP port range for any default AIX NFS? Based on rpcinfo -p, I got the following output: program vers proto port service 100000 4 udp 111 portmapper 100000 3 udp 111 portmapper 100000 2 udp 111 portmapper 100000 4 ... (4 Replies)
Discussion started by: famasutika
4 Replies

8. AIX

How could I enable logging of bind 9 forwarders messages?

How could I enable logging of bind 9 forwarders messages? I have the following but forwarded requests do not show up in the logs even when running named in debug 10 mode: logging { channel syslog_errors { // this channel will send errors or ... (0 Replies)
Discussion started by: Devyn
0 Replies

9. AIX

Multiple DNS forwarders and syntax question.

Hey Guy's, Is there a limit on the number of forwards that can be used or the syntax and spaces? I noticed I have to put spaces between ; and the IP for at least the first one, then space at the end to work and the rest don't work at all no matter what I try. forward first; ... (1 Reply)
Discussion started by: Devyn
1 Replies

LEARN ABOUT X11R4

host

HOST(1) 							       BIND9								   HOST(1)

NAME

       host - DNS lookup utility

SYNOPSIS

       host [-aCdlnrsTUwv] [-c class] [-N ndots] [-R number] [-t type] [-W wait] [-m flag] [[-4] | [-6]] [-v] [-V] {name} [server]

DESCRIPTION

       host is a simple utility for performing DNS lookups. It is normally used to convert names to IP addresses and vice versa. When no arguments
       or options are given, host prints a short summary of its command line arguments and options.

       name is the domain name that is to be looked up. It can also be a dotted-decimal IPv4 address or a colon-delimited IPv6 address, in which
       case host will by default perform a reverse lookup for that address.  server is an optional argument which is either the name or IP address
       of the name server that host should query instead of the server or servers listed in /etc/resolv.conf.

OPTIONS

       -4
	   Use IPv4 only for query transport. See also the -6 option.

       -6
	   Use IPv6 only for query transport. See also the -4 option.

       -a
	   "All". The -a option is normally equivalent to -v -t ANY. It also affects the behaviour of the -l list zone option.

       -c class
	   Query class: This can be used to lookup HS (Hesiod) or CH (Chaosnet) class resource records. The default class is IN (Internet).

       -C
	   Check consistency: host will query the SOA records for zone name from all the listed authoritative name servers for that zone. The list
	   of name servers is defined by the NS records that are found for the zone.

       -d
	   Print debugging traces. Equivalent to the -v verbose option.

       -i
	   Obsolete. Use the IP6.INT domain for reverse lookups of IPv6 addresses as defined in RFC1886 and deprecated in RFC4159. The default is
	   to use IP6.ARPA as specified in RFC3596.

       -l
	   List zone: The host command performs a zone transfer of zone name and prints out the NS, PTR and address records (A/AAAA).

	   Together, the -l -a options print all records in the zone.

       -N ndots
	   The number of dots that have to be in name for it to be considered absolute. The default value is that defined using the ndots
	   statement in /etc/resolv.conf, or 1 if no ndots statement is present. Names with fewer dots are interpreted as relative names and will
	   be searched for in the domains listed in the search or domain directive in /etc/resolv.conf.

       -r
	   Non-recursive query: Setting this option clears the RD (recursion desired) bit in the query. This should mean that the name server
	   receiving the query will not attempt to resolve name. The -r option enables host to mimic the behavior of a name server by making
	   non-recursive queries and expecting to receive answers to those queries that can be referrals to other name servers.

       -R number
	   Number of retries for UDP queries: If number is negative or zero, the number of retries will default to 1. The default value is 1, or
	   the value of the attempts option in /etc/resolv.conf, if set.

       -s
	   Do not send the query to the next nameserver if any server responds with a SERVFAIL response, which is the reverse of normal stub
	   resolver behavior.

       -t type
	   Query type: The type argument can be any recognized query type: CNAME, NS, SOA, TXT, DNSKEY, AXFR, etc.

	   When no query type is specified, host automatically selects an appropriate query type. By default, it looks for A, AAAA, and MX
	   records. If the -C option is given, queries will be made for SOA records. If name is a dotted-decimal IPv4 address or colon-delimited
	   IPv6 address, host will query for PTR records.

	   If a query type of IXFR is chosen the starting serial number can be specified by appending an equal followed by the starting serial
	   number (like -t IXFR=12345678).

       -T, -U
	   TCP/UDP: By default, host uses UDP when making queries. The -T option makes it use a TCP connection when querying the name server. TCP
	   will be automatically selected for queries that require it, such as zone transfer (AXFR) requests. Type ANY queries default to TCP but
	   can be forced to UDP initially using -U.

       -m flag
	   Memory usage debugging: the flag can be record, usage, or trace. You can specify the -m option more than once to set multiple flags.

       -v
	   Verbose output. Equivalent to the -d debug option. Verbose output can also be enabled by setting the debug option in /etc/resolv.conf.

       -V
	   Print the version number and exit.

       -w
	   Wait forever: The query timeout is set to the maximum possible. See also the -W option.

       -W wait
	   Timeout: Wait for up to wait seconds for a reply. If wait is less than one, the wait interval is set to one second.

	   By default, host will wait for 5 seconds for UDP responses and 10 seconds for TCP connections. These defaults can be overridden by the
	   timeout option in /etc/resolv.conf.

	   See also the -w option.

IDN SUPPORT

       If host has been built with IDN (internationalized domain name) support, it can accept and display non-ASCII domain names.  host
       appropriately converts character encoding of domain name before sending a request to DNS server or displaying a reply from the server. If
       you'd like to turn off the IDN support for some reason, defines the IDN_DISABLE environment variable. The IDN support is disabled if the
       variable is set when host runs.

FILES

       /etc/resolv.conf

SEE ALSO

       dig(1), named(8).

AUTHOR

       Internet Systems Consortium, Inc.

COPYRIGHT

       Copyright (C) 2000-2002, 2004, 2005, 2007-2009, 2014-2017 Internet Systems Consortium, Inc. ("ISC")

ISC
								    2009-01-20								   HOST(1)
All times are GMT -4. The time now is 09:47 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy