UDP Port 53
Jonathan Hutchins
hutchins at tarcanfel.org
Mon Apr 21 18:31:08 CDT 2003
Quoting jose sanchez <j_r_sanchez at yahoo.com>:
> I have a couple of questions regarding hosting your
> own DNS server.
> 1. Does RR blocks port 53 (udp) so clients can't run
> their own server?
> 2. If no, Can port 53 be NATed and forwarded to an
> internal box?
You can run a DNS server for your own internal network, and you can internally
serve any domain you choose. Some of use use this to create false DNS entries
to block pop-up ads and other known nasties.
You can NOT arbitrarily set up a public DNS server and start advertising your
IP as the home of arbitrary domain names. You need a chain of authoritative
entries right back to the root servers that says your IP is the source of
authority for that domain. One of the parties that would have to participate
and cooperate in this scheme is RoadRunner, who owns your IP address and the
domain name that is actually associated with it.
I know one ISP who charges about $100 per domain to set up the proper DNS
chain. I know another who does it as part of registering your domain name,
pointing it at any IP you specify.
As far as your UDP masking goes, you're not clear on whether you're trying to
access UDP ports on your RR firewall from outside or whether you're doing
stuff from within.
How do you test your connections from outside your private net? (I often use
an ssh connection to a remote machine, which I then point back at my own with
lynx or telent.)
---------------------------------------------------
This mail sent through tarcanfel's horde/imp system
More information about the Kclug
mailing list