UDP Port 53

Lucas Peet sirsky at lucastek.com
Mon Apr 21 19:07:13 CDT 2003 

Actually, all you need to do is contact whomever you registered your
domain name with, and have them add a DNS host record, pointing to your
RR IP address.  Once that's done, you have a public DNS host that can be
queried by anyone, and will be the authoritative DNS server for your
domains, if you have them pointing to your new DNS server through your
registrar.  There is no need to contact RoadRunner at all, and they do
not block this traffic.  Matter of fact, I don't think they block any
traffic at all...

-Lucas

Lucas Peet
sirsky at lucastek.com

-----Original Message-----
From: owner-kclug at marauder.illiana.net
[mailto:owner-kclug at marauder.illiana.net] On Behalf Of Jonathan Hutchins
Sent: Monday, April 21, 2003 2:44 PM
To: jose sanchez
Cc: kclug at kclug.org
Subject: Re: UDP Port 53

Quoting jose sanchez <j_r_sanchez at yahoo.com>: 
 
> I have a couple of questions regarding hosting your 
> own DNS server.  
> 1. Does RR blocks port 53 (udp) so clients can't run 
> their own server? 
> 2. If no, Can port 53 be NATed and forwarded to an 
> internal box?  
 
You can run a DNS server for your own internal network, and you can
internally 
serve any domain you choose.  Some of use use this to create false DNS
entries 
to block pop-up ads and other known nasties. 
 
You can NOT arbitrarily set up a public DNS server and start advertising
your 
IP as the home of arbitrary domain names.  You need a chain of
authoritative 
entries right back to the root servers that says your IP is the source
of 
authority for that domain.  One of the parties that would have to
participate 
and cooperate in this scheme is RoadRunner, who owns your IP address and
the 
domain name that is actually associated with it. 
 
I know one ISP who charges about $100 per domain to set up the proper
DNS 
chain.  I know another who does it as part of registering your domain
name, 
pointing it at any IP you specify. 
 
As far as your UDP masking goes, you're not clear on whether you're
trying to 
access UDP ports on your RR firewall from outside or whether you're
doing 
stuff from within. 
 
How do you test your connections from outside your private net?  (I
often use 
an ssh connection to a remote machine, which I then point back at my own
with 
lynx or telent.) 

---------------------------------------------------
This mail sent through tarcanfel's horde/imp system

More information about the Kclug mailing list