Quoting jose sanchez : > I have a couple of questions regarding hosting your > own DNS server. > 1. Does RR blocks port 53 (udp) so clients can't run > their own server? > 2. If no, Can port 53 be NATed and forwarded to an > internal box? You can run a DNS server for your own internal network, and you can internally serve any domain you choose. Some of use use this to create false DNS entries to block pop-up ads and other known nasties. You can NOT arbitrarily set up a public DNS server and start advertising your IP as the home of arbitrary domain names. You need a chain of authoritative entries right back to the root servers that says your IP is the source of authority for that domain. One of the parties that would have to participate and cooperate in this scheme is RoadRunner, who owns your IP address and the domain name that is actually associated with it. I know one ISP who charges about $100 per domain to set up the proper DNS chain. I know another who does it as part of registering your domain name, pointing it at any IP you specify. As far as your UDP masking goes, you're not clear on whether you're trying to access UDP ports on your RR firewall from outside or whether you're doing stuff from within. How do you test your connections from outside your private net? (I often use an ssh connection to a remote machine, which I then point back at my own with lynx or telent.) --------------------------------------------------- This mail sent through tarcanfel's horde/imp system