[Pdns-users] recursor can't refresh the . records
bert hubert
bert.hubert at netherlabs.nl
Thu Aug 9 21:01:47 UTC 2007
On Thu, Aug 09, 2007 at 10:42:30PM +0200, thomas polnik wrote:
> > You may want to try without the firewall.
> >
> >
> without iptables is perhaps a bad idea :), but I will change it to
> iptables -I INPUT 1 -p udp --dport 53 -j ACCEPT
> iptables -I INPUT 2 -p tcp --dport 53 -j ACCEPT
This is wrong - you need to accept packets *coming* from port 53 for
answers as well.
Otherwise PowerDNS can't receive answers to the questions it is sending out!
The trick is to rely on stateful iptables filtering.
Good luck!
--
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
More information about the Pdns-users
mailing list