[CentOS] resolving names it is really slow slow with CentOS5.x using named
Lars Hecking
lhecking at users.sourceforge.net
Mon May 25 11:35:49 UTC 2009
> options {
> directory "/var/named";
> dump-file "/var/named/data/cache_dump.db";
> statistics-file "/var/named/data/named_stats.txt";
> memstatistics-file "/var/named/data/named_mem_stats.txt";
> listen-on port 53 { 127.0.0.1; 172.25.50.10; };
> version "DNS Server v2.0";
> dnssec-enable no;
> query-source port 53;
> forwarders { 208.67.220.220; 208.67.222.222; };
> };
> As you can see, I need to use "query-source port" param too with forwarders to
> resolv names (and this is really really ugly).
Explicit query-source port breaks port randomisation and is highly insecure.
Your problem may be an incorrectly configured firewall that only accepts
outgoing queries originating from source port 53 - it needs to accept all
outgoing queries for destination port 53.
More information about the CentOS
mailing list