DNS and Firewalls

What about name services? Don’t you need to be able to speed dial all those servers on the Internet? Here’s the scoop on DNS and firewalls.

Packet-filtering firewalls can be configured to let your DNS servers on the inside perform lookups from the outside (that is, to allow stateful TCP/53 or UDP/53). In this case, standard DNS troubleshooting rules apply. The DNS lookup looks something like this:

  1. The client workstation asks the local DNS server to resolve www.jotto.com.

  2. The DNS on the local server can’t find jotto.com locally; it turns to the outside DNS server.

  3. The outside DNS server returns the IP address to the local DNS server.

  4. The local DNS server returns the IP address to the client workstation.

  5. The client workstation attempts ...

Get Sams Teach Yourself Network Troubleshooting in 24 Hours, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial