Config Examples

[Alex Bahoor]

Rick,

If I want to connect someonesWebServer.com, the only way I can do that is to
map the name to an IP address. First thing, I would use my default DNS
server which is served by my ISP to query the name. Because this is a puplic
DNS server, there in on way in the world you set a private port number, and
expect every user to query names in a broadcast form. The port must be 53
period. Similarly, when this DNS server does know not about
someonesWebServer.com, he would have to go to the next level DNS on the
Internet to query the name. That DNS server must be using 53 as well. This
is a fundamental requirement on public networks setup. 

You can still change the ports on your private DNS server to any thing you
want for security reasons. For that matter, Broadcasts queries by any local
client would not be able to resolve names--all the client must be configured
with its dns ip address so it avoid broadcast.

Let me make it clear on public networks, and Internet, the only port you
would see on any DNS server is the default (53), otherwise, internet would
not be dynamic, and would be very clunky. And all DNS servers on the
internet build their diarchy based on broadcast.

I hope that help,

Alelx


-----Original Message-----
From: freeradius-users-bounces+alexbahoor=sbcglobal.net at lists.freeradius.org
[mailto:freeradius-users-bounces+alexbahoor=sbcglobal.net at lists.freeradius.o
rg] On Behalf Of freeradius at corwyn.net
Sent: Saturday, December 05, 2009 5:04 PM
To: FreeRadius users mailing list; 'FreeRadius users mailing list'
Subject: RE: Config Examples

At 02:54 PM 12/5/2009, Alex Bahoor wrote:

>Ivan,
>
>Imagine DNS uses dynamic port assignment instead of port 53? Guess 
>what, no one would be able to use the internet. :-)
>
>Alex

First, I believe you're trying to respond to me.

Second, you're asking questions about which you don't apparently understand.

What if I wanted to run my own implementation of DNS to do something 
bizarre? SSH on a different port than 22 (quite common)? A web server 
on port 88?  Telnet on port 8000. I can do all of those things. And 
apache, bind, tftp, ftp, telnet, sshd (and really almost every 
service that assigns a port) all have the ability to change the default
port.

If I'm running my own services, I might want the ability to run them 
on non-standard ports. That's why there are defaults, AND the ability 
to change them.

Rick


-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
 

__________ Information from ESET NOD32 Antivirus, version of virus signature
database 4663 (20091205) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com
 
 

__________ Information from ESET NOD32 Antivirus, version of virus signature
database 4663 (20091205) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com