Community discussions

 
pjulian
Member Candidate
Member Candidate
Topic Author
Posts: 267
Joined: Mon May 31, 2004 12:16 pm
Location: Sydney, Australia

Which ports to allow for DNS server on inside of MT Router ?

Sat Jan 15, 2011 10:40 am

Hi guys, I have configured a public DNS server which is on a routed network on the inside of my mikrotik, now I feel a bit stupid asking this question but will anyway....
I have allowed the usual TCP/53 and UDP/53 through the forward chain to the DNS server which is fine, but, any replies from other DNS servers which mine has queried come back to higher ports and random ports, this is a feature of the DNS server I am using, but I thought if I allowed related and established connections through to the DNS server it would work, but it doesn't, they just get blocked by my drop rule.

Am I missing something stupid here or do I just have to allow all UDP ports > 1024 through to the DNS server to allow for the replies ?

Thanks
Paul
 
pjulian
Member Candidate
Member Candidate
Topic Author
Posts: 267
Joined: Mon May 31, 2004 12:16 pm
Location: Sydney, Australia

Re: Which ports to allow for DNS server on inside of MT Rout

Sat Jan 15, 2011 11:06 am

Sorry.....user fault.
When I created the first rule to allow safe IP's to the box I copied that rule for the related and established rules and accidentally left the source address list set so it was only allowing related and established connections from IP's in my safe list...

Regards
Paul

Who is online

Users browsing this forum: No registered users and 69 guests