I use forwarders for a subzone, but TCP 53 is blocked, So does forwarders really need TCP?
If forwaders use UDP, I can't get following scenario to work:
main zone is master, but subzone is forwad. Is it possible?
(On name sever itself, resolution of xx.stub.abc.com worked fine.)
#sub zone
zone "stub.abc.com" {
type forward;
forward only;
forwarders { 1.1.1.1; };
};
#main zone
zone "abc.com" {
type master;
...
};
As far as I know you need to have port 53 open for both UDP and TCP.
Most normal DNS traffic uses UDP not TCP. However AXFR uses TCP
to replicate zone data.
yes, TCP 53 is needed for zone transfer "slave type", but I couldn't find any info about protocol used for r" forward type"
---------- Post updated at 02:50 PM ---------- Previous update was at 10:53 AM ----------
I think sub-zone using forwaders is not going to work.
I ended up using sub-zone delegation, which use UDP only.
CTX124727 - How to Configure DNS Delegation Using BIND - Citrix Knowledge Center