[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW-1] dns_verification: does it really work?
- To: [email protected]
- Subject: [FW-1] dns_verification: does it really work?
- From: Alberto <[email protected]>
- Date: Fri, 24 May 2002 11:32:15 +0200
- Organization: Consors España
- Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- User-agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:0.9.4.1) Gecko/20020314 Netscape6/6.2.2
Hi!
I'm seeing a lot of drops of dns queries of my internal dns cache,
about 80%, by rule 0. The only reason I find is the dns_verification
property. I'm using 4.1 sp4 on my firewall and named 8.2.3-REL in my dns
cache. There is no specific destination in dropped queries. I'm quiet
sure port 53 in my dns cache is beeing use for dns only. 4.1 sp2
release notes says that dns verification is to avoid the use of port 53
not for dns protocol.
So my question is if it really works, because it's dropping a lot of
queries I suppose right...
TIA
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
