my smtp server is very slow to accept connections today

Les Mikesell lesmikesell at gmail.com
Fri Apr 7 02:40:37 UTC 2006


On Thu, 2006-04-06 at 20:16, Don Russell wrote:

> I just tried two digs which replied right away..
> dig @66.75.164.89 ibm.com ---> replied in 27 mSec
> dig @66.75.164.90 ibm.com ---> replied in 26 mSec
> 
> That tells me the two dns servers defined there are responsive...
> 
> and looking back through my Cisco router firewall logs, I see tons of 
> udp 66.75.164.90 port 1078 denials... before and after my digs... :-(

It sounds like you are blocking their response to your query
which probably gets repeated over tcp eventually.  The dns
response will come *from* port 53 on the DNS server back
to the random port above 1024 where you issued the query.

If you run 'tcpdump port 53' while an inbound connection
happens you might see what the query is and the response
or lack of it - and whether the source port matches a
firewall denial for the response.

--  
   Les Mikesell
   lesmikesell at gmail.com





More information about the fedora-list mailing list