Rick,
If I want to connect someonesWebServer.com, the only way I can do that is to map the name to an IP address. First thing, I would use my default DNS server which is served by my ISP to query the name. Because this is a puplic DNS server, there in on way in the world you set a private port number, and expect every user to query names in a broadcast form. The port must be 53 period. Similarly, when this DNS server does know not about someonesWebServer.com, he would have to go to the next level DNS on the Internet to query the name. That DNS server must be using 53 as well. This is a fundamental requirement on public networks setup. You can still change the ports on your private DNS server to any thing you want for security reasons. For that matter, Broadcasts queries by any local client would not be able to resolve names--all the client must be configured with its dns ip address so it avoid broadcast. Let me make it clear on public networks, and Internet, the only port you would see on any DNS server is the default (53), otherwise, internet would not be dynamic, and would be very clunky. And all DNS servers on the internet build their diarchy based on broadcast. I hope that help, Alelx -----Original Message----- From: freeradius-users-bounces+alexbahoor=sbcglobal....@lists.freeradius.org [mailto:freeradius-users-bounces+alexbahoor=sbcglobal....@lists.freeradius.o rg] On Behalf Of freerad...@corwyn.net Sent: Saturday, December 05, 2009 5:04 PM To: FreeRadius users mailing list; 'FreeRadius users mailing list' Subject: RE: Config Examples At 02:54 PM 12/5/2009, Alex Bahoor wrote: >Ivan, > >Imagine DNS uses dynamic port assignment instead of port 53? Guess >what, no one would be able to use the internet. :-) > >Alex First, I believe you're trying to respond to me. Second, you're asking questions about which you don't apparently understand. What if I wanted to run my own implementation of DNS to do something bizarre? SSH on a different port than 22 (quite common)? A web server on port 88? Telnet on port 8000. I can do all of those things. And apache, bind, tftp, ftp, telnet, sshd (and really almost every service that assigns a port) all have the ability to change the default port. If I'm running my own services, I might want the ability to run them on non-standard ports. That's why there are defaults, AND the ability to change them. Rick - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html __________ Information from ESET NOD32 Antivirus, version of virus signature database 4663 (20091205) __________ The message was checked by ESET NOD32 Antivirus. http://www.eset.com __________ Information from ESET NOD32 Antivirus, version of virus signature database 4663 (20091205) __________ The message was checked by ESET NOD32 Antivirus. http://www.eset.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html