It sounds obvious now.
BUT , before I added the UDP dns firewall rules. I could successfully do :
lookups using the host command ,
lookups with the example snippet in the Net::DNS man page
all DNS & RBL tests with my older SA installation ( 3.0.4 )
... So I didn't think that I needed that UDP firewall rule.
maybe the newert SA versions forces Net::DNS to use UDP where old
versions didn't ...
Oh well.
Dan
Kris Deugau wrote:
Daniel Bourque wrote:
After some playing around, turns out that Net::DNS performs certain
test with via UDP port 53, therefore, I had to accept UDP packets
from my nameserver's udp:53
... uhhhh... *yes*, you have to accept UDP packets on port 53.... O_o
*Most* DNS traffic is UDP. If you're blocking port 53/UDP, you're
blocking most of your DNS lookups - this isn't special to Net::DNS.
-kgd