However, this raises an all-important question: how does the requested information reach the network’s right device? When you request information from the Internet, your router’s public IP address is sent along with your device’s private IP address. A private IP address is used in internal networks, whereas a public IP address is accessible to the outside world. Each device has an IP address, and there are two types of IP addresses: private (or internal) and public (or external). You probably already have an idea of how networks work. Do I Need Dedicated IP for Port Forwarding Routers?.How to Open Ports on Your Router using a VPN.How to Setup Port Forwarding on Your Router.Things to Consider before Manual Router Configuration.A firewall would also simplify the task of opening and closing ports as well as setting access policies as you wish, thereby circumventing the need to manually create (and remember) complex iptables rules. This safeguards against instrusion from attacks originating outside the network as well as against virus/trojan and "very clever" (but malignant) users inside the network. Not part of your question, but it would be advisable to have a firewall installed on any and all network server hosts. So to answer your question: You would only open port 53 on a host that is offering DNS services to a network. You can run tcpdump on a host and then issue a DNS lookup from another terminal or browser to confirm this: 'tcpdump -n -s 1500 -i eth0 udp port 53'
Contrary to popular belief a server or host does not need to have port 53 open to make outgoing DNS queries - this is not how the TCP/IP model works. An "open port" means that the port is externally visible to clients in the network (or out on the internet, possibly).
If the application server in question is not a DNS server then you do not require port 53 to be open.
0 kommentar(er)
