Solved

NSLOOKUP with IP filter enabled

Posted on 1998-08-21
6
1,734 Views
Last Modified: 2013-12-23
What port number is NSLOOKUP on NT4 using?
I have enabled the IP security and enabled Port 53 (DNS) for UDP. But any NSLOOKUP is timing out. When I enable all UDP Ports, the request is done (of course).

Which UDP Port has I to enable too?
0
Comment
Question by:PeterNeff
  • 2
  • 2
  • 2
6 Comments
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
ID: 1560978
Either TCP and UDP all use port 53 as its DNS port, certainly NSLOOKUP uses this port.
0
 

Author Comment

by:PeterNeff
ID: 1560979
I've written, I have enabled Port 53. But NSLOOKUP (and also PING and TRACERT) use another port to call the DNS Server.
On the Server where the DNS is running, Port 53 is fine. but not on the Computer which is calling the DNS Server.
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
ID: 1560980
Which port NSLOOKUP uses to call DNS server?
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 5

Accepted Solution

by:
heiko earned 100 total points
ID: 1560981
bbao is right about DNS port,
but you have to enable more then only UDP(53). because of client is using a dynamicly assigned port above 1024 to query. Only server is always using UDP(53).
so you have to enable

UDP(>1024) <--> UDP(53)
UDP(53)    <--> UDP(>1024)

for PING and TRACERT you need in addition ICMP.

thats all

Heiko
0
 

Author Comment

by:PeterNeff
ID: 1560982
I enabled now UDP Ports 1024 - 1030 and now, the DNS Request is made.

How can I controll, which Ports are dynamicly allocated?
What is the rule of the port-allocation?
0
 
LVL 5

Expert Comment

by:heiko
ID: 1560983
there is no way to control port dynamicaly assigned to client.

the range of 1024-1030 is not large enough. the range is valid from 1024 to 65535 depending on open connections and sessions.

the rule for assignement is to get next unused port above 1024.
so normaly you will get a port less then 2000. some implementations are using next port above 1024 and highest used port until 65535 is reached. so you have much higher numbers.

NT is using 1. implementation. so you can limit to 2000 mostly.

0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now