Solved

NSLOOKUP with IP filter enabled

Posted on 1998-08-21
6
1,744 Views
Last Modified: 2013-12-23
What port number is NSLOOKUP on NT4 using?
I have enabled the IP security and enabled Port 53 (DNS) for UDP. But any NSLOOKUP is timing out. When I enable all UDP Ports, the request is done (of course).

Which UDP Port has I to enable too?
0
Comment
Question by:PeterNeff
  • 2
  • 2
  • 2
6 Comments
 
LVL 37

Expert Comment

by:bbao
ID: 1560978
Either TCP and UDP all use port 53 as its DNS port, certainly NSLOOKUP uses this port.
0
 

Author Comment

by:PeterNeff
ID: 1560979
I've written, I have enabled Port 53. But NSLOOKUP (and also PING and TRACERT) use another port to call the DNS Server.
On the Server where the DNS is running, Port 53 is fine. but not on the Computer which is calling the DNS Server.
0
 
LVL 37

Expert Comment

by:bbao
ID: 1560980
Which port NSLOOKUP uses to call DNS server?
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 5

Accepted Solution

by:
heiko earned 100 total points
ID: 1560981
bbao is right about DNS port,
but you have to enable more then only UDP(53). because of client is using a dynamicly assigned port above 1024 to query. Only server is always using UDP(53).
so you have to enable

UDP(>1024) <--> UDP(53)
UDP(53)    <--> UDP(>1024)

for PING and TRACERT you need in addition ICMP.

thats all

Heiko
0
 

Author Comment

by:PeterNeff
ID: 1560982
I enabled now UDP Ports 1024 - 1030 and now, the DNS Request is made.

How can I controll, which Ports are dynamicly allocated?
What is the rule of the port-allocation?
0
 
LVL 5

Expert Comment

by:heiko
ID: 1560983
there is no way to control port dynamicaly assigned to client.

the range of 1024-1030 is not large enough. the range is valid from 1024 to 65535 depending on open connections and sessions.

the rule for assignement is to get next unused port above 1024.
so normaly you will get a port less then 2000. some implementations are using next port above 1024 and highest used port until 65535 is reached. so you have much higher numbers.

NT is using 1. implementation. so you can limit to 2000 mostly.

0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
Resolve DNS query failed errors for Exchange
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
In a recent question (https://www.experts-exchange.com/questions/28997919/Pagination-in-Adobe-Acrobat.html) here at Experts Exchange, a member asked how to add page numbers to a PDF file using Adobe Acrobat XI Pro. This short video Micro Tutorial sh…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now