Firewall ports for dnsonly?

[JamesAB]

I opened a support ticket, but cPanel support could only offer this link which doesn't really help:
LinuxFAQ < 11_24/AllFAQ < TWiki

I'm simply trying to determine the minimum firewall ports required for running cPanel's dnsonly. Is there anybody running dnsonly that could shed some light on this?

Any help would be appreciated.

Thanks,
James

 

[cPanelKenneth]

I opened a support ticket, but cPanel support could only offer this link which doesn't really help:
LinuxFAQ < 11_24/AllFAQ < TWiki

I'm simply trying to determine the minimum firewall ports required for running cPanel's dnsonly. Is there anybody running dnsonly that could shed some light on this?

Any help would be appreciated.

Thanks,
James

For DNSOnly to operate it needs ports 2086 and 2087, minimum. Other ports, such as 25, are at your discretion.

 

[webcave]

@cpanelkenneth - wouldn't you need the DNS port open as well 53 that's how i have it on my configuration.

 

[JamesAB]

So something like this might be the bare minimum?

TCP_IN = 53,2086,2087
TCP_OUT = 53
UDP_IN = 53
UPD_OUT = 53,123

Adding 22 (in/out) for SSH and 25 (out) so the server can send mail out would probably be a good idea for us.

How about time synchronization? Does dnsonly use rdate on 37? Or do we need to setup NTP ourselves if we want to synchronize the server time?

Thanks,
James