Hi, as soon I activate the ovh firewall (ALLOW: 22,25,80,143,443,587, 8080,8081, tcp, icmp, DENY: ipv4)
all programms / scripts which need to translate a domain name into an ip need about 4-5 seconds more.
For example: A simple ping on the console to google.com needs 5 seconds before the first package comes back. With deactivted ovh firewall it needs less than a second.
My system debian 9 with ispconfig 3.1. I also tried to set another dns server in etc/resolv.conf without success. Current settings are:
nameserver 127.0.0.1
nameserver 213.186.33.99
search ovh.net
I have no clue if I need to open another port (tried 53 tcp/udp without success). Or what else I can do to have fast dns translation with activated firewall.
Best Regards
I have the same issue, but all my DNS queries are dropped.
I have to disable firewall :]
That just suggests your firewall rules are wrong. Remember, DNS normally goes over UDP, but it will also fallback to TCP for larger records. You need to whitelist port 53 on both TCP and UDP. If you still run into any issues, paste the output from running:
> dig @213.186.33.99 google.com