     Since I rebuilt the firewall I've had a couple of complaints from people
about slow name service or no name service response from the outside.

     Port 53 for both UDP and TCP are cut through, I'm not sure what else might
be necessary for their proper operation, I'm thinking maybe it's an ICMP issue
involving MTU discovery.  Web traffic still appears normal and I've had no
complaint about outside people being unable to get to websites or mail here.

     What I need is a victim or two that is experiencing this problem and can
do some testing while I have you on the phone so I can log firewall data and
see what is being rejected.

     I can't just leave logging on because during a packet flood it eats too
much CPU and crashes the router.

     Right now one name server is down because I built a new kernel and booted
(and it didn't come back up), so I've got to make a trip over and troubleshoot.

