HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   How can I get my server to listen to port 53 on an IP? (http://www.howtoforge.com/forums/showthread.php?t=47784)

dpicella 6th August 2010 05:02
How can I get my server to listen to port 53 on an IP?
 
My server does not seem to be listening to port 53 correctly.

I want my server to listen to port 53 on this IP: 65.60.101.156

I turned off iptables and disabled SELinux

Here is the output of # netstat -tapnl

Code:
# netstat -tapnl | grep named
tcp        0      0 10.1.1.191:53              0.0.0.0:*                  LISTEN      9627/named         
tcp        0      0 10.1.1.190:53              0.0.0.0:*                  LISTEN      9627/named         
tcp        0      0 127.0.0.1:53                0.0.0.0:*                  LISTEN      9627/named         
tcp        0      0 127.0.0.1:953              0.0.0.0:*                  LISTEN      9627/named         
tcp        0      0 ::1:53                      :::*                        LISTEN      9627/named         
tcp        0      0 ::1:953                    :::*                        LISTEN      9627/named
How can I get my server to listen to this IP on port 53?

Thanks! I am a bit of a noob to DNS!

falko 6th August 2010 12:02
What are the outputs of
Code:
netstat -uap
and
Code:
ifconfig
?

dpicella 6th August 2010 12:17
Quote:
Originally Posted by falko (Post 235708)
What are the outputs of
Code:
netstat -uap
and
Code:
ifconfig
?
Code:
# netstat -uap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address              Foreign Address            State      PID/Program name 
udp        0      0 *:34212                    *:*                                    5399/avahi-daemon: 
udp        0      0 10.1.1.191:domain          *:*                                    9627/named         
udp        0      0 10.1.1.190:domain          *:*                                    9627/named         
udp        0      0 localhost.locald:domain    *:*                                    9627/named         
udp        0      0 *:845                      *:*                                    4061/rpc.statd     
udp        0      0 *:gdoi                      *:*                                    4061/rpc.statd     
udp        0      0 *:mdns                      *:*                                    5399/avahi-daemon: 
udp        0      0 *:sunrpc                    *:*                                    3984/portmap       
udp        0      0 *:ipp                      *:*                                    4438/cupsd         
udp        0      0 10.1.1.191:ntp              *:*                                    4464/ntpd         
udp        0      0 10.1.1.190:ntp              *:*                                    4464/ntpd         
udp        0      0 localhost.localdomain:ntp  *:*                                    4464/ntpd         
udp        0      0 *:ntp                      *:*                                    4464/ntpd         
udp        0      0 localhost6.local:domain    *:*                                    9627/named         
udp        0      0 *:47561                    *:*                                    5399/avahi-daemon: 
udp        0      0 *:mdns                      *:*                                    5399/avahi-daemon: 
udp        0      0 fe80::7ae7:d1ff:fee:ntp    *:*                                    4464/ntpd         
udp        0      0 localhost6.localdomain6:ntp *:*                                    4464/ntpd         
udp        0      0 *:ntp                      *:*                                    4464/ntpd
Code:
# ifconfig
eth0      Link encap:Ethernet  HWaddr 78:E7:D1:EB:9A:82 
          inet addr:10.1.1.190  Bcast:10.1.1.255  Mask:255.255.255.0
          inet6 addr: fe80::7ae7:d1ff:feeb:9a82/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:349194 errors:0 dropped:0 overruns:0 frame:0
          TX packets:124015 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:289543271 (276.1 MiB)  TX bytes:10519146 (10.0 MiB)
          Interrupt:169 Memory:f4000000-f4012800

eth0:0    Link encap:Ethernet  HWaddr 78:E7:D1:EB:9A:82 
          inet addr:10.1.1.191  Bcast:10.1.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:169 Memory:f4000000-f4012800

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:20956 errors:0 dropped:0 overruns:0 frame:0
          TX packets:20956 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3980227 (3.7 MiB)  TX bytes:3980227 (3.7 MiB)

dpicella 6th August 2010 15:47
I modified /etc/named/chroot/etc/named.conf as follows (the original option directives I changed are commented out):

Code:
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
        // listen-on port 53 { 127.0.0.1; };
        // listen-on-v6 port 53 { ::1; };
        listen-on { any; };
        listen-on-v6 { any; };
        listen-on-v6 { ipv-6-address; };
        directory      "/var/named/chroot/var/named";
        dump-file      "/var/named/chroot/var/named/data/cache_dump.db";
        statistics-file "/var/named/chroot/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/chroot/var/named/data/named_mem_stats.txt";
        query-source address * port 53;
        allow-query    { any; };
        // allow-query    { localhost; };
        recursion yes;
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "." IN {
        type hint;
        file "named.root";
};
include "/var/named/chroot/etc/named.conf.local";
I restarted the named service and even rebooted and I am still not listening to port 53 as far as I can tell.

my dns works for:

dig @localhost domain.com
... but not ...
dig domain.com

dpicella 7th August 2010 03:55
Stumped ...

Server IP on the LAN
dig @10.1.1.190 jabsock.com
works!

Localhost
dig @localhost jabsock.com
works!

WAN IP (where the nameservers point)
dig @65.60.101.156 jabsock.com
Does not work!

I've checked in named.conf. Not sure what to do now. Remember, I do have both UDP and TCP forwarding port 53. Thanks!

Finally, I am not familiar with this but there are forwarders and there is a forwarding option in bind - does that have something to do with this? Thanks!

falko 7th August 2010 13:24
Please double-check your router configuration. You might also want to ask your ISP whether they block port 53.

dpicella 13th August 2010 14:02
I got it working. I moved the to a colocation facility where it is now bound to an IP that is not behind a router.

I believe that port 53 was blocked by the ISP because I know for sure that port 53 was forwarded both TCP and UDP.

Thanks for confirming what I thought might be the problem! You saved me a bunch of time. Cheers!


All times are GMT +2. The time now is 05:06.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.