Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

DNS lookups failing on outside adapter

Posted on 2002-06-25
3
Medium Priority
?
240 Views
Last Modified: 2010-03-18
I'm setting up a network and I'm working on setting up my DNS servers.  The problem I'm having right now is that while DNS lookups for my domain are working from the inside (I'm querying the new DNS server from the inside network and I'm getting the correct values back) when I try to access it from the outside, I get a  Connection timed out error.  The connection is firewalled, but I've opened the port up to the outside.

These are the ports that are open to the outside world:

21/tcp     open        ftp
22/tcp     open        ssh
23/tcp     open        telnet
25/tcp     open        smtp
53/tcp     open        domain
80/tcp     open        http
110/tcp    open        pop-3

I can also telnet to port 53 and it accepts the connection, but when I try to run 'dig' against my server, it fails and refuses to connect.  I've set up bind to log everything and I get nothing in the logfile when I connect from my outside machine.

This is my named.conf file:

options {
        directory "/var/named";
        pid-file "named.pid";              // Put pid file in working dir
        interface-interval 0;
};

logging {
        channel namedlog {
                file "/var/log/named.log" versions 5 size 2m;
                print-time yes;
                print-category yes;
        };
        category "default" { namedlog; };
        category "general" { namedlog; };
        category "database" { namedlog; };
        category "security" { namedlog; };
        category "config" { namedlog; };
        category "resolver" { namedlog; };
        category "client" { namedlog; };
        category "unmatched" { namedlog; };
        category "queries" { namedlog; };
};

zone "XXXXXXXXXX.XXX" in {
        type master;
        file "db.XXXXXXXX.XXX";
};

key "rndc-key" {
        algorithm hmac-md5;
        secret "XXXXX";
};

controls {
        inet 127.0.0.1 port 953
        allow { 127.0.0.1; } keys { "rndc-key"; };
};

I'm running bind 9.2.1 on a RedHat 7.3 server.

any help is appreciated, Thanks in advance.

Jeff
0
Comment
Question by:Jerf
  • 2
3 Comments
 

Author Comment

by:Jerf
ID: 7108176
Forgot to mention - this is running on my firewall (small correction - it's a 7.2 server) which is running on a DSL line (ppp0).  I have an internal interface (eth1) and the external interface (eth0 + ppp0).  The server is responding on eth1, but not the others.
0
 
LVL 1

Accepted Solution

by:
smisk earned 800 total points
ID: 7108288
I'm no expert on bind, but I believe dig uses UDP ports for requests.  Try opening port 53/UDP.
0
 

Author Comment

by:Jerf
ID: 7108453
yeah - that'll do it.

Thanks!
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question