telnet to 53

Hi, i have configured my server as Dns.

now I have changed others pc to look at the dns server by editing /etc/resolv.conf .
Everything is fine, internal pc can resolve anything via my dns server.
but one thing is wired.

if try to telnet to 53 port of my server it will say connection refused.
now i have added to allow any connection to come to port 53 [ hense, all internal pc can resolv any ip via my dns server] but still if i try to telnet to dns server it will not work.

now : if flush iptables then it will allow to telnet. so its iptables issue.
but I dont understand, i have opend port 53 still why i am not able to telnet port 53 ?

I have attached my iptables -L here  [ yo will seee the before last line, i have addedd trafiq to allow port 53]

[root@workshop setroubleshoot]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere
 
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere
 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
 
Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp any
ACCEPT     esp  --  anywhere             anywhere
ACCEPT     ah   --  anywhere             anywhere
ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:mdns
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ipp
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTAB                                                                                                  LISHED
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:n                                                                                                  fs
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:s                                                                                                  sh
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:n                                                                                                  etbios-ns
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:n                                                                                                  etbios-dgm
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:n                                                                                                  etbios-ssn
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:m                                                                                                  icrosoft-ds
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:h                                                                                                  ttp
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:d                                                                                                  omain
REJECT     all  --  anywhere             anywhere            reject-with icmp-ho                                                                                                  st-prohibited

Open in new window

LVL 29
fosiul01Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

http:// thevpn.guruCommented:
Are using tcp on DNS or UDP

netstat -an | grep :53
0
fosiul01Author Commented:
Hellooooooooooo boSS
after long time!! i emailed you soo many times about " how are u"" ok no problem,

i added rule as Udp ,

I didnot think i need to add tcp aswell

shall i add tcp ??


[root@workshop setroubleshoot]# netstat -an | grep :53
tcp        0      0 192.168.2.116:53            0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:53                0.0.0.0:*                   LISTEN
udp        0      0 0.0.0.0:53                  0.0.0.0:*                      
udp        0      0 192.168.2.116:53            0.0.0.0:*                      
udp        0      0 127.0.0.1:53                0.0.0.0:*                      
udp        0      0 0.0.0.0:5353                0.0.0.0:*                      
udp        0      0 :::53                       :::*                            
udp        0      0 :::5353                     :::*            
0
http:// thevpn.guruCommented:
Yeah add tcp as well...hehe thanks I am fine but VERY busy.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Webinar: Miercom Evaluates Wi-Fi Security

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom how WatchGuard's Wi-Fi security stacks up against the competition in our upcoming webinar!

fosiul01Author Commented:
hahahaah yap  done

i have added tcp and its able to telnet

but adding tcp is not manditory, right ??

whats the relation between telnet to 53  and tcp ??
0
TintinCommented:
You can't telnet to UDP services.
0
http:// thevpn.guruCommented:
as @Tintin said UDP is stateless I.e. you can not establish a 3 way handshake and have a telnet connection.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.