Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

BIND 9.3.3 wont listen on public IP.

Posted on 2013-01-30
8
Medium Priority
?
777 Views
Last Modified: 2016-02-12
All of a sudden bind will not listen on my public port, only local. Ive tried many things

take a look

even though I have this in named.conf:

        listen-on {
                   127.0.0.1;
                   99.52.111.11;

};

I only get this..


Jan 30 06:33:56 host named[1311]: starting BIND 9.3.3 -u bind
Jan 30 06:33:57 host named[1311]: command channel listening on 127.0.0.1#953
Jan 30 06:33:57 host named[1311]: command channel listening on ::1#953
Jan 30 06:33:57 host named[1311]: running
Jan 30 06:37:09 host named[1322]: starting BIND 9.3.3 -4 -u bind
Jan 30 06:37:09 host named[1322]: command channel listening on 127.0.0.1#953
Jan 30 06:37:09 host named[1322]: running
0
Comment
Question by:lexshine
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 80

Expert Comment

by:arnold
ID: 38835372
Is the public IP is on the system where bind is running.
ifconfig -a is the IP you listed referenced there?
netstat -rn

Note, 953 is the rndc (named control connection interface) connection. To open up your named to be controlled remotely, you need to add the public IP to the rndc section listen configuration in rndc.conf.
0
 

Author Comment

by:lexshine
ID: 38836104
nope, no PUB ip's in my rndc.conf. does it add just like the local?

server 127.0.0.1 {
keys "rndc-key";
};

#this you should copy from your rndc.key file
key "rndc-key" {
algorithm hmac-md5;
secret "secretkey==";
};

controls {
inet 127.0.0.1 allow { localhost; }
keys { "rndc-key"; };
};
0
 
LVL 80

Expert Comment

by:arnold
ID: 38837672
Do you want or even need to have control over your named/bind service from outside ( which is the implication from your need to have the control/command channel listen on the external public IP fom the log.)

Based information you posted your named service for domain name resolution should respond to requests sent to the 99.xx.xx.xx IP as long the 99 IP is directly on this system.

If you use a firewall with port forwarding and the IP on your system is not 99.xx, your configuration is incorrect. To work you would need to adjust your list to include the IP of the system.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:lexshine
ID: 38849995
the prblem was identified and it was far from what I thought. open resolver so IP was turned off. anyone know how to close and open resolver? tried the following with no luck..

acl myip {192.168.1.1;};

options {
        directory       "/etc/namedb";
        pid-file        "/var/run/named/pid";
        dump-file       "/var/dump/named_dump.db";
        statistics-file "/var/stats/named.stats";

        listen-on {
                127.0.0.1;
                55.55.55.55;
        };

        allow-transfer {
                127.0.0.1;
                55.55.55.55;
        };


allow-recursion {myip; };

};
0
 
LVL 80

Expert Comment

by:arnold
ID: 38850000
Could you provide detail on what it is you are trying to do?
0
 

Author Comment

by:lexshine
ID: 38850203
I am trying to close an open resolver in BIND 9.3.3
0
 
LVL 80

Expert Comment

by:arnold
ID: 38850717
You opened this question on a completely different subject.
If the DNS has no authoritative domains, there is no reason to open it to the net.
Post the entire named.conf and any included file.
Allow-query in the options section might be what you are looking.
0
 
LVL 62

Accepted Solution

by:
gheist earned 1500 total points
ID: 38871023
:953 is where to send CONTROL COMMANDS,
:53 for DNS requests obeys your config directive.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question