DNS Server Port 53, is not reachable from the internet

Hello, All;

Virtual Machine
Windows 2016 Server
Windows DNS
Belkin Router

OK, the other day my port 53 became unavailable, I did not find out about it, until last night.
All my other ports are reachable, but port 53 is NOT.
I have it opened in my Router, and I can telnet 53 on the VM Server itself.

The servers have been running fine for several months.
Can someone please let me know what I need to check, as this has all my sites down as well as the Mail Server.

Wayne
LVL 31
Wayne BarronAuthor, Web DeveloperAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Paul MacDonaldDirector, Information SystemsCommented:
Two things I'd look for:
1) Windows (or other software-based) Firewall on the VM and the host
2) Another software product that interferes with DNS (Quickbooks can break DNS if Quickbooks doesn't start first.)
0
Wayne BarronAuthor, Web DeveloperAuthor Commented:
Neither one is an issue on the server.
If I can telnet the port, it should be OK and accessible on the server.
0
Scott SilvaNetwork AdministratorCommented:
Are you telnetting the port from outside?
Internal and external issues can be different.
Also your ISP could be blocking port 53 for some reason...
Sometimes they will get random ideas about different services they decide they don't want customers running...
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Wayne BarronAuthor, Web DeveloperAuthor Commented:
I can telnet to the server from within the network on port 53.
I cannot telnet from outside of the network, the WWW cannot access my port 53.
Called my ISP, and since I purchased a Static IP From them, and I have my Modem BRIDGED to my Router.
There is no way for them to block any of my ports.
0
Paul MacDonaldDirector, Information SystemsCommented:
"If I can telnet the port, it should be OK and accessible on the server."
Creating a connection on port 53 doesn't mean you're talking to DNS, it just means you're talking to something that's listening on port 53.
0
Scott SilvaNetwork AdministratorCommented:
Telnet doesn't really work with DNS queries... Could be as simple as a router reboot, or it could be something else...
You need to use dig or other things that speak DNS from OUTSIDE... If they don't connect, I would really look at your routers port forwards.
0
DrDave242Senior Support EngineerCommented:
If you can connect to the port from within your network and not from outside, the most likely culprit is your router. Check that port-forwarding rule again (and maybe even delete and recreate it). Also, keep in mind that DNS usually uses UDP  but can switch to TCP if necessary. Telnet, on the other hand, can only be used to connect to TCP ports.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Wayne BarronAuthor, Web DeveloperAuthor Commented:
I have DNS Connection now.
I can ping from the outside world and make a connection to my DNS Server.
HOWEVER. using tools: intodns.com
They cannot see or speak to my DNS Server.

So. To fix the issue with connecting to my DNS Server, the IP Address had been changed on the network, and I had to change it in the router.
From .22 to .21

So now, I just need to find out why the world is not able to communicate with it?
0
DrDave242Senior Support EngineerCommented:
Can you post the relevant portion of the intodns.com report? The details might help narrow down the problem.
0
Wayne BarronAuthor, Web DeveloperAuthor Commented:
Mismatched NS records
WARNING: One or more of your nameservers did not return any of your NS records.
DNS servers responded
ERROR: One or more of your nameservers did not respond:
The ones that did not respond are:
Multiple Nameservers
ERROR: Looks like you have less than 2 nameservers.
Missing nameservers reported by your nameservers
You should already know that your NS records at your nameservers are missing, so here it is again:
SOA record
No valid SOA record came back!
MX Records
Oh well, I did not detect any MX records
WWW A Record
ERROR: I could not get any A records for domain name
0
Scott SilvaNetwork AdministratorCommented:
do you feel confident sharing your domain name?
We could test from different spots on the planet...

And are you sure your port forward on your router is UDP and not just TCP?
Does your router have any name services of its own? If it does you will need to make sure it is off...
0
Wayne BarronAuthor, Web DeveloperAuthor Commented:
Dang.
OK, so, it was a HUGE mistake on my part, that goes all the way back to a month ago when I switched everything over from a single drive to a RAID drive setup with a Server Farm consisting of 7-VM Windows 2016 servers.

So, from the existing VMs that were not a Farm, I simply added in new entries into the ROUTER for the new servers and disabled the old pointers. And the IP Addresses I used (DUAL NICS), everything worked great for about a month, and then, yesterday happened.
The only thing I needed to do was change the IP Address to the other NIC, and BAM, everything went to working.

So, for future visitors to this Thread.
If you have DUAL NICS, and you are having issues with your DNS not working.
Change to the other NIC within your ROUTER.

Thanks all.
I will split the point and have this as ANSWER.

Wayne
0
Wayne BarronAuthor, Web DeveloperAuthor Commented:
Oh, and my Name Server had changed as well and was not properly put in.
So, I have to wait for that to go into effect and hopefully by tomorrow, I can post that everything is working right.
The only thing that is working at the moment, at least for some sites is the Mail Server.
And the DNS is working for getting my GMail to work for my main domain as well.

A lot of oversite and mess that I should have caught onto a month ago, is now biting me in the butt.
0
Scott SilvaNetwork AdministratorCommented:
As long as you have it swinging toward fixed, that is good...

Don't feel bad, we all have done something like it at least once...
0
Wayne BarronAuthor, Web DeveloperAuthor Commented:
It seems that I have more issues than I originally expected.
DNS or Something is not functioning properly.

When I try to add my NS record, for my domain that I have assigned to the IP Address.
It gives me:

The IP Address(es) or this server cannot be found.
No such host is known.

The NS record exists and is found.
NS Record
But, I can no longer access it through my network.
And I use BUDDYNS.COM as well, and they also do not resolve like they used to.
Nothing works.

What has happened?
before switching over to a Web forest, I just had 4 servers that ran everything and all worked.
But now that I am running ARR, it is proving to be a complete pain in the butt, to get this thing working properly.

Any idea's on what would be causing the DNS Resolve Error?
NS Record - The IP Address for this server cannot be found.
0
Wayne BarronAuthor, Web DeveloperAuthor Commented:
Fixed the last issue.
On my primary domain, of which is
carrz-fox-fire.com
I needed the primary server to be.
ns1.carrz-fox-fire.com

All is good for this one.
Going to close it out.

I tell you, all it takes is a few minutes of reading and NOT being tired when you do it.

Have a good one all.
Wayne
1
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.