We help IT Professionals succeed at work.

DNS Server Port 53, is not reachable from the internet

185 Views
1 Endorsement
Last Modified: 2018-10-08
Hello, All;

Virtual Machine
Windows 2016 Server
Windows DNS
Belkin Router

OK, the other day my port 53 became unavailable, I did not find out about it, until last night.
All my other ports are reachable, but port 53 is NOT.
I have it opened in my Router, and I can telnet 53 on the VM Server itself.

The servers have been running fine for several months.
Can someone please let me know what I need to check, as this has all my sites down as well as the Mail Server.

Wayne
Comment
Watch Question

Paul MacDonaldDirector, Information Systems
CERTIFIED EXPERT

Commented:
Two things I'd look for:
1) Windows (or other software-based) Firewall on the VM and the host
2) Another software product that interferes with DNS (Quickbooks can break DNS if Quickbooks doesn't start first.)
Wayne BarronAuthor, Web Developer
CERTIFIED EXPERT
Top Expert 2009

Author

Commented:
Neither one is an issue on the server.
If I can telnet the port, it should be OK and accessible on the server.
Scott SilvaNetwork Administrator
CERTIFIED EXPERT

Commented:
Are you telnetting the port from outside?
Internal and external issues can be different.
Also your ISP could be blocking port 53 for some reason...
Sometimes they will get random ideas about different services they decide they don't want customers running...
Wayne BarronAuthor, Web Developer
CERTIFIED EXPERT
Top Expert 2009

Author

Commented:
I can telnet to the server from within the network on port 53.
I cannot telnet from outside of the network, the WWW cannot access my port 53.
Called my ISP, and since I purchased a Static IP From them, and I have my Modem BRIDGED to my Router.
There is no way for them to block any of my ports.
Paul MacDonaldDirector, Information Systems
CERTIFIED EXPERT

Commented:
"If I can telnet the port, it should be OK and accessible on the server."
Creating a connection on port 53 doesn't mean you're talking to DNS, it just means you're talking to something that's listening on port 53.
Scott SilvaNetwork Administrator
CERTIFIED EXPERT

Commented:
Telnet doesn't really work with DNS queries... Could be as simple as a router reboot, or it could be something else...
You need to use dig or other things that speak DNS from OUTSIDE... If they don't connect, I would really look at your routers port forwards.
Principal Support Engineer
CERTIFIED EXPERT
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION
Wayne BarronAuthor, Web Developer
CERTIFIED EXPERT
Top Expert 2009

Author

Commented:
I have DNS Connection now.
I can ping from the outside world and make a connection to my DNS Server.
HOWEVER. using tools: intodns.com
They cannot see or speak to my DNS Server.

So. To fix the issue with connecting to my DNS Server, the IP Address had been changed on the network, and I had to change it in the router.
From .22 to .21

So now, I just need to find out why the world is not able to communicate with it?
DrDave242Principal Support Engineer
CERTIFIED EXPERT

Commented:
Can you post the relevant portion of the intodns.com report? The details might help narrow down the problem.
Wayne BarronAuthor, Web Developer
CERTIFIED EXPERT
Top Expert 2009

Author

Commented:
Mismatched NS records
WARNING: One or more of your nameservers did not return any of your NS records.
DNS servers responded
ERROR: One or more of your nameservers did not respond:
The ones that did not respond are:
Multiple Nameservers
ERROR: Looks like you have less than 2 nameservers.
Missing nameservers reported by your nameservers
You should already know that your NS records at your nameservers are missing, so here it is again:
SOA record
No valid SOA record came back!
MX Records
Oh well, I did not detect any MX records
WWW A Record
ERROR: I could not get any A records for domain name
Scott SilvaNetwork Administrator
CERTIFIED EXPERT
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION
Wayne BarronAuthor, Web Developer
CERTIFIED EXPERT
Top Expert 2009

Author

Commented:
Dang.
OK, so, it was a HUGE mistake on my part, that goes all the way back to a month ago when I switched everything over from a single drive to a RAID drive setup with a Server Farm consisting of 7-VM Windows 2016 servers.

So, from the existing VMs that were not a Farm, I simply added in new entries into the ROUTER for the new servers and disabled the old pointers. And the IP Addresses I used (DUAL NICS), everything worked great for about a month, and then, yesterday happened.
The only thing I needed to do was change the IP Address to the other NIC, and BAM, everything went to working.

So, for future visitors to this Thread.
If you have DUAL NICS, and you are having issues with your DNS not working.
Change to the other NIC within your ROUTER.

Thanks all.
I will split the point and have this as ANSWER.

Wayne
Wayne BarronAuthor, Web Developer
CERTIFIED EXPERT
Top Expert 2009

Author

Commented:
Oh, and my Name Server had changed as well and was not properly put in.
So, I have to wait for that to go into effect and hopefully by tomorrow, I can post that everything is working right.
The only thing that is working at the moment, at least for some sites is the Mail Server.
And the DNS is working for getting my GMail to work for my main domain as well.

A lot of oversite and mess that I should have caught onto a month ago, is now biting me in the butt.
Scott SilvaNetwork Administrator
CERTIFIED EXPERT

Commented:
As long as you have it swinging toward fixed, that is good...

Don't feel bad, we all have done something like it at least once...
Wayne BarronAuthor, Web Developer
CERTIFIED EXPERT
Top Expert 2009

Author

Commented:
It seems that I have more issues than I originally expected.
DNS or Something is not functioning properly.

When I try to add my NS record, for my domain that I have assigned to the IP Address.
It gives me:

The IP Address(es) or this server cannot be found.
No such host is known.

The NS record exists and is found.
NS Record
But, I can no longer access it through my network.
And I use BUDDYNS.COM as well, and they also do not resolve like they used to.
Nothing works.

What has happened?
before switching over to a Web forest, I just had 4 servers that ran everything and all worked.
But now that I am running ARR, it is proving to be a complete pain in the butt, to get this thing working properly.

Any idea's on what would be causing the DNS Resolve Error?
NS Record - The IP Address for this server cannot be found.
Wayne BarronAuthor, Web Developer
CERTIFIED EXPERT
Top Expert 2009

Author

Commented:
Fixed the last issue.
On my primary domain, of which is
carrz-fox-fire.com
I needed the primary server to be.
ns1.carrz-fox-fire.com

All is good for this one.
Going to close it out.

I tell you, all it takes is a few minutes of reading and NOT being tired when you do it.

Have a good one all.
Wayne