http://www.dnsreport.com/tools/dnsreport.ch?domain=wedonew.com
Anybody show me how to fix this, thanks
Anybody show me how to fix this, thanks
I have error when DNS report
- Thread starter ThanhBT
- Start date
nobaloney
NoBaloney Internet Svcs - In Memoriam †
Make sure that your server answers to 202.134.18.37, and that port 53 isn't blocked by a firewall for either TCP/IP or for UDP.
Make sure that your nameserver is running.
Jeff
Make sure that your nameserver is running.
Jeff
When i run :
I try start named
My acl in firewall is allow port 53 for UDP and TCP
Help me to fix this
Code:
/etc/init.d/named status
rndc: connection to remote host closed
This may indicate that the remote server is using an older version of
the command protocol, this host is not authorized to connect,
or the key is invalid.I try start named
Code:
[root@server1 thanhbt]# /etc/init.d/named start
Starting named: named: already running[FAILED]My acl in firewall is allow port 53 for UDP and TCP
Code:
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53 dpt:53 state NEW
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:53 dpt:53 state NEWHelp me to fix this
Last edited:
nobaloney
NoBaloney Internet Svcs - In Memoriam †
What do you get when you try:
# service named restart
???
What do you get when you try:
# dig @localhost wedonew.com
???
Jeff
# service named restart
???
What do you get when you try:
# dig @localhost wedonew.com
???
Jeff
Code:
[root@server1 ~]# service named restart
Stopping named: [ OK ]
Starting named: [ OK ]
Code:
[root@server1 ~]# dig @localhost wedonew.com
; <<>> DiG 9.2.4 <<>> @localhost wedonew.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7274
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;wedonew.com. IN A
;; ANSWER SECTION:
wedonew.com. 14400 IN A 202.134.18.37
;; AUTHORITY SECTION:
wedonew.com. 14400 IN NS ns1.wedonow.com.
wedonew.com. 14400 IN NS ns2.wedonow.com.
;; ADDITIONAL SECTION:
ns1.wedonow.com. 14400 IN A 202.134.18.37
ns2.wedonow.com. 14400 IN A 202.134.18.37
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Nov 16 09:29:59 2006
;; MSG SIZE rcvd: 121Hey,
It looks like it could be a connectivity issue... The traceroute below is from Berkeley. A traceroute from DNSstuff also fails..
Can you ping/traceroute to www.dnsstuff.com from the server?
12 global.hgc.com.hk (218.189.8.215) 159.612 ms 160.695 ms 159.614 ms
13 global.hgc.com.hk (218.189.12.182) 180.962 ms 181.528 ms 189.491 ms
14 125.214.0.243 (125.214.0.243) 184.713 ms 182.280 ms 182.877 ms
15 202.134.16.210 (202.134.16.210) 180.245 ms 181.670 ms 181.002 ms
16 * * *
17 * * *
David
It looks like it could be a connectivity issue... The traceroute below is from Berkeley. A traceroute from DNSstuff also fails..
Can you ping/traceroute to www.dnsstuff.com from the server?
12 global.hgc.com.hk (218.189.8.215) 159.612 ms 160.695 ms 159.614 ms
13 global.hgc.com.hk (218.189.12.182) 180.962 ms 181.528 ms 189.491 ms
14 125.214.0.243 (125.214.0.243) 184.713 ms 182.280 ms 182.877 ms
15 202.134.16.210 (202.134.16.210) 180.245 ms 181.670 ms 181.002 ms
16 * * *
17 * * *
David
I get problem when traceroute to dnsstuff.com
Code:
[root@server1 ~]# traceroute [url]www.dnsstuff.com[/url]
traceroute to [url]www.dnsstuff.com[/url] (66.36.247.82), 30 hops max, 38 byte packets
traceroute: sendto: Operation not permitted
1 traceroute: wrote [url]www.dnsstuff.com[/url] 38 chars, ret=-1
*traceroute: sendto: Operation not permitted
traceroute: wrote [url]www.dnsstuff.com[/url] 38 chars, ret=-1
*traceroute: sendto: Operation not permitted
traceroute: wrote [url]www.dnsstuff.com[/url] 38 chars, ret=-1
*When i flush iptable i can traceroute, maybe firewall drop tcp.
This my ACL.
This my ACL.
Code:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN
DROP tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST
DROP tcp -- anywhere anywhere tcp flags:FIN,RST/FIN,RST
DROP tcp -- anywhere anywhere tcp flags:FIN,ACK/FIN
DROP tcp -- anywhere anywhere tcp flags:PSH,ACK/PSH
DROP tcp -- anywhere anywhere tcp flags:ACK,URG/URG
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP all -- anywhere anywhere state INVALID
DROP all -- 10.0.0.0/8 anywhere
DROP all -- 172.16.0.0/12 anywhere
DROP all -- 127.0.0.0/8 anywhere
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere 255.255.255.255
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
ACCEPT udp -- anywhere BASE-ADDRESS.MCAST.NET/4
ACCEPT igmp -- anywhere BASE-ADDRESS.MCAST.NET/4
DROP all -- anywhere BASE-ADDRESS.MCAST.NET/4
DROP all -- 240.0.0.0/4 anywhere
DROP all -- 0.0.0.0/8 anywhere
DROP all -- 169.254.0.0/16 anywhere
DROP all -- 192.0.2.0/24 anywhere
REJECT tcp -- anywhere anywhere tcp dpt:auth reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere udp dpt:auth reject-with icmp-port-unreachable
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:ftp-data
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:ftp
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:smtp
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:domain
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:http
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:pop3
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:imap
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:pop3s
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:mysql
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:2222
ACCEPT udp -- anywhere anywhere state NEW udp spts:1024:65535 dpt:domain
ACCEPT tcp -- anywhere server1.wedonow.com state NEW tcp spts:1024:65535 dpt:ssh
ACCEPT icmp -- anywhere server1.wedonow.com state NEW icmp echo-request
ACCEPT udp -- anywhere anywhere udp spt:domain dpt:domain state NEW
ACCEPT tcp -- anywhere anywhere tcp spt:domain dpt:domain state NEW
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP all -- anywhere anywhere state INVALID
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:ftp
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:smtp
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:time
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:nicname
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:domain
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:http
ACCEPT tcp -- anywhere anywhere state NEW tcp spts:1024:65535 dpt:https
ACCEPT udp -- anywhere anywhere state NEW udp spts:1024:65535 dpt:domain
ACCEPT udp -- anywhere anywhere udp spt:domain dpt:domain state NEW
ACCEPT tcp -- anywhere anywhere tcp spt:domain dpt:domain state NEW