Port 53 unreachable

[Jackiegoal]

I have a new server running, but it appears that my port 53 is closed, so I can't get named to function like it should. The strange part is: the Fedora Core 8 Firewall is disabled and I've emptied my IPtables until further notice, so that can't be it!

Could this be a named issue I've overlooked? It should listen to port 53, I've checked that. And named is running!

 

[chatwizrd]

What do you get with:

netstat -na | grep 53

 

[Jackiegoal]

tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN
tcp 0 0 ::1:53 :::* LISTEN
tcp 0 0 ::1:953 :::* LISTEN

Disregard the 953 ones, of course

 

[proHSP]

named doesn't listen your external ip addresses.
Please, show your named.conf.

 

[chatwizrd]

Its listening on localhost only then.

You need to edit your named.conf file wherever it is to make sure its listening on other interfaces then just 127.0.0.1

Then restart named.

 

[Jackiegoal]

In /etc/named.conf:

options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
recursion yes;
};

What to change?

 

[chatwizrd]

listen-on port 53 { 127.0.0.1; YOUR-IP; };

 

[chatwizrd]

Or Like this:

listen-on port 53 {
127.0.0.1;
YOUR-IP-HERE;
};

 

[Jackiegoal]

Which IP to use there? The server IP, both nameserver IPs or all?

 

[chatwizrd]

That is totally up to you. Normally it will be whatever ip address you plan to use for your nameserver.

 

[Jackiegoal]

Ah great, port 53 now responds. However, when I'm trying to use them as my nameservers, a new error appears at the nameserver check page:

* primary name server "ns1.domain.nl." [BROKEN]
Broken: the name server does not know of domain "domain.nl."
No SOA record was found for the requested domain, because the
addressed server does not have the domain configured and does not
relay the request either.

 

[chatwizrd]

Might mean that your domain isnt setup in named.conf.

You might need to try:

echo "action=rewrite&value=named" >> /usr/local/directadmin/data/task.queue

Did you already set it up in directadmin?

 

[Jackiegoal]

It's setup in DirectAdmin. And the zonefile is listed in named.conf.

Could it be that the registrar is not accepting it because I'm trying to change the nameservers for "domain.nl" to "ns1.domain.nl" and "ns2.domain.nl" while that domain currently doesn't resolve to the new IP adress? And how to fix that?

 

[chatwizrd]

I dont know all registrars are different. I never had that problem before... Are there any errors in /var/log/messages after you do /sbin/service named restart

 

[Jackiegoal]

Jul 2 19:54:01 server671 named[6288]: client 193.176.144.240#57614: query 'relywebsolutions.nl/SOA/IN' denied

relywebsolutions.nl is the domain.

 

[chatwizrd]

If this is going to be a dns server used on the internet you might want to remove the section in named.conf.

allow-query { localhost; };

also might want to change recursion to no

 

[Jackiegoal]

Did that, thanks for the tip. It seems to work now .. ? That didn't have anything to do with this though, right?