nslookup gives "connection timed out; no server could be reached"

hello321_1999 · 11-26-2004, 10:13 AM

I am pretty new to Linux/networking, so please bear with me.

I have a SLES that I use as a webserver. It has the IP address 10.108.15.133 and subnet mask 255.255.252.0.
I have recently moved this server into my DMZ because I run a web application on this server, and want to keep the server in a different network from my company network.
When I type:
> nslookup XXX
(where XXX is some machine in my company network)
I get the following:

> nslookup XXX
;; connection timed out; no servers could be reached

I have used Yast2 to set my name server to 10.108.11.224, which is the DNS server for the company network.

I understand the cause of this problem could lie in many areas. E.g.:
1. nslookup not configured on the SLES
2. firewall preventing nslookup from using a DNS server sitting in a different network.
3. etc.

Why does nslookup not work from my SLES sitting in the DMZ? Is there any tests that I can do help me identify where the problem lies?

Thanks in advance.

neo77777 · 11-26-2004, 10:50 AM

1. I would suspect that firewall prevents the dns traffic to flow freely between DMZ and LAN.
2. I would also check if DNS service is up and running on the nameserver.
Boris.

hello321_1999 · 11-26-2004, 11:02 AM

1. What port do I need to open up to allow dns traffic to flow freely between DMZ and LAN?
2. How do I check if DNS service is up and running on the nameserver?

neo77777 · 11-26-2004, 11:23 AM

you need to allow traffic from DMZ to nameserver on LAN on UDP port 53.
the easiest way to find out if dns is working on the nameserver is
dig @localhost hostname
and see if you get a result back
if you are using BIND you can check with
ps -ef|grep [n]amed
and see if the process is running