LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-27-2016, 10:28 AM   #1
mangya
Member
 
Registered: Jul 2015
Distribution: CentOS
Posts: 84

Rep: Reputation: Disabled
CentOS 7 - unable to open port for dns


Hello All

Host: Fedora 23
Guest1: CentOS 7.2 (cdns.example.con)
Guest2: Debian 8.2 (ddns.example.con)

I'm learning bind server in centos 7.2 and debian 8.2 side-by-side. Both distros are installed in Qemu kvm. The problem I am facing is - not able to open port for bind server in CentOS.

This is the result I'm getting (of cdns.example.con) when queried from other hosts:
Code:
root@ddns:~# ping -c2 cdns.example.con
PING cdns.example.con (192.168.124.101) 56(84) bytes of data.
64 bytes from cdns.example.con (192.168.124.101): icmp_seq=1 ttl=64 time=0.217 ms
64 bytes from cdns.example.con (192.168.124.101): icmp_seq=2 ttl=64 time=0.301 ms

--- cdns.example.con ping statistics ---
2 packets transmitted, 2 received, 0 packet loss, time 999ms
rtt min/avg/max/mdev = 0.217/0.259/0.301/0.042 ms

root@ddns:~# nmap cdns.example.con

Starting Nmap 6.47 ( http://nmap.org ) at 2016-01-27 21:28 IST
Nmap scan report for cdns.example.con (192.168.124.101)
Host is up (0.00020s latency).
Not shown: 998 filtered ports
PORT   STATE  SERVICE
22/tcp open   ssh
53/tcp closed domain
MAC Address: 52:54:00:26:76:F4 (QEMU Virtual NIC)

Nmap done: 1 IP address (1 host up) scanned in 4.56 seconds

root@ddns:~# telnet cdns.example.con 53
Trying 192.168.124.101...
telnet: Unable to connect to remote host: Connection refused
This is what I have done.
Code:
[root@cdns ~]# yum install bind bind-utils
[root@cdns ~]# systemctl start named && systemctl enable named
[root@cdns ~]# firewall-cmd --permanent --add-service=dns
[root@cdns ~]# firewall-cmd --reload
This is query:
Code:
[root@cdns ~]# systemctl status named
 named.service - Berkeley Internet Name Domain (DNS)
   Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2016-01-27 20:48:56 IST; 54min ago
  Process: 1209 ExecStart=/usr/sbin/named -u named $OPTIONS (code=exited, status=0/SUCCESS)
  Process: 1200 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z /etc/named.conf; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
 Main PID: 1220 (named)
   CGroup: /system.slice/named.service
           1220 /usr/sbin/named -u named

Jan 27 20:48:56 cdns.example.con named[1220]: command channel listening on ::1#953
Jan 27 20:48:56 cdns.example.con named[1220]: managed-keys-zone: loaded serial 2
Jan 27 20:48:56 cdns.example.con named[1220]: zone 0.in-addr.arpa/IN: loaded serial 0
Jan 27 20:48:56 cdns.example.con named[1220]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
Jan 27 20:48:56 cdns.example.con named[1220]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
Jan 27 20:48:56 cdns.example.con named[1220]: zone localhost.localdomain/IN: loaded serial 0
Jan 27 20:48:56 cdns.example.con named[1220]: zone localhost/IN: loaded serial 0
Jan 27 20:48:56 cdns.example.con named[1220]: all zones loaded
Jan 27 20:48:56 cdns.example.con systemd[1]: Started Berkeley Internet Name Domain (DNS).
Jan 27 20:48:56 cdns.example.con named[1220]: running

[root@cdns ~]# firewall-cmd --query-service=dns
yes

[root@cdns ~]# netstat -ltunp | grep ':53'
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      1220/named          
tcp6       0      0 ::1:53                  :::*                    LISTEN      1220/named          
udp        0      0 127.0.0.1:53            0.0.0.0:*                           1220/named          
udp6       0      0 ::1:53                  :::*                                1220/named
What steps am I missing that is making dns ports closed?

Thanks

Last edited by mangya; 01-27-2016 at 10:30 AM.
 
Old 01-27-2016, 12:34 PM   #2
AlucardZero
Senior Member
 
Registered: May 2006
Location: USA
Distribution: Debian
Posts: 4,823

Rep: Reputation: 611Reputation: 611Reputation: 611Reputation: 611Reputation: 611Reputation: 611
From your netstat output: named is only listening on localhost (127.0.0.1 and ::1). Change its config to also listen on other interfaces (192.168.124.101, at least).
 
1 members found this post helpful.
Old 01-27-2016, 12:59 PM   #3
mangya
Member
 
Registered: Jul 2015
Distribution: CentOS
Posts: 84

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by AlucardZero View Post
From your netstat output: named is only listening on localhost (127.0.0.1 and ::1). Change its config to also listen on other interfaces (192.168.124.101, at least).
Changed to listen-on port 53 { 127.0.0.1; 192.168.124.101; }; in named.conf. Now port is open. Many thanks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
CentOS unable to enumerate USB device on port 1 baronobeefdip Linux - Hardware 7 02-12-2014 02:01 PM
Unable to open a port anwar5006 Linux - Newbie 10 10-25-2012 09:22 AM
CentOS 5: iptables - cannot open port 80 and nat to port 8080 for Tomcat steve willett Linux - Networking 4 09-24-2010 04:03 AM
How to open a port on a Centos 5 server swamprat Linux - Newbie 7 04-16-2009 05:54 PM
how to open port 53 (DNS)? importboy03 Linux - Security 3 02-07-2003 03:17 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 08:17 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration