dig @my-server-ip mydomain.com works from inside, not from outside?
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I get the result: Connection timed out; no server could be reached.
Could somebody please tell me how to fix it? Thank you.
*****
More information:
If I log in to my server using ssh and do: dig @x.x.x.73 mydomain.com
dig @x.x.x.248 mydomain.com
I can see my zone shown as expected:
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5_7.1 <<>> @x.x.x.73 mydomain.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12757
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;mydomain.com. IN A
;; ANSWER SECTION:
mydomain.com. 38400 IN A x.x.x.73
mydomain.com. 38400 IN A x.x.x.248
;; AUTHORITY SECTION:
mydomain.com. 38400 IN NS ns2.mydomain.com.
mydomain.com. 38400 IN NS ns1.mydomain.com.
;; ADDITIONAL SECTION:
ns1.mydomain.com. 38400 IN A x.x.x.73
ns2.mydomain.com. 38400 IN A x.x.x.248
;; Query time: 20 msec
;; SERVER: x.x.x.73#53(x.x.x.73)
;; WHEN: Sun Jan 15 11:46:30 2012
;; MSG SIZE rcvd: 129
*****
-BIND version 9.3.6, Centos 5.
- ping.eu/port-chk shows that my server ip x.x.x.73:53 port is open.
-Logging to my server using ssh, do a "dig google.com" also shows expected results.
I get the result:
Connection timed out; no server could be reached.
Could be a firewall blocking port 53udp/tcp
Quote:
- ping.eu/port-chk shows that my server ip x.x.x.73:53 port is open.
Since the above shows port 53 open, but dig cannot reach your dns, you should make sure that port 53 is open for both udp and tcp protocols.
If fact it's udp that is primarily used for dns queries.
netstat -tulpn above shows that port 53udp/tcp is already opened. Is that right?
The netstat output shows that bind is listening on the default port (53 tcp/udp). If the port is blocked by a firewall you will get no connection to it.
Anyway try to use tcp and see if you get your answer:
Yes, dig @x.x.x.73 mydomain.com +tcp works as expected. But dig @x.x.x.73 mydomain.com doesn't.
[root@monday ~]# iptables -L RH-Firewall-1-INPUT -n |grep 53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
Does this mean my server firewall does not block port 53 tcp/udp?
Regards.
Thank you for replying so quickly.
------------------
I have this vps server 5 months ago. During that period, I have installed apache, php, bind, postfix etc... and reinstalled them again and again many times; and they work fine all the time- even without my knowledge on iptable and firewall related stuffs. But this time, after doing a re-installation, bind does not work...
Nightmare, 2 days searching and trying many things on google, still can't find out what's wrong with the bind yet...
[root@monday ~]# iptables -L RH-Firewall-1-INPUT -n |grep 53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
Does this mean my server firewall does not block port 53 tcp/udp?
Yes, apparently it does not blocking port 53 tcp/udp, but since you get no response when using the default udp protocol, it means the port is closed somehow.
I don't know how RH-Firewall operates, but you might take a look here to see what you need to do.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
