Menu

#5626 DNS servers not responding

2.021
closed-fixed
nobody
None
5
2023-07-02
2023-07-01
Tom MacKenzie
No

I had a catastrophic failure of my main server due to my host changing the DHCP IP for my server. I recovered. I have two nameservers (separate servers) that now will not respond to external requests via dig. I have verified the firewall and here is my server config. Not sure what the heck is going on:

[root@ns1 ~]# netstat -an | grep :53
tcp 0 0 74.208.139.37:53 0.0.0.0: LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0: LISTEN
tcp 0 0 74.208.139.37:40493 70.35.197.230:53 TIME_WAIT
tcp 0 0 74.208.139.37:51085 217.174.244.99:53 TIME_WAIT
tcp 0 0 74.208.139.37:42709 70.35.197.230:53 TIME_WAIT
tcp6 0 0 :::53 ::: LISTEN
udp 0 0 74.208.139.37:53 0.0.0.0:
udp 0 0 127.0.0.1:53 0.0.0.0:
udp6 0 0 :::53 :::

[root@ns1 ~]# dig @74.208.139.37 vavias.com

        ; <<>> DiG 9.11.36-RedHat-9.11.36-8.el8 <<>> @74.208.139.37 vavias.com
        ; (1 server found)
        ;; global options: +cmd
        ;; Got answer:
        ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24659
        ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 5

        ;; OPT PSEUDOSECTION:
        ; EDNS: version: 0, flags:; udp: 1232
        ; COOKIE: ff0771682362e7334482c33a649fbb0f212ca24a33aa261e (good)
        ;; QUESTION SECTION:
        ;vavias.com.                    IN      A

        ;; ANSWER SECTION:
        vavias.com.             3600    IN      A       74.208.53.41

        ;; AUTHORITY SECTION:
        vavias.com.             3600    IN      NS      ns1.vavias.com.
        vavias.com.             3600    IN      NS      ns2.vavias.com.

        ;; ADDITIONAL SECTION:
        ns1.vavias.com.         3600    IN      A       74.208.139.37
        ns2.vavias.com.         3600    IN      A       217.174.244.99
        ns1.vavias.com.         3600    IN      AAAA    2a00:da00:1800:81cf::1
        ns2.vavias.com.         3600    IN      AAAA    2607:f1c0:1801:ef::1

        ;; Query time: 0 msec
        ;; SERVER: 74.208.139.37#53(74.208.139.37)
        ;; WHEN: Sat Jul 01 01:35:11 EDT 2023
        ;; MSG SIZE  rcvd: 207

But it won't answer from public.

[tom@ns2 ~]$ dig @74.208.139.37 vavias.com

        nothing.

Host firewall has Allow All TCP 53.

Related

Bugs: #5626

Discussion

  • Jamie Cameron

    Jamie Cameron - 2023-07-01

    Make sure you also allow UDP port 53

     

  • Tom MacKenzie

    Tom MacKenzie - 2023-07-01

    That's rookie. Thanks as always.

    On Sat, Jul 1, 2023, 01:53 Jamie Cameron jcameron_at_users.sourceforge.net_tommack@duck.com wrote:

    Make sure you also allow UDP port 53 [bugs:#5626] DNS servers not
    responding Status: open Group: 2.021 Created: Sat Jul 01, 2023 05:39 AM UTC
    by Tom MacKenzie Last Updated: Sat Jul 01, 2023 05:39 AM U
    DuckDuckGo did not detect any trackers.
    More →

    https://duckduckgo.com/-cZf6BuUeEYhQLaRbgiKRae6-nRyBzygf6eszHJrLbEcYwzXUPKRYuwUum05lTG_omoQziN1cgQb6O6o033ZA0YoPEJI26nC0oAh3-Bpo4nawvS_fSU1Fw

    Make sure you also allow UDP port 53

    [bugs:#5626] https://sourceforge.net/p/webadmin/bugs/5626/ DNS servers
    not responding

    Status: open
    Group: 2.021
    Created: Sat Jul 01, 2023 05:39 AM UTC by Tom MacKenzie
    Last Updated: Sat Jul 01, 2023 05:39 AM UTC
    Owner: nobody

    I had a catastrophic failure of my main server due to my host changing the
    DHCP IP for my server. I recovered. I have two nameservers (separate
    servers) that now will not respond to external requests via dig. I have
    verified the firewall and here is my server config. Not sure what the heck
    is going on:

    [root@ns1 ~]# netstat -an | grep :53
    tcp 0 0 74.208.139.37:53 0.0.0.0:
    * LISTEN tcp 0 0 127.0.0.1:53 http://127.0.0.1:53 0.0.0.0
    http://0.0.0.0: LISTEN
    tcp 0 0 74.208.139.37:40493 70.35.197.230:53 TIME_WAIT
    tcp 0 0 74.208.139.37:51085 217.174.244.99:53 TIME_WAIT
    tcp 0 0 74.208.139.37:42709 70.35.197.230:53 TIME_WAIT
    tcp6 0 0 :::53 :::
    * LISTEN udp 0 0 74.208.139.37:53 http://74.208.139.37:53 0.0.0.0
    http://0.0.0.0:
    udp 0 0 127.0.0.1:53 0.0.0.0:
    * udp6 0 0 :::53 :::*

    [root@ns1 ~]# dig @74.208.139.37 vavias.com

        ; <<>> DiG 9.11.36-RedHat-9.11.36-8.el8 <<>> @74.208.139.37 vavias.com        ; (1 server found)        ;; global options: +cmd        ;; Got answer:        ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24659        ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 5
    ;; OPT PSEUDOSECTION:        ; EDNS: version: 0, flags:; udp: 1232        ; COOKIE: ff0771682362e7334482c33a649fbb0f212ca24a33aa261e (good)        ;; QUESTION SECTION:        ;vavias.com.                    IN      A
    ;; ANSWER SECTION:        vavias.com.             3600    IN      A       74.208.53.41
    ;; AUTHORITY SECTION:        vavias.com.             3600    IN      NS      ns1.vavias.com.        vavias.com.             3600    IN      NS      ns2.vavias.com.
    ;; ADDITIONAL SECTION:        ns1.vavias.com.         3600    IN      A       74.208.139.37        ns2.vavias.com.         3600    IN      A       217.174.244.99        ns1.vavias.com.         3600    IN      AAAA    2a00:da00:1800:81cf::1        ns2.vavias.com.         3600    IN      AAAA    2607:f1c0:1801:ef::1
    ;; Query time: 0 msec        ;; SERVER: 74.208.139.37#53(74.208.139.37)        ;; WHEN: Sat Jul 01 01:35:11 EDT 2023        ;; MSG SIZE  rcvd: 207

    But it won't answer from public.

    [tom@ns2 ~]$ dig @74.208.139.37 vavias.com

        nothing.

    Host firewall has Allow All TCP 53.

    Sent from sourceforge.net because you indicated interest in
    https://sourceforge.net/p/webadmin/bugs/5626/

    To unsubscribe from further messages, please visit
    https://sourceforge.net/auth/subscriptions/

     

    Related

    Bugs: #5626

    alternate

  • Jamie Cameron

    Jamie Cameron - 2023-07-02
    • status: open --> closed-fixed
     

Log in to post a comment.