Dig gives ;; connection timed out; no servers could be reached-
Sebastian Castro
secastro at nic.cl
Wed Jan 2 13:52:55 UTC 2002
On Tue, Jan 01, 2002 at 11:52:35PM -0500, Tarek Hamdy-Quixnet wrote:
> Sebastion,
>
Tarek
> I tried telnet 127.0.0.1:53 and got Name or service not known. I just tried
> telnet 127.0.0.1 53 and got telnet: connect to address 127.0.0.1: Connection
> timed out I tried to aviod installing telnet when I built the server to
> prevent crackers from telnetting into me.
>
Don't misunderstood.
If you do telnet 0, you will try to connect to 'telnet port', aka port 23.
If you do "telnet 0 53" you are trying to connect to port 53, aka, DNS
port.
If you got an "Connection timed out", means the port is open and not
responding. If were closed, you got "Connection refused".
That means a kind of firewall "IP Tables" is filtering.
You can try another thing: Run lsof.
lsof -i TCP:53
It will check in the kernel for ports being listened.
If fails (dont show anything ), then BIND was unable to bind the port.
Try that first, then we could check your rules.
Best Regards
> I can provide you with my iptables entries that relate to DNS like I did to
> Chris Rhea.
>
> Thanks for anwering
>
> Tarek Hamdy
> thamdyu at dontspameequixnet.net
> ----- Original Message -----
> From: "Sebastian Castro" <secastro at nic.cl>
> To: "Cris Rhea" <crhea at mayo.edu>
> Cc: "Tarek Hamdy" <thamdy at quixnet.net>;
> <comp-protocols-dns-bind at moderators.isc.org>
> Sent: Tuesday, January 01, 2002 10:47 PM
> Subject: Re: Dig gives ;; connection timed out; no servers could be reached-
>
>
> > On Tue, Jan 01, 2002 at 05:02:51PM -0600, Cris Rhea wrote:
> > >
> > > > When I reload named, I no errors in the log
> > > >
> > > > Dec 30 14:41:12 ham named: named startup succeeded
> > > > Dec 30 14:41:12 ham named[13909]: no IPv6 interfaces found
> > > > Dec 30 14:41:12 ham named[13909]: listening on IPv4 interface lo,
> > > > 127.0.0.1#53
> > > > Dec 30 14:41:12 ham named[13909]: listening on IPv4 interface eth0,
> > > > 192.168.113.33#53
> > > > Dec 30 14:41:12 ham named[13909]: listening on IPv4 interface eth1,
> > > > 208.184.11.178#53
> > > > Dec 30 14:41:12 ham named[13909]: command channel listening on
> 127.0.0.1#953
> > > > Dec 30 14:41:13 ham named[13909]: running
> > >
> > > You have no errors here, syntax or otherwise... ;)
> > >
> > > Aside from the comments others have made regarding improvments in your
> > > config files, I'd be looking at the iptables configs rather than
> > > BIND configs.
> > >
> > > Your server isn't answering queries (or the queries aren't getting to
> > > the BIND software).
> > >
> > > Since you didn't say how you configured iptables (ipCHAINS is enabled
> > > by default in RH7.2), I can't say where the problem might be, but your
> > > symptoms indicate to me that it's a firewall issue and not just a BIND
> > > issue.
> > >
> >
> > A way to test this is try to telnet to the host using the port used by
> BIND
> >
> > For example, if you were trying
> >
> > dig ns mydomain.com @127.0.0.1 and got "no servers available"
> >
> > try
> >
> > telnet 127.0.0.1 53
> >
> > or
> >
> > telnet 0 53
> >
> > If you get "connection refused", the problem is IP Tables for sure.
> >
> >
> > I hope I've helped
> >
> >
> > Best Regards
> >
> > --
> > Sebastian E. Castro Avila sebastian at nic.cl
> > DNS Manager, NIC Chile
> > "We are .CL"
> >
--
Sebastian E. Castro Avila sebastian at nic.cl
Administrador de DNS, NIC Chile
Agustinas 1357 Piso 4
Santiago, Chile Cod. Postal 6500587
Phone: +56-2-9407705 Fax : +56-2-9407701
More information about the bind-users
mailing list