53/TCP port unresponsive

Mark Koehler makr_inc at yahoo.com
Fri Apr 3 00:26:35 UTC 2009


We have 4 masters (rsync'd together) and a pair of load balancers each of which distributes queries to any of the 4.  On the masters, we run Solaris 10 with BIND 9.5P1.  Recently, one of the 4 stopped using TCP on port 53, but UDP traffic continued unaffected.  What would cause the TCP port to stop?  The port was unresponsive from the backside of the load balancers, and no DNS TCP packets came from the server either.  Is there anything in BIND which would detect and block a potential DOS attack?

