On 12/03/11 3:46 PM, Weplica wrote:> I have CentOS 6 on a dedicated server. I haver bind 9.7 but I can't
> reach port 53 for DNS.
>
>
> netstat -na | grep LISTEN
>
> tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
> tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
> tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN
> tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
> tcp 0 0 :::80 :::* LISTEN
> tcp 0 0 ::1:53 :::* LISTEN
> tcp 0 0 :::22 :::* LISTEN
> tcp 0 0 ::1:953 :::* LISTEN
> tcp 0 0 :::443 :::* LISTEN
>
> How can I open the port 53.
A) DNS uses UDP as much or more than TCP.
B) are you running an authoritative DNS server for the internet, or
strictly a local caching DNS server?
C) you 'open' a port by using it or listening on it. a firewall can
block this.
unless you are running an authoritative DNS server for one or more
internet domains, you don't actually WANT the outside to reach your DNS,
or people can play various games and poison your cache.
it appears your DNS is listening only on localhost. 9.7 has significant
changes in its configuration file from previous versions...
listen-on port 53 { any; };
that determines the port and interfaces it listens on. if you're
running an internet authoritative zone server, you shoudl see something
like this in your netstat -an | grep ":53 " output...
tcp 0 0 11.22.33.126:53 0.0.0.0:*
LISTEN
tcp 0 0 11.22.33.124:53 0.0.0.0:*
LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:*
LISTEN
udp 0 0 11.22.33.126:53 0.0.0.0:*
udp 0 0 11.22.33.124:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*
(this particular server has two IPs to the outside world, 11.22.33.124
and 11.22.33.126...)
--
john r pierce N 37, W 122
santa cruz ca mid-left coast