Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

BIND for public DNS server

Status
Not open for further replies.
filston

filston

Technical User
Sep 14, 2006
5
0
0
CA
Good morning guys,

We are trying to setup a public DNS setup for our domain which is working well when we need to query him but for an unknown reason cannot resolve anything else then all he got on him like per exemple.

He seem to have hes root hint configure and named.conf is pointing on the good file.

Bind Ver. 9.4 on FC6

Thanks a lot in advance and dont hesitate if you need more information.

Fred
 
Sort by date Sort by votes
Look to see if you allow port 53 outbound. On that server, you should be able to:
nslookup - 127.0.0.1
> set type=ns
> apple.com
Server: 140.172.10.9
Address: 140.172.10.9#53

Non-authoritative answer:
apple.com nameserver = nserver3.apple.com.
apple.com nameserver = nserver4.apple.com.
apple.com nameserver = nserver.asia.apple.com.
apple.com nameserver = nserver.euro.apple.com.
apple.com nameserver = nserver.apple.com.
apple.com nameserver = nserver2.apple.com.

Authoritative answers can be found from:
nserver.apple.com internet address = 17.254.0.50
nserver2.apple.com internet address = 17.254.0.59
nserver3.apple.com internet address = 17.112.144.50
nserver4.apple.com internet address = 17.112.144.59
>
[eugene@superior living_room]$ nslookup - 17.254.0.50
> Server: 17.254.0.50
Address: 17.254.0.50#53

canonical name = >

that would show that port 53 works. Also, to be able to serve things up (if this server is auth to a domain on the internet) you must allow 53 inbound.

Another way to test:
nslookup - IPADDRESSOFNAMESERVER
>set debug
>
and look at the output.

eugene
 
Upvote 0 Downvote
Thanks for the answer,

We made some testing and our firewall was bloquing some outgoiing traffic so that was causing the problem of not beeing able to resolve anything but himself.

Thanks for your help
 
Upvote 0 Downvote
Good to hear it.

If this is a Internet serving (primary or secondary) name server, you must allow port 53 inbound and restrict access on the server side. Generally, you want to allow queries to the domains you are authoritive only.

There are gobs of internet sites that will allow you to query and check the functioning of your domain via a cgi, a great way to test how the Internet perceives your DNS server.

eugene
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Propus Gemini
  • Locked
  • Question
BIND don't resolve Microsoft Teams URL
Replies
1
Views
3K
iggsterman
iggsterman
Richard Carter
  • Locked
  • Question
Set up BIND on DNS server for local home server
Replies
0
Views
2K
Richard Carter
Richard Carter
KenMeans
  • Locked
  • Question
DNS Issues with wireless router behind Atlantic Broad band Business Modem
Replies
0
Views
2K
KenMeans
KenMeans
alpha76
  • Locked
  • Question
Advice on DNS setup/configuration
Replies
3
Views
3K
technome
technome
R. B.
  • Locked
  • Question
BIND BLOCK IN ANY REQUEST
Replies
0
Views
2K
R. B.
R. B.

Part and Inventory Search

Sponsor

Back
Top