[CentOS] Can't open port 53 for Bind (DNS)

John R Pierce pierce at hogranch.com
Sun Dec 4 00:05:58 UTC 2011


On 12/03/11 3:46 PM, Weplica wrote:
> I have CentOS 6 on a dedicated server. I haver bind 9.7 but I can't
> reach port 53 for DNS.
>
>
> netstat -na | grep LISTEN
>
> tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
> tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
> tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN
> tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
> tcp 0 0 :::80 :::* LISTEN
> tcp 0 0 ::1:53 :::* LISTEN
> tcp 0 0 :::22 :::* LISTEN
> tcp 0 0 ::1:953 :::* LISTEN
> tcp 0 0 :::443 :::* LISTEN
>
> How can I open the port 53.

A) DNS uses UDP as much or more than TCP.

B) are you running an authoritative DNS server for the internet, or 
strictly a local caching DNS server?

C) you 'open' a port by using it or listening on it.   a firewall can 
block this.

unless you are running an authoritative DNS server for one or more 
internet domains, you don't actually WANT the outside to reach your DNS, 
or people can play various games and poison your cache.

it appears your DNS is listening only on localhost.  9.7 has significant 
changes in its configuration file from previous versions...

      listen-on port 53       { any; };

that determines the port and interfaces it listens on.   if you're 
running an internet authoritative zone server, you shoudl see something 
like this in your netstat -an | grep ":53 " output...

tcp        0      0 11.22.33.126:53          0.0.0.0:*                   
LISTEN
tcp        0      0 11.22.33.124:53          0.0.0.0:*                   
LISTEN
tcp        0      0 127.0.0.1:53             0.0.0.0:*                   
LISTEN

udp        0      0 11.22.33.126:53          0.0.0.0:*
udp        0      0 11.22.33.124:53          0.0.0.0:*
udp        0      0 127.0.0.1:53             0.0.0.0:*


(this particular server has two IPs to the outside world, 11.22.33.124 
and 11.22.33.126...)





-- 
john r pierce                            N 37, W 122
santa cruz ca                         mid-left coast




More information about the CentOS mailing list