On 8/24/05, Les Mikesell <lesmikesell at gmail.com> wrote: > On Wed, 2005-08-24 at 10:34, Arun K. Khan wrote: > > CentOS 4.1/bind-9.2.4-2. > > > > I have named serving as a cache DNS server plus SOA for a local intranet > > zone. > > > > The problem I am encountering - over a period of time it stops > > responding to queries. > > > (from 192.168.1.150) > > $ host www.yahoo.com 192.168.1.21 > > ;; connection timed out; no servers could be reached > > > > # nmapfe of 192.168.1.21 (from 192.168.1.150) > > (The 1208 ports scanned but not shown below are in state: > > closed) > > PORT STATE SERVICE > > 22/tcp open ssh > > 25/tcp open smtp > > 53/tcp open domain > > > > (ssh'd into named server using IP# 192.168.1.21) > > # service named status > > rndc: recv failed: operation canceled > > It looks like it can't reach the root servers. It has a private > address - could you have a problem with your NAT gateway to the > internet? How about your local firewalling on 53/udp to let > the responses back? > For DNS servers 53/tcp is required as well. UDP handles most requests but when the amount of data is great enough it uses TCP. IIRC yahoo returns quite a few. -- Leonard Isham, CISSP Ostendo non ostento.