[CentOS] BIND issues, server not responding

Thu Aug 23 14:03:14 UTC 2007
Michel van Deventer <michel at van.deventer.cx>

>From what I see you have iptables 'in the way'.
Try to add the following rule to iptables and then try again :) 
iptables -I RH-Firewall-1-INPUT -j ACCEPT -p udp --dport 53 

If you like to have zone transfers or large queries done as well then you also
need to open a port for tcp/53
iptables -I RH-Firewall-1-INPUT -j ACCEPT -p tcp --dport 53

(to make the changes permanent do a 'service iptables save' after adding the
lines)

   Regards,

   Michel



On Thu, 23 Aug 2007 08:28:05 -0400, Ray Leventhal wrote
> Feizhou wrote:
> > Hello Ray,
> >
> >> Appears to be listening how I expected it to be, unless I'm not reading
> >> this right.
> >
> > Running 'dig www.swhi.net @64.135.16.15'
> >
> > ; <<>> DiG 9.2.4 <<>> www.swhi.net @64.135.16.15
> > ; (1 server found)
> > ;; global options:  printcmd
> > ;; connection timed out; no servers could be reached
> >
> > Robert suggested looking at your firewall. What rules do you have
> > related to port 53 udp?
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> Hi Feizhou,
> 
> As I'm not at all expert in my understanding of iptables I can't say
> definitely that there are any rules on port 53 udp but, here's the
> output of /sbin/iptables -L:
> 
> [root at sunspot ray]# /sbin/iptables -L
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> RH-Firewall-1-INPUT  all  --  anywhere             anywhere
> 
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
> RH-Firewall-1-INPUT  all  --  anywhere             anywhere
> 
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
> 
> Chain RH-Firewall-1-INPUT (2 references)
> target     prot opt source               destination
> ACCEPT     all  --  anywhere             anywhere
> ACCEPT     icmp --  anywhere             anywhere            icmp any
> ACCEPT     esp  --  anywhere             anywhere
> ACCEPT     ah   --  anywhere             anywhere
> ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:mdns
> ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
> ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ipp
> ACCEPT     all  --  anywhere             anywhere            state
> RELATED,ESTABLISHED
> ACCEPT     tcp  --  anywhere             anywhere            state 
> NEW tcp dpt:ssh REJECT     all  --  anywhere             anywhere    
>         reject-with icmp-host-prohibited
> 
> >From what is posted above, does it appear that iptables is the issue?
> 
> Thanks for all the help and advice!
> 
> Kind regards,
> ~Ray
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
> 
> BEGIN-ANTISPAM-VOTING-LINKS
> ------------------------------------------------------
> Teach CanIt if this mail (ID 900640) is spam:
> Spam:        http://neelix.grote.net/canit/b.php?c=s&i=900640&m=45a487d73292
> Not spam:    http://neelix.grote.net/canit/b.php?c=n&i=900640&m=45a487d73292
> Forget vote: http://neelix.grote.net/canit/b.php?c=f&i=900640&m=45a487d73292
> ------------------------------------------------------
> END-ANTISPAM-VOTING-LINKS


--
Het.Grote.Net WebMail, powered by OpenWebMail
--