Open Ports in BIND

Alan Clegg Alan_Clegg at isc.org
Sun Feb 1 16:23:41 UTC 2009 

Bind wrote:
> Dear Admins
> I installed Bindv9.5.1 and it works properly,,but i have some questions
> about these parameters:
> 
> # netstat -an |grep 53 |wc
>      391    1223   20656

I think you might want to use "lsof" (or your system equivalent) to find
the open ports that are directly related to BIND.

root at yellow:~# lsof -i -n -P | grep named | grep IP
COMMAND     PID   USER   FD   TYPE  DEVICE NODE NAME
named      6043   root   20u  IPv6   17419 TCP *:53 (LISTEN)
named      6043   root   21u  IPv4   17424 TCP 127.0.0.1:53 (LISTEN)
named      6043   root   22u  IPv4   17425 TCP 127.0.0.1:953 (LISTEN)
named      6043   root   23u  IPv6   17426 TCP [::1]:953 (LISTEN)
named      6043   root   24u  IPv4  133746 TCP 192.168.1.125:53 (LISTEN)
named      6043   root   25u  IPv4  646882 TCP 172.16.33.1:53 (LISTEN)
named      6043   root   26u  IPv4  646884 TCP 192.168.136.1:53 (LISTEN)
named      6043   root  512u  IPv6   17418 UDP *:53
named      6043   root  513u  IPv4   17423 UDP 127.0.0.1:53
named      6043   root  514u  IPv4  133745 UDP 192.168.1.125:53
named      6043   root  515u  IPv4  646881 UDP 172.16.33.1:53
named      6043   root  516u  IPv4  646883 UDP 192.168.136.1:53

(output slightly edited to fit 80 columns)

> is first number the total queries which asked from my server on port 53
> or number of sessions that stablished?

They are useless, as your method of collecting the information did not
actually gather anything that is provably related to BIND.

> # rndc status
> xxx...
> soa queries in progress: 1
> query logging is OFF
> recursive clients: 365/32668/32768
> tcp clients: 3/10000
> server is up and running

> what is the meaning of recursive clinets 365/32668?
> is 365 the number of queries which asked from my server or number of
> sessions from other clients to me?

You currently have 365 clients asking questions.

> what is the meaning of tcp clients:3?

Three clients are using TCP for some reason (zone transfer, truncation
fall-back-to-TCP, or direct TCP queries).

AlanC

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20090201/6153c2dc/attachment.bin>

More information about the bind-users mailing list