cache does truely in local and doesn't work in remote
Warren Kumari
warren at kumari.net
Sun Sep 2 19:49:47 UTC 2012
On Sep 2, 2012, at 2:29 PM, Mohsen Pahlevanzadeh wrote:
> On Sun, 2012-09-02 at 13:59 -0400, Barry Margolin wrote:
>> In article <mailman.161.1346605971.11945.bind-users at lists.isc.org>,
>> Mohsen Pahlevanzadeh <mohsen at pahlevanzadeh.org> wrote:
>>
>>> According to result, my bind work truly, But when i the same command on
>>> my machine , i get the following result:
>>> /////////////////////////////////////
>>> root at debian:/home/mohsen# dig yahoo.com @184.22.226.206
>>>
>>> ; <<>> DiG 9.8.1-P1 <<>> yahoo.com @184.22.226.206
>>> ;; global options: +cmd
>>> ;; connection timed out; no servers could be reached
>>>
>>> ////////////////////////////////
>>>
>>> What do i set to solve it?
>>
>> My guess is you need to open TCP and UDP port 53 on a firewall somewhere.
>>
> I think my config has problem because my server is open port and when i
> use iptables -L , i see all of port are open, then i run :
> root at shared:/etc/bind# nmap localhost
>
> Starting Nmap 5.00 ( http://nmap.org ) at 2012-09-02 18:24 UTC
> Warning: Hostname localhost resolves to 2 IPs. Using 127.0.0.1.
> Interesting ports on localhost (127.0.0.1):
You are nmap'ing the loopback interface. Try nmap <your external IP> -- probably will be the same, bit…
Also, nmap shows you open *TCP* ports, not UDP.
Better than this would be to run netstat (like netstat -aln | grep 53 ) and see if it is listening on UDP 53.
> Not shown: 993 closed ports
> PORT STATE SERVICE
> 22/tcp open ssh
> 25/tcp open smtp
> 53/tcp open domain
> 80/tcp open http
> 111/tcp open rpcbind
> 3128/tcp open squid-http
> 3306/tcp open mysql
>
> Above result equal with :
> root at debian:/home/mohsen# nmap 184.22.226.205
>
> Starting Nmap 6.00 ( http://nmap.org ) at 2012-09-02 22:52 IRDT
> Nmap scan report for 184-22-226-205.static.hostnoc.net (184.22.226.205)
> Host is up (0.37s latency).
> Not shown: 994 closed ports
> PORT STATE SERVICE
> 22/tcp open ssh
> 25/tcp open smtp
> 53/tcp open domain
> 80/tcp open http
> 111/tcp open rpcbind
> 3128/tcp open squid-http
>
> second nmap is from my machine , not server.
> Then i run telnet from my machine and then i get :
> root at debian:/home/mohsen# telnet 184.22.226.205:53
> telnet: could not resolve 184.22.226.205:53/telnet: Name or service not
> known
> So, Firewall isn't drop my packets.
Actually that doesn't really show anything about your firewall -- telnet does't understand the <IP>:<port> syntax, so it tried to resolve the name "184.22.226.205:53", it doesn't try connect to port 53 on 184.22.226.205. If you want to try telnet to port 53 on 184.22.226.205, you need "telnet 184.22.226.205 53" (a space, not a colon).
W
>
> --mohsen
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Do not meddle in the affairs of dragons, for you are crunchy and taste good with ketchup.
More information about the bind-users
mailing list