can't-resolve

Mohammed Ejaz mejaz at cyberia.net.sa
Sun Jan 4 14:28:36 UTC 2015 

yes, true the problem is  from the firewall. 

 

Thanks everyone for the tremendous support.

 

Ejaz

 

From: Warren Kumari [mailto:warren at kumari.net] 
Sent: Sunday, January 4, 2015 5:09 PM
To: Mohammed Ejaz
Cc: Barry Margolin; comp-protocols-dns-bind at isc.org
Subject: Re: can't-resolve

 



On Sunday, January 4, 2015, Mohammed Ejaz <mejaz at cyberia.net.sa <mailto:mejaz at cyberia.net.sa> > wrote:


Hello, all.

now everything is fine once the port > 1024 opened from the network
firewall.  

 

 

Ah! You mean on the firewall that everyone kept saying existed? And that folk kept providing evidence of? Who would have thought...

 

 

so it means not only 53 port requires to be open.

 

Yes. Which is why everyone was saying there was a firewall that you needed to adjust.

 

I think it would have been much more polite / appropriate to have posted that you'd found the firewall and acknowledged that you'd been mistaken...

 

W

 




-----Original Message-----
From: bind-users-bounces at lists.isc.org <javascript:;> 
[mailto:bind-users-bounces at lists.isc.org <javascript:;> ] On Behalf Of Ejaz
Sent: Sunday, December 28, 2014 11:10 AM
To: 'Warren Kumari'; 'Barry Margolin'
Cc: comp-protocols-dns-bind at isc.org <javascript:;> 
Subject: RE: can't-resolve

Thanks for the suggestion

I am sure No firewall at all.  Also See I now I have reassigned  the my
previous IP which is 212.119.64.12, after that everything is fine. It
wouldn't have worked with this IP if there is firewall on the box??

Regards,
Mohammed Ejaz
CYBERIAR SAUDI ARABIA
P.O.Box 301079, Riyadh 11372, Saudi Arabia
Tel: +966 11 464 7114 Ext. 140
Fax: +966 11 465 4735

-----Original Message-----
From: bind-users-bounces at lists.isc.org <javascript:;> 
[mailto:bind-users-bounces at lists.isc.org <javascript:;> ] On Behalf Of Warren Kumari
Sent: Saturday, December 27, 2014 2:27 AM
To: Barry Margolin
Cc: comp-protocols-dns-bind at isc.org <javascript:;> 
Subject: Re: can't-resolve

Also, from querying from the outside (with TCP):

 ~# dig +tcp www.auth-servers.net <http://www.auth-servers.net>    @212.119.64.228 <http://212.119.64.228> 
; <<>> DiG 9.10.1-P1 <<>> +tcp www.auth-servers.net <http://www.auth-servers.net>  @212.119.64.228 <http://212.119.64.228>  ;;
global options: +cmd ;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 20716 ;; flags: qr rd
ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.auth-servers.net <http://www.auth-servers.net> .          IN      A

;; Query time: 8260 msec
;; SERVER: 212.119.64.228#53(212.119.64.228) ;; WHEN: Fri Dec 26 18:18:30
EST 2014 ;; MSG SIZE  rcvd: 49

Then trying the same query a few seconds later:
dig +tcp www.auth-servers.net <http://www.auth-servers.net>    @212.119.64.228 <http://212.119.64.228> 

; <<>> DiG 9.10.1-P1 <<>> +tcp www.auth-servers.net <http://www.auth-servers.net>  @212.119.64.228 <http://212.119.64.228>  ;;
global options: +cmd ;; connection timed out; no servers could be reached

This really looks like a firewall -- perhaps there is some firewall software
on the box itself?

W


On Fri, Dec 26, 2014 at 6:17 PM, Warren Kumari <warren at kumari.net <javascript:;> > wrote:
> What OS is this machine running?
>
> Interestingly enough, it is unpingable, and a quick nmap fingerprints
> it
as:
> Running: Sun Solaris 8
> OS CPE: cpe:/o:sun:sunos:5.8
> OS details: Sun Solaris 8 (SPARC)
>
> nmap could only find one open port (TCP 53 :-)) and so its
> fingerprinting is unreliable, but it *does* look like you are behind a
> firewall type devices.
> It is unusual for machines themselves to not respond to pings.
>
> fpdns says:
> fingerprint (212.119.64.228, 212.119.64.228): ISC BIND 9.2.3rc1 --
> 9.6.1-P1 [recursion enabled]
>
>
>
> On Fri, Dec 26, 2014 at 5:55 PM, Barry Margolin <barmar at alum.mit.edu <javascript:;> >
wrote:
>> In article <mailman.1330.1419633581.26362.bind-users at lists.isc.org <javascript:;> >,
>>  "Ejaz" <mejaz at cyberia.net.sa <javascript:;> > wrote:
>>
>>> I am sure sir there is no firewall on  in the server you can make
>>> sure by telnet to the port 53 of this IP 212.119.64.228
>>
>> That doesn't mean anything. The firewall may be blocking OUTGOING
>> packets to port 53, or they're blocking the returning replies (which
>> go to an ephemeral port).
>>
>>>
>>>
>>> Regards,
>>> Mohammed Ejaz
>>> CYBERIAR SAUDI ARABIA
>>> P.O.Box 301079, Riyadh 11372, Saudi Arabia
>>> Tel: +966 11 464 7114 Ext. 140
>>> Fax: +966 11 465 4735
>>>
>>> -----Original Message-----
>>> From: bind-users-bounces at lists.isc.org <javascript:;> 
>>> [mailto:bind-users-bounces at lists.isc.org <javascript:;> ] On Behalf Of Matus UHLAR -
>>> fantomas
>>> Sent: Friday, December 26, 2014 7:35 PM
>>> To: bind-users at lists.isc.org <javascript:;> 
>>> Subject: Re: can't-resolve
>>>
>>> On 26.12.14 19:21, Ejaz wrote:
>>> >When  run "dig a yahoo.com <http://yahoo.com>  @212.119.64.228 <http://212.119.64.228>  below is the ouput.
>>> >
>>> >yahoo.com <http://yahoo.com> . (38)
>>> >17:39:41.363532 IP 212.119.64.228.37891 > 212.119.64.228.domain: 34168+
>>> >[1au] A?                           yahoo.com <http://yahoo.com> . (38)
>>> >17:39:42.246993 IP 212.119.64.228.53702 > 192.5.5.241.domain: 58238
>>> >[1au]
>>> A?
>>> >yah                          oo.com <http://oo.com> . (38)
>>> >17:39:42.247012 IP 212.119.64.228.45701 > 192.5.5.241.domain: 13223
[1au]
>>> >NS? .                           (28)
>>> >17:39:43.047148 IP 212.119.64.228.43795 > 128.63.2.53.domain: 1539 A?
>>> >yahoo.com <http://yahoo.com> .                           (27)
>>> >17:39:43.047154 IP 212.119.64.228.55178 > 128.63.2.53.domain: 56002 NS?
.
>>> >(17)
>>> >17:39:43.847447 IP 212.119.64.228.61664 > 192.58.128.30.domain: 165 A?
>>> >yahoo.com <http://yahoo.com>                           . (27)
>>> >17:39:43.847542 IP 212.119.64.228.30239 > 192.58.128.30.domain:
>>> >11435
NS? .
>>> >(17)
>>> >17:39:44.995096 IP 212.119.64.228.24477 > 199.7.83.42.domain: 25645
>>> >[1au]
>>> A?
>>> >yahoo.com <http://yahoo.com> . (38)
>>> >17:39:44.995162 IP 212.119.64.228.22170 > 199.7.83.42.domain: 44767
>>> >[1au] NS? . (28)
>>> >17:39:45.897226 IP 212.119.64.228.35574 > 199.7.91.13.domain: 29284 A?
>>> >yahoo.com <http://yahoo.com> . (27)
>>> >17:39:45.897233 IP 212.119.64.228.36946 > 199.7.91.13.domain: 17626 NS?
.
>>> >(17)
>>> >17:39:46.363642 IP 212.119.64.228.37891 > 212.119.64.228.domain:
>>> >34168+ [1au] A? yahoo.com <http://yahoo.com> . (38)
>>> >17:39:46.370282 IP 212.119.64.228.domain > 212.119.64.228.37891:
>>> >34168 ServFail 0/0/1 (38)
>>>
>>> these are just outgoing DNS requests , no replies coming back.
>>> Are you sure there is no firewall, or "security" gateway between
>>> your server and the world?
>>>
>>>
>>> --
>>> Matus UHLAR - fantomas, uhlar at fantomas.sk <javascript:;>  ; http://www.fantomas.sk/
>>> Warning: I wish NOT to receive e-mail advertising to this address.
>>> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
>>> 42.7 percent of all statistics are made up on the spot.
>>> _______________________________________________
>>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>>> unsubscribe from this list
>>>
>>> bind-users mailing list
>>> bind-users at lists.isc.org <javascript:;> 
>>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>> --
>> Barry Margolin
>> Arlington, MA
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>> unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users at lists.isc.org <javascript:;> 
>> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
> --
> I don't think the execution is relevant when it was obviously a bad
> idea in the first place.
> This is like putting rabid weasels in your pants, and later expressing
> regret at having chosen those particular rabid weasels and that pair
> of pants.
>    ---maf



--
I don't think the execution is relevant when it was obviously a bad idea in
the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair of
pants.
   ---maf
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org <javascript:;> 
https://lists.isc.org/mailman/listinfo/bind-users

--

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org <javascript:;> 
https://lists.isc.org/mailman/listinfo/bind-users

--





-- 
I don't think the execution is relevant when it was obviously a bad idea in the first place.
This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants.
   ---maf

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150104/b644550c/attachment-0001.html>

More information about the bind-users mailing list