[SOLVED] Unable to open port 53 after bind installation
by Newdoubt from LinuxQuestions.org on (#5J59J)
Hello All,
Please help me with this bind name server configuration :
This is what I have done
Code:]# yum install bind bind-utils
]# systemctl start named && systemctl enable named
]# firewall-cmd --permanent --add-service=dns
]# firewall-cmd --reload
Now named is up and running, and I have added custom dns zone entry and that is querying from the same server.
Code:[root@QMP ~]# service named status
Redirecting to /bin/systemctl status named.service
named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2021-05-22 19:12:29 UTC; 25min ago
Process: 18764 ExecStop=/bin/sh -c /usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID (code=exited, status=0/SUCCESS)
[root@QMP ~]#
[root@QMP ~]# netstat -plan | grep :53
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 18787/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 18787/named
[root@QMP ~]#
But the problem is port 53 is not open in outside, so cant query from outside.
Public IP of the server is 65.2.39.188
Code:@computer:~/$ telnet 65.2.39.188 53
Trying 65.2.39.188...
telnet: Unable to connect to remote host: Connection refused
@computer:~/$ nmap 65.2.39.188 -Pn
Starting Nmap 7.80 ( https://nmap.org ) at 2021-05-23 01:31 IST
Nmap scan report for ec2-65-2-39-188.ap-south-1.compute.amazonaws.com (65.2.39.188)
Host is up (0.061s latency).
Not shown: 997 filtered ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp closed domain
9090/tcp closed zeus-admin
Nmap done: 1 IP address (1 host up) scanned in 15.53 seconds
@computer:~/$
Already added public ip in named.conf
Code:[root@QMP ~]# grep 65.2.39.188 /etc/named.conf
listen-on port 53 { 127.0.0.1; 65.2.39.188; };
[root@QMP ~]#
firewall whitelist rules are also there for port 53 :
Code:[root@QMP ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: cockpit dhcpv6-client dns ssh
ports: 53/udp 53/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@QMP ~]#
Please advice
Please help me with this bind name server configuration :
This is what I have done
Code:]# yum install bind bind-utils
]# systemctl start named && systemctl enable named
]# firewall-cmd --permanent --add-service=dns
]# firewall-cmd --reload
Now named is up and running, and I have added custom dns zone entry and that is querying from the same server.
Code:[root@QMP ~]# service named status
Redirecting to /bin/systemctl status named.service
named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2021-05-22 19:12:29 UTC; 25min ago
Process: 18764 ExecStop=/bin/sh -c /usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID (code=exited, status=0/SUCCESS)
[root@QMP ~]#
[root@QMP ~]# netstat -plan | grep :53
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 18787/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 18787/named
[root@QMP ~]#
But the problem is port 53 is not open in outside, so cant query from outside.
Public IP of the server is 65.2.39.188
Code:@computer:~/$ telnet 65.2.39.188 53
Trying 65.2.39.188...
telnet: Unable to connect to remote host: Connection refused
@computer:~/$ nmap 65.2.39.188 -Pn
Starting Nmap 7.80 ( https://nmap.org ) at 2021-05-23 01:31 IST
Nmap scan report for ec2-65-2-39-188.ap-south-1.compute.amazonaws.com (65.2.39.188)
Host is up (0.061s latency).
Not shown: 997 filtered ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp closed domain
9090/tcp closed zeus-admin
Nmap done: 1 IP address (1 host up) scanned in 15.53 seconds
@computer:~/$
Already added public ip in named.conf
Code:[root@QMP ~]# grep 65.2.39.188 /etc/named.conf
listen-on port 53 { 127.0.0.1; 65.2.39.188; };
[root@QMP ~]#
firewall whitelist rules are also there for port 53 :
Code:[root@QMP ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: cockpit dhcpv6-client dns ssh
ports: 53/udp 53/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@QMP ~]#
Please advice