8

I'm sure this has been asked in some form before but I'm completely new to DNS and inexperienced with Linux, so bear with me :)

I have a VPS from OVH hosting that I've managed to configure to suit my needs fairly well but I can't seem to get the DNS server working. According to the troubleshooting pages I've found on the web, Bind is configured not to accept connections from outside but I have no idea how to change this.

telnet localhost 53 on the server works

telnet myserver.com 53 on my local machine says telnet: Unable to connect to remote host: Connection refused

netstat -Wa returns the following

tcp        0      0 *:imaps                 *:*                     LISTEN
tcp        0      0 *:pop3s                 *:*                     LISTEN
tcp        0      0 localhost.localdomain:10024 *:*                     LISTEN
tcp        0      0 *:rsync                 *:*                     LISTEN
tcp        0      0 localhost.localdomain:10025 *:*                     LISTEN
tcp        0      0 localhost.localdomain:mysql *:*                     LISTEN
tcp        0      0 localhost.localdomain:813 *:*                     LISTEN
tcp        0      0 *:pop3                  *:*                     LISTEN
tcp        0      0 *:imap2                 *:*                     LISTEN
tcp        0      0 localhost.localdomain:spamd *:*                     LISTEN
tcp        0      0 *:sunrpc                *:*                     LISTEN
tcp        0      0 *:http-alt              *:*                     LISTEN
tcp        0      0 *:www                   *:*                     LISTEN
tcp        0      0 *:tproxy                *:*                     LISTEN
tcp        0      0 localhost.localdomain:domain *:*                     LISTEN
tcp        0      0 *:ftp                   *:*                     LISTEN
tcp        0      0 *:ssh                   *:*                     LISTEN
tcp        0      0 localhost.localdomain:953 *:*                     LISTEN
tcp        0      0 *:smtp                  *:*                     LISTEN
tcp        0      0 *:https                 *:*                     LISTEN
tcp        0      0 mydomain.com:ssh     0-0-0-0.bb.dnainternet.fi:63879 ESTABLISHED
tcp        0      0 mydomain.com:ssh     0-0-0-0.bb.dnainternet.fi:58003 ESTABLISHED
tcp        0      0 rps0000.ovh.net:56314   iscsi00.rps.ovh.net:3260 ESTABLISHED
udp        0      0 localhost.locald:domain *:*
udp        0      0 *:sunrpc                *:*
udp        0      0 mydomain.com:ntp     *:*
udp        0      0 rps0000.ovh.net:ntp     *:*
udp        0      0 localhost.localdoma:ntp *:*
udp        0      0 *:ntp                   *:*

Some troubleshooting pages say that there shuold be a line for Bind listening to port 53. Since I don't have that, could it be possible that there's something wrong, though /etc/init.d/bind9 status tells me bind9 is running?

Pichan
  • 195
  • 1
  • 1
  • 5
  • Please include your BIND configuration file - this is far more useful in troubleshooting a misconfigured nameserver. – voretaq7 May 04 '11 at 15:08

3 Answers3

5

Yes, bind is running. From your netstat output:

tcp        0      0 localhost.localdomain:domain *:*                     LISTEN

The "domain" service is port 53. The problem is that your bind daemon is only listening on localhost ( 127.0.0.1 ). You can change that behaviour on binds' config-file adding:

listen-on { any; };

( Check that there aren't any other listen-on lines on the file )

rsl
  • 396
  • 1
  • 3
3

This line shows bind listening:

tcp 0 0 localhost.localdomain:domain : LISTEN

netstat is translating the port number (53) to the service name (domain), as determined by the file /etc/services. As you can see, however, it is only listening on the loopback interface - localhost - instead of all interfaces (* or 0.0.0.0).

You don't specify which distro you're running, so the next step is somewhat murky. You're looking for the primary bind config file named.conf. It could be in /etc, /etc/bind9/, /etc/named/, /var/named/chroot/etc/, or really anywhere. Once you find it, look for the option 'listen-on' and remove it completely. Restart named and it should now listen on all interfaces.

David Bishop
  • 336
  • 1
  • 2
  • Thank you very much! I actually did take a look at named.conf before, looking for that directive but since I wasn't at all sure what I was doing, I didn't read the line pointing to `named.conf.options`, which contained the missing line. – Pichan May 04 '11 at 15:31
  • Thanks. I had a `listen-in-v6` call in my `named.conf.options`, and that seemed to interfere with `ipv4`. I removed it, and now things seem to be working find over TCP. – naught101 Sep 22 '16 at 06:14
1

Without seeing your BIND configuration file, I will take a shot in the dark and say you need to add/modify the listen-on directive(s) appropriately.

See http://www.zytrax.com/books/dns/ch7/hkpng.html or http://www.bind9.net/manual/bind/9.3.2/Bv9ARM.ch06.html for more information.
I would also suggest picking up a copy of DNS and BIND from O'Reilly and reading it. It covers everything you ever wanted to know about DNS and BIND but were afraid to ask...

voretaq7
  • 79,345
  • 17
  • 128
  • 213
  • Thanks for taking your time to answer my question. I bookmarked your links. I'm sure they'll come in handy in the future. EDIT: I'd also give you a +1 but can't yet :) – Pichan May 04 '11 at 15:34