Fedora Core 8 DNS Error?

Hello all, I recently noticed the lovely new Fedora C8 in the 'Deploy a Linux Distro' feature. However, I believe to have found an error. I installed, configured, and started up bind-chroot, and it works… locally. The ports are open, and the service is running. But, when I try to connect remotely, the ports 53/953 show up as closed, even according to nmap. I even tried deploying DNS as a stand-a-lone on a fresh drive; same error. I know this doesn't have to do with iptables, because they're set to completely disable the firewall.

Any concepts on what's happening?

7 Replies

Are you sure you configured the DNS server to listen on the external address? I think by default bind is configured as a local caching-only server.

Thanks for the response, and well, I configured DNS/Named as a fc8 document stated. A similar process was used on fc6, and worked just fine. I might just end up installing Bind8 over Bind9, and see what happens.

[edit] On second thought, I have a feeling that this might be due to linode's fc8's network settings, and not Bind. Because, even if DNS was not allowing remote connections, the port should still be open, remotely. Unless network settings were blocking it, no?

I have it running OK. Make sure your iptables allows bind. The default setup for iptables blocks many ports. Also if you enabled selinux you might have a problem there too.

fb

Ah, thanks, that's encouraging to hear. Well, I thought I had iptables allowing everything. If you don't mind, could you pass your setup? I can't seem to get this working. :?

Mine is kind of complicated as it is a secondary slave nameserver to my dedicated.

Just do 'service iptables stop' or iptables -F and try it. I am not actually using Fedora 8 on the linode right now. I have two images..Centos 5 and Fedora 8 both configured the same. I am running a Fedoral 8 desktop here at home with bind running also. If you are not getting errors with bind, then it must be working. The if you look at /var/log/messages just after you restart bind you should get some real good clues if there is a problem.

Try dig @localhost google.com and see the result.

If you need details, tell me what you need.

Fred B.

Awesome, man! After checking out the /var/log/messages, it said it was only listening on specific addresses, so after I checked out /etc/named.conf, it turns out my previous copy didn't write over… well partly. Bad Copy&Paste? Heh. Well sorry for the disturbances, everything is just peachy now, thanks people! =D

Great..BTW. If your running bind-chroot, /etc/named.conf is usually a ln from /var/named/chroot/etc. or at least it should be.

Fred B.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct