HPE Community
Operating System - Linux
1820254 Members
2636 Online
109622 Solutions
New Discussion юеВ

Help my DNS server is refusing DNS requests.

 
Steven E. Protter
Exalted Contributor

тАО08-20-2002 09:48 AM

тАО08-20-2002 09:48 AM

Help my DNS server is refusing DNS requests.

I have a Red Hat 7.3 webserver that is also its own primary DNS.

When I do dig commands on the server, I get great, perfectly acceptable answers. Network Solutions has my DNS server configured correctly.

When the outside world tries to do a DNS lookup, its connection gets refused. I tried using it as a DNS server for a PC and did not get answers to my lookup requests.

I don't think I'm running firewall at all. What do I look at to quickly get this sucker adccepting DNS queries?
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
2 REPLIES 2
Steven E. Protter
Exalted Contributor

тАО08-20-2002 10:01 PM

тАО08-20-2002 10:01 PM

Re: Help my DNS server is refusing DNS requests.

Hey, with the help of other forum posters triggering my pea brain molecules, I fixed it myself.

RedHat's default firewall(ipchains) configures the system to protect it from DNS type attacks. It denies any external requests for DNS resolution.

If you do DNS res on the same server as your www, you then have a wee bit of a problem.

Solution: First, to get the DNS up, ipchains -F

This shuts the firewall, but its extremely dangerous to leave the server that way.

On red hat linux 7.3 do the following.

vi /etc/sysconfig/ipchains

add a line to the file in the accept section that looks like this.
-A input -s 0/0 -d 0/0 53 -p tcp -y -j ACCPET

One caveat: this lets you take DNS requests from all your IP addresses and NIC interfaces. You might want to restrict that to the IP addresses and interfaces you configured at Network Solutions as DNS servers.

Also, unless you are running a one machine shop, its an extremely good idea to have your secondary DNS on a different machine. I have an old D320 HP-UX box scheduled to come into my basement later this year. Wondering if its a better/faster web server than a Dell PowerEdge 500SC with 1.2 G of RAM. I will soon find out.

Bye all.
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО08-20-2002 10:03 PM

тАО08-20-2002 10:03 PM

Re: Help my DNS server is refusing DNS requests.

It would also probably help to restart the ipchains firewall

/etc/init.d/ipchains restart

Night.
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.