[ale] Can't connect to port 53

Richard Bronosky richard at bronosky.com
Fri Jan 18 18:21:42 EST 2013 

Most decent domain registrars offer free basic DNS housing for the domains
you register there. Even GoDaddy offers that.
On Jan 18, 2013 2:34 PM, "Jim Lynch" <ale_nospam at fayettedigital.com> wrote:

> On 01/18/2013 11:48 AM, Michael H. Warfield wrote:
>
>> On Fri, 2013-01-18 at 09:38 -0500, Jim Lynch wrote:
>>
>>> Hi, Mike,
>>> Thanks.  I hate to admit it here 'cause I know general consensus here
>>> about webmin and gui's in general, but I was trying to generate a zone
>>> using webmin/dns.  It obviously didn't do what I thought it should.  As
>>> I said before I gotta do a bit more digging so I understand this stuff a
>>> bit better.  You're example helps a lot.  Thanks for that.
>>>
>> Ok...  That tells me a couple of important things.
>>
>> If you are generating a zone file, you must be setting up an
>> authoritative name server.
>>
> I guess.  The free dns servers seem to be drying up and going to a paid
> model.  I find it hard to pay as much for dns services as I do the systems
> themselves, so I'm digging into running my own dns servers.  I actually
> have 3 different VPS systems to play with and figured I'd run dns servers
> on at least two of them to serve everyone.  I'm just starting my
> investigation.
>
>>
>> Even if you set up a proper zone file and have that configured
>> correctly, you still must configure the name server itself to listen on
>> the network.  That's not in the zone file at all.  That's part of the
>> global named.conf configuration.
>>
> I am vaguely aware of that requirement.  One advantage I have is that two
> of the three servers have (I think) working dns servers configured properly
> (virtualmin generated).  I was trying, step by step, to duplicate using
> webmin.  I know I can just copy the config files over from another working
> system, make changes specific to that system and it should work, however
> for educational value I'm trying to see what webmin is doing.  I now know I
> didn't go far enough.
>
>>
>> Since you are able to telnet to localhost on port 53 you're obviously on
>> the machine hosting the nameserver so you should be able to
>> edit /etc/named.conf and inspect its content.
>>
>> I should also point out as well that telnet to port 53 is TCP where as
>> most DNS is going to operate over UDP with TCP as a fallback for larger
>> transfers like zone transfers.  The name server will listen on both TCP
>> and UDP sockets for the same addresses but also be sure your firewall
>> rules are consistent for TCP and UDP.
>>
> OK good info.  I turned off the firewall for testing.
>
>>
>> AFA nslookup goes...  Another poster was correct in that nslookup
>> deprecated and discouraged by the original authors (ISC - Internet
>> Systems Consortium).
>>
>> The reason for this is that nslookup uses its own peculiar internal
>> resolver and operates differently from "host" and "dig" as well as
>> normal name resolution lookups.  It may present results which are
>> inconsistent with the behavior of those two supported tools and other
>> applications doing name lookups.  It may work perfectly fine in most
>> simple cases but it has been stated that its behavior can be
>> "inconsistent" (due to its use of that internal resolver).  It hasn't
>> been updated in ages and may not support some of the newer DNS features,
>> either.
>>
>>  From ISC:
>>
>> http://www.isc.org/software/**bind/documentation/arm95#**id2547410<http://www.isc.org/software/bind/documentation/arm95#id2547410>
>>
>>  OK so it's time to come out of the '90s.  I do move slowly as I approach
> ancient age.  (No not capitalized so no whiskey here)
>
> Thanks again,
> Jim.
>
> ______________________________**_________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/**listinfo/ale<http://mail.ale.org/mailman/listinfo/ale>
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/**listinfo<http://mail.ale.org/mailman/listinfo>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130118/f54f0591/attachment-0001.html>

More information about the Ale mailing list