Can connect to port 53 but nslookup fails
For completeness sake, as an answer.
I can connect using TCP:
[root@server ~]# dig ve4edj.ca @24.77.125.34 +noedns +tcp
; <<>> DiG 9.11.1 <<>> ve4edj.ca @24.77.125.34 +noedns +tcp
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32111
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;ve4edj.ca. IN A
;; ANSWER SECTION:
ve4edj.ca. 3600 IN A 24.77.125.34
;; Query time: 234 msec
;; SERVER: 24.77.125.34#53(24.77.125.34)
;; WHEN: Tue May 23 20:39:24 CEST 2017
;; MSG SIZE rcvd: 43
Nmap reports port 53 UDP as open/filtered (AKA not responding):
[root@server ~]# nmap -p53 -sU -sT -sV 24.77.125.34
Starting Nmap 7.40 ( https://nmap.org ) at 2017-05-23 20:35 CEST
Nmap scan report for S01063cce738ef858.wp.shawcable.net (24.77.125.34)
Host is up (0.24s latency).
PORT STATE SERVICE VERSION
53/tcp open domain Microsoft DNS 6.1.7601
53/udp open|filtered domain
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 103.28 seconds
A tcpdump analysis further confirms that no responses are received when using UDP.
This means something (like a firewall) along the way isn’t letting the UDP traffic through. Since it’s probably a setup with port forwarding, you might want to take a look at that.
DNS queries are by default sent using UDP. Furthermore, DNS resolvers may not fall back to using TCP.
Related videos on Youtube
09 : 21
20 : 52
07 : 47
06 : 56
06 : 58
02 : 49
01 : 02 : 44
Erik Johnson
4th year Computer Engineering student coding for fun and for profit. Web, database, desktop, mobile, microcontroller, you name it. Fast learner and even faster coder (sometimes not such a great combination). The daily struggle. Preferred languages include C++, C#, Python, Ruby. Knowing a little about a lot is more useful than knowing a lot about a little. Remember, if the women don't find you handsome, they should at least find you handy. SOreadytohelp
Updated on September 18, 2022Comments
-
Erik Johnson over 1 year
Trying to get my DNS back up and running after my server was shut down for a week. My issue is that I can ping / telnet port 53 fine from the outside world, and I can nslookup fine from inside the network, but I can't nslookup from outside.
Nslookup from inside network:
> nslookup ve4edj.ca 192.168.1.50 Server: 192.168.1.50 Address: 192.168.1.50#53 Name: ve4edj.ca Address: 24.77.125.34Telnet from outside world:
> telnet 24.77.125.34 53 Trying 24.77.125.34... Connected to 24.77.125.34. Escape character is '^]'. ^] telnet> q Connection closed.Nslookup from outside world:
> nslookup ve4edj.ca 24.77.125.34 ;; connection timed out; no servers could be reached