How to configure bind9 to accept connections from other machines
Solution 1
This line shows bind listening:
tcp 0 0 localhost.localdomain:domain : LISTEN
netstat is translating the port number (53) to the service name (domain), as determined by the file /etc/services. As you can see, however, it is only listening on the loopback interface - localhost - instead of all interfaces (* or 0.0.0.0).
You don't specify which distro you're running, so the next step is somewhat murky. You're looking for the primary bind config file named.conf. It could be in /etc, /etc/bind9/, /etc/named/, /var/named/chroot/etc/, or really anywhere. Once you find it, look for the option 'listen-on' and remove it completely. Restart named and it should now listen on all interfaces.
Solution 2
Yes, bind is running. From your netstat output:
tcp 0 0 localhost.localdomain:domain *:* LISTEN
The "domain" service is port 53. The problem is that your bind daemon is only listening on localhost ( 127.0.0.1 ). You can change that behaviour on binds' config-file adding:
listen-on { any; };
( Check that there aren't any other listen-on lines on the file )
Solution 3
Without seeing your BIND configuration file, I will take a shot in the dark and say you need to add/modify the listen-on
directive(s) appropriately.
See http://www.zytrax.com/books/dns/ch7/hkpng.html or http://www.bind9.net/manual/bind/9.3.2/Bv9ARM.ch06.html for more information.
I would also suggest picking up a copy of DNS and BIND from O'Reilly and reading it. It covers everything you ever wanted to know about DNS and BIND but were afraid to ask...
Related videos on Youtube
mccoya
Updated on September 18, 2022Comments
-
mccoya almost 2 years
I'm sure this has been asked in some form before but I'm completely new to DNS and inexperienced with Linux, so bear with me :)
I have a VPS from OVH hosting that I've managed to configure to suit my needs fairly well but I can't seem to get the DNS server working. According to the troubleshooting pages I've found on the web, Bind is configured not to accept connections from outside but I have no idea how to change this.
telnet localhost 53
on the server workstelnet myserver.com 53
on my local machine saystelnet: Unable to connect to remote host: Connection refused
netstat -Wa
returns the followingtcp 0 0 *:imaps *:* LISTEN tcp 0 0 *:pop3s *:* LISTEN tcp 0 0 localhost.localdomain:10024 *:* LISTEN tcp 0 0 *:rsync *:* LISTEN tcp 0 0 localhost.localdomain:10025 *:* LISTEN tcp 0 0 localhost.localdomain:mysql *:* LISTEN tcp 0 0 localhost.localdomain:813 *:* LISTEN tcp 0 0 *:pop3 *:* LISTEN tcp 0 0 *:imap2 *:* LISTEN tcp 0 0 localhost.localdomain:spamd *:* LISTEN tcp 0 0 *:sunrpc *:* LISTEN tcp 0 0 *:http-alt *:* LISTEN tcp 0 0 *:www *:* LISTEN tcp 0 0 *:tproxy *:* LISTEN tcp 0 0 localhost.localdomain:domain *:* LISTEN tcp 0 0 *:ftp *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 localhost.localdomain:953 *:* LISTEN tcp 0 0 *:smtp *:* LISTEN tcp 0 0 *:https *:* LISTEN tcp 0 0 mydomain.com:ssh 0-0-0-0.bb.dnainternet.fi:63879 ESTABLISHED tcp 0 0 mydomain.com:ssh 0-0-0-0.bb.dnainternet.fi:58003 ESTABLISHED tcp 0 0 rps0000.ovh.net:56314 iscsi00.rps.ovh.net:3260 ESTABLISHED udp 0 0 localhost.locald:domain *:* udp 0 0 *:sunrpc *:* udp 0 0 mydomain.com:ntp *:* udp 0 0 rps0000.ovh.net:ntp *:* udp 0 0 localhost.localdoma:ntp *:* udp 0 0 *:ntp *:*
Some troubleshooting pages say that there shuold be a line for Bind listening to port 53. Since I don't have that, could it be possible that there's something wrong, though
/etc/init.d/bind9 status
tells me bind9 is running?-
Admin about 13 yearsPlease include your BIND configuration file - this is far more useful in troubleshooting a misconfigured nameserver.
-
-
mccoya about 13 yearsThank you very much! I actually did take a look at named.conf before, looking for that directive but since I wasn't at all sure what I was doing, I didn't read the line pointing to
named.conf.options
, which contained the missing line. -
mccoya about 13 yearsThanks for taking your time to answer my question. I bookmarked your links. I'm sure they'll come in handy in the future. EDIT: I'd also give you a +1 but can't yet :)
-
naught101 almost 8 yearsThanks. I had a
listen-in-v6
call in mynamed.conf.options
, and that seemed to interfere withipv4
. I removed it, and now things seem to be working find over TCP.