[H-GEN] Bind from behind a firewall

Sarah Walters sarah at uow.edu.au
Wed Sep 10 19:03:05 EDT 2003


[ Humbug *General* list - semi-serious discussions about Humbug and     ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]

Hi Rick,

On 11 Sep 2003 Rick Phillips <rickp at suntech.net.au> wrote:
> My syslog has the following two entries after "restart" of named - do
> these two entries confirm binding?
>
> Sep 11 07:28:11 hegwig named[5506]: listening on IPv4 interface lo,
> 127.0.0.1#53
> Sep 11 07:28:11 hegwig named[5506]: listening on IPv4 interface eth0,
> 192.168.2.185#53

Looks to me like you have it binding to the local address on eth0, not
the public address you mentioned below ...

> hegwig.suntech.net.au is authorative and is the troublesome one -
> 203.63.166.202
> borgcube.hcit.com.au is the secondary - 203.63.166.2
> 
> I have confirmed externally that port 53 is open on the firewall and my
> named.conf has the following entries "external view" in each of the zones -

It's definitely open - I can telnet to the port. Not sure what the
problem is there. I get this though:

sarah at tempus sarah$ dig @hegwig.suntech.net.au hegwig.suntech.net.au

; <<>> DiG 8.3 <<>> @hegwig.suntech.net.au hegwig.suntech.net.au 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; res_nsend to server hegwig.suntech.net.au  203.63.166.202: Connection
refused

We have a similar problem - but I can't do the lookup when specifying
@localhost either. Can telnet to localhost port 53, but not via the
public interface, so maybe it's a firewall problem for us. For now 
I'm using someone else's service until I can work this out.

-- 
Mrs Sarah Walters
Systems Group
Information Technology Services
University of Wollongong
Phone: +61 2 4221 3775


--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.  See http://www.humbug.org.au/



More information about the General mailing list