The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DNS Reports showing major error on remote dns server

Discussion in 'Bind / DNS / Nameserver Issues' started by DWHS.net, Oct 22, 2007.

  1. DWHS.net

    DWHS.net Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,569
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    WARNING: One or more of your DNS servers does not accept TCP connections. Although rarely used, TCP connections are occasionally used instead of UDP connections. When firewalls block the TCP DNS connections, it can cause hard-to-diagnose problems. The problem servers are:


    Anyone know what would cause this? I have three remote servers set up but one gives this error, I disabled the firewall and it still does it. Also it has the dns zones rom new accounts fine and show bind running fine.

    Can't see any errors on the server yet it keeps showing this.
     
  2. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,279
    Likes Received:
    36
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    you likely wont see any errors on the server... it'll probably neve generate errors itself. But it sounds like TCP 53 is not open to that server, from the website that is doing the checking.

    On the server in question you should be able to do a netstat and see if its active:
    netstat -an|grep tcp|grep :53

    tcp 0 0 xxx.xxx.xx.xxx:53 0.0.0.0:* LISTEN
    tcp 0 0 xxx.xxx.xx.xxx:53 0.0.0.0:* LISTEN
    tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN

    And you should be able to telnet port 53 of that server and get a connection established (quite a non-useful connection, but a connection nonetheless). If you get a connection refused, then TCP 53 isn't active on that IP. If you dont get an established connection but instead it times out, a firewall somewhere is the culprit.

    Mike
     
  3. DWHS.net

    DWHS.net Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,569
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    Thanks Mike, I get this from that command:

    tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN

    Should it lists the ip's as well?
     
  4. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,279
    Likes Received:
    36
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    Yeah it should. I don't know if your Listen-On stanza only has 127.0.0.1 in iti, or if there is some other directive that is eluding me that may be in your named.conf and causing it not to listen.

    If you want to post the first bunch of lines of your named.conf (and obscure your actual IPs if they are in there), we can tell you. We don't need any of the 'zone' lines that list the domains you are authoritative for.

    Are you running CentOS 5.0 ro RHEL 5 (if there is such a best) - you know, the latest greatest redhat-based?

    MIke
     
  5. DWHS.net

    DWHS.net Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,569
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    Actually I added the ip's in the cpanel add ip tool, then rebooted and now it doesn't show the error. Thanks again.
     
Loading...

Share This Page