The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

named - port 53 is open TCP and UDP, UDP not available from outside our network

Discussion in 'General Discussion' started by justhey, Sep 5, 2014.

  1. justhey

    justhey Registered

    Jul 9, 2014
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    DataCenter Provider

    we have a problem with the named daemon running on a full cPanel server.

    When doing dig from the the server to the server, I successfully get a result:

    root@hulk [~]# dig @HULK_IP
    ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> @HULK_IP
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 36996
    ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
    ;; WARNING: recursion requested but not available
    ; IN A
    ;; Query time: 3 msec
    ;; WHEN: Thu Sep 4 23:28:39 2014
    ;; MSG SIZE rcvd: 33
    It also works when I do same dig command from any other server in the same subnet as this server. However, when I do it from any other computer not in our network, I get:
    dig @HULK_IP
    ; <<>> DiG 9.4.3-P2 <<>> @HULK_IP
    ;; global options: printcmd
    ;; connection timed out; no servers could be reached
    I have tried to connect from multiple different servers outside our network and it simply doesn't work. What is interesting is that the telnet connection to the port 53 TCP works even from the outside:
    telnet HULK_IP 53
    Trying HULK_IP...
    Connected to
    Escape character is '^]'.
    List of open ports (53) on the system is:
    root@hulk [/]# netstat -na | grep 53
    tcp 0 0 HULK_IP:53* LISTEN
    tcp 0 0* LISTEN
    tcp 0 0* LISTEN
    tcp 0 0 ::1:53 :::* LISTEN
    udp 0 0 HULK_IP:53*
    udp 0 0*
    udp 0 0 ::1:53 :::*

    What is also interesting is that DNS works normally on a cPanel DNSONLY server, I can connect to DNS via UDP and TCP from inside and outside the network so I am pretty sure that our central firewall doesn't block anything. It must be something on this system (hulk), however I am unable to find it.

    I have spent quite some time on this and will be very glad for any ideas.

    TIA, Matej
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Apr 11, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    Hello :)

    To clarify, it's not just the dig results, but websites do not resolve outside of your internal network for anyone attempting to access them from a web browser? If so, have you verified this happens for any DNS zone on your system? You can open a support ticket using the link in my signature so we can take a closer look. Post the ticket number here so we can update this thread with the outcome.

    Thank you.

Share This Page