Router – Problem with the dns server

binddomain-name-systemrouter

I have a linux server with a bind daemon running on it. Until yesterday all worked like a charm and then suddendly it stopped to.
Because the named-daemon was still running and dns queries within my lan are still working I guessed, that the router/firewall would probably be the erroneous part.
So I looked into the error log of my zyxel prestige 662H-61 and saw an error, that too many nat connections were open. I restarted my router and increased the maximal number of connections for the nat.
But when i do a nslookup now, I get the following output

;; reply from unexpected source: 62.202.20.14#10095, expected 62.202.20.14#53
;; reply from unexpected source: 62.202.20.14#10095, expected 62.202.20.14#53
;; reply from unexpected source: 62.202.20.14#10095, expected 62.202.20.14#53
;; connection timed out; no servers could be reached

The logs of the named service are showing, that the request has been processed by the bind daemon.

Does anybody know what this means/what I have to change to get it working again?

Thanks a lot!

Best Answer

You DNS Server exepcting that PORT of reply should be 53, and it locked in this port. You should tweak named.conf for accepting dynamical(for this connection is 10095) range of ports.

Related Solutions

Website occasionally unavailable – DNS problem

First, ns1.visikid isn't found on the general internet:

tsavo:~ mcd$ host -t any visikid.com ns1.visikid.com
host: couldn't get address for 'ns1.visikid.com': not found

Your nameserver appears to be answering, but, has an SOA record that points to timesolutions.timesolutions.pl rather than ns1.visikid.com/ns2.visikid.com:

tsavo:~ mcd$ host -t any visikid.com 213.239.222.20
Using domain server:
Name: 213.239.222.20
Address: 213.239.222.20#53
Aliases: 

visikid.com mail is handled by 30 ASPMX3.GOOGLEMAIL.com.
visikid.com mail is handled by 30 ASPMX4.GOOGLEMAIL.com.
visikid.com mail is handled by 30 ASPMX5.GOOGLEMAIL.com.
visikid.com mail is handled by 10 ASPMX.L.GOOGLE.com.
visikid.com mail is handled by 20 ALT1.ASPMX.L.GOOGLE.com.
visikid.com mail is handled by 20 ALT2.ASPMX.L.GOOGLE.com.
visikid.com mail is handled by 30 ASPMX2.GOOGLEMAIL.com.
visikid.com descriptive text "v=spf1 a mx include:aspmx.googlemail.com include:_spf.google.com ~all"
visikid.com has SOA record timesolutions.timesolutions.pl. root.timesolutions.timesolutions.pl. 1265887100 10800 3600 604800 38400
visikid.com name server timesolutions.timesolutions.pl.
visikid.com has address 213.239.222.20
tsavo:~ mcd$ host -t ns visikid.com 8.8.8.8
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases: 

visikid.com name server timesolutions.timesolutions.pl.

but, that domain isn't configured:

tsavo:~ mcd$ host timesolutions.timesolutions.pl
Host timesolutions.timesolutions.pl not found: 3(NXDOMAIN)

$ host timesolutions.timesolutions.pl. 213.239.222.20
Using domain server:
Name: 213.239.222.20
Address: 213.239.222.20#53
Aliases: 

Host timesolutions.timesolutions.pl not found: 5(REFUSED)

Adjust your SOA record on visikid.com, or fix the ACL for timesolutions.pl if you're going to continue using it.

Router – DNS for private network – should router be the DNS server

It doesn't matter where you run it as long as it is reachable from the internal machines.

DNS is a very lightweight service, which can easily coexist with many others on a machine.

However, make sure it keeps working. When DNS fails, dozens of things will stop working and you'll be wondering what the heck is going on before you figure out DNS is down.

Related Topic

Nat – Running Nameserver behind NAT