Why does bind not list on UDP port 53?

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
#1
I'm running on a Debian 10 physical box with two wired network ports. This looks like it's supported. I've been having trouble getting the DNS request from the client working. Looking at the supplied bind config it's listening on port 5300 and there are no forwarders defined.

// GENERATED BY KEEXYBOX WEBUI
// DO NOT EDIT THIS FILE

options {
        directory "/opt/keexybox/bind//etc/zones";
        listen-on port 5300 { any; };
        dnssec-validation no;
        pid-file "/opt/keexybox/bind//var/run/named/named.pid";
        auth-nxdomain no;    # conform to RFC1035
        //listen-on-v6 { any; };
};
controls {
        inet 127.0.0.1 port 9530 allow {localhost;};
};
include "/opt/keexybox/bind//etc/conf.d/profiles.conf";
include "/opt/keexybox/bind//etc/conf.d/logging.conf";


Is this correct?

I changed the 5300 to 53 and added a forwarders section and it works.
Reply
#1
I'm running on a Debian 10 physical box with two wired network ports. This looks like it's supported. I've been having trouble getting the DNS request from the client working. Looking at the supplied bind config it's listening on port 5300 and there are no forwarders defined.

// GENERATED BY KEEXYBOX WEBUI
// DO NOT EDIT THIS FILE

options {
        directory "/opt/keexybox/bind//etc/zones";
        listen-on port 5300 { any; };
        dnssec-validation no;
        pid-file "/opt/keexybox/bind//var/run/named/named.pid";
        auth-nxdomain no;    # conform to RFC1035
        //listen-on-v6 { any; };
};
controls {
        inet 127.0.0.1 port 9530 allow {localhost;};
};
include "/opt/keexybox/bind//etc/conf.d/profiles.conf";
include "/opt/keexybox/bind//etc/conf.d/logging.conf";


Is this correct?

I changed the 5300 to 53 and added a forwarders section and it works.
Reply
#2
You should not modify bind9 configuration manually.

There are multiple instances of bind9 each running with a 53XX port. Port 53 is dynamically enabled with iptables by NAT to one of the 53XX ports depending on the source IP.

If you get issue using the DNS, this is not right way to fix it.

First, you have to check if the IP of the device that uses Keexybox's DNS is well connected in the Connections menu of the admin interface.
Reply
#2
You should not modify bind9 configuration manually.

There are multiple instances of bind9 each running with a 53XX port. Port 53 is dynamically enabled with iptables by NAT to one of the 53XX ports depending on the source IP.

If you get issue using the DNS, this is not right way to fix it.

First, you have to check if the IP of the device that uses Keexybox's DNS is well connected in the Connections menu of the admin interface.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)