SolarPup
IT Geek-Dawg
Premium
join:2002-03-07
The Pound
clubs:
 ·Comcast
 ·AT&T CallVantage
 ·Osiris Communicati..
| [DNS] Mindboggling.. DNS Connect Refused?
So I can't figure it out for the life of me.. I have a DNS server running as a Primary, and a secondary on a different ISP. The primary is of course on Comcast, but when I go from the secondary to pull from the primary, it says DNS Connection Refused. I know Comcast doesn't block port 53 UDP outbound, but does it block it inbound? I can do traceroutes, nslookups, etc. just fine with no problem resolving DNS, but anything inbound, it won't let me do it.. and this is outside my router, just going straight from cablemodem to server box (and spare me the server lecture, I know about it.. this is DNS for 2 domains.)
--
...It was a good ol' deck, the fast forwards, the rewinds, the good play times.. |
|
SolarPup
IT Geek-Dawg
Premium
join:2002-03-07
The Pound
clubs: | Bump! |
|
kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
| reply to SolarPup
Comcast doesn't block port 53 AFAIK, but their DNS servers are likely not set up to allow zone transfers, which is what it sounds like you're trying to do.
If you're hosting your own domains, it's better to get a DNS hosting company to do it for you. Hosting primary DNS for a domain is a logistical nightmare on a dynamic IP, since if your IP changes you'd have to update the root nameserver entries and they can take a day or two to propagate.
You can run your own DNS server, but it's best to do so only as a local caching server, or for hosting internal sites (not accessed from outside).
--
SMTP: Spam and Malware Transfer Protocol. Also used on rare occasion to transmit e-mail messages. |
|
SolarPup
IT Geek-Dawg
Premium
join:2002-03-07
The Pound
clubs: | nono, just doing transfers between primary and secondary.. not to their dns servers... just weird.. but i guess it would make sense.
--
...It was a good ol' deck, the fast forwards, the rewinds, the good play times.. |
|
kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
1 edit | So the Primary is refusing connection from the Secondary, and the Primary is your server, right? Your server needs to be configured to allow zone transfers to the Secondary.
With proper configuration it should work, but you're in for headaches hosting DNS on a dynamic IP.
--
SMTP: Spam and Malware Transfer Protocol. Also used on rare occasion to transmit e-mail messages. |
|
SolarPup
IT Geek-Dawg
Premium
join:2002-03-07
The Pound
clubs:
·Comcast
·AT&T CallVantage
·Osiris Communicati..
| Yeah, it's set for that, and the logs show that its set to go to the right IP, and that the right IP is allowed for zone transfers.. -- Had this IP for 3 years, not too dynamic :P
--
...It was a good ol' deck, the fast forwards, the rewinds, the good play times.. |
|
kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
| Most likely it's a configuration issue with one of the two servers.
You can test to see if your server is receiving DNS requests on 53 by going to checkdns.net or dnsstuff.org and running a test on your domain. That would help confirm or deny any port blocking that is taking place.
--
SMTP: Spam and Malware Transfer Protocol. Also used on rare occasion to transmit e-mail messages. |
|
