Ok heres the situation. Friday night I accidently closed all the ports on my box when configuring the firewall. All the ports were shut so I went to my datacenter and opened back up what I want.

Everything is fine as far as the ports I want open and my question is why will my domains not come back on?

Lets say I have xyz.com and in my dns I have ns.xyz.com ns1.xyz.com and ns2.xyz.com. All my other domain names point to ns2 and ns2 and of course they dont resolve. Why is this happenening?

I do not have any problems connecting to the ip or doing a ping so I know all three are working. I restarted some services and everything apears to be running such as Named and httpd. Whats the problem?

Any help would be kool. Thanks.

J

Sounds like you firewalled port 53. You'll need UDP on port 53 to answer DNS queries, and TCP on port 53 to do zone transfers.

FYI: I believe that DNS also uses TCP for long queries, not just for zone transfers.

Originally posted by bitserve
FYI: I believe that DNS also uses TCP for long queries, not just for zone transfers.

The only host I have EVER seen who has a long query is hotmail.com's MX return.

and I see a LOT of dns results.

-davidu

Originally posted by DavidU


The only host I have EVER seen who has a long query is hotmail.com's MX return.

and I see a LOT of dns results.

-davidu

It's uncommon, yes, but it can happen. Especially when a query returns several records that each makes the nameserver send additional answers too.

If the sending DNS server does not simply cut the dns packet size to fit the UDP size, it will go to TCP to send a larger packet holding that information.

Could actually be fun to do some live stats on a busy cache recursive nameserver to see exactly how often it happens.