Nelson Serafica wrote: > Is it possible to set query-source to all? I'm using AMAZON EC2 and I > want to setup a DNS Server. I just notice it was bind to private ip > address. Since the public ip address was not on the OS ( probably a NAT > define by AMAZON), I cannot connect to it even just a telnet. When I do > netstat: > > tcp 0 0 10.252.178.180:53 > 0.0.0.0:* LISTEN 28428/named > tcp 0 0 127.0.0.1:53 > 0.0.0.0:* LISTEN 28428/named > tcp 0 0 127.0.0.1:953 > 0.0.0.0:* LISTEN 28428/named > udp 0 0 10.252.178.180:53 > 0.0.0.0:* 28428/named > udp 0 0 127.0.0.1:53 > 0.0.0.0:* 28428/named > > However, when I do nmap to the public ip, port 53 was not open. I > already open port 53 TCP and UDP but still to no avail. I did > query-source all port *; on named.conf but still keep on listening to > 10.252.178.180. My suspect is it keeps on listening to 10.252.178.180 > that's why I cannot connect to it. > > I'm using bind-9.5.0-P2.
It sounds like you need to configure the interfaces on which named listens for incoming queries rather than the IP address it uses for sending its own onward lookups? In that case you should be looking at the listen-on option rather than query-source. Whether this will solve your problem or not depends on how your server is set-up on Amazon EC2. Cathy _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
