Thanks for the suggestion I am sure No firewall at all. Also See I now I have reassigned the my previous IP which is 212.119.64.12, after that everything is fine. It wouldn't have worked with this IP if there is firewall on the box??
Regards, Mohammed Ejaz CYBERIAR SAUDI ARABIA P.O.Box 301079, Riyadh 11372, Saudi Arabia Tel: +966 11 464 7114 Ext. 140 Fax: +966 11 465 4735 -----Original Message----- From: bind-users-boun...@lists.isc.org [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Warren Kumari Sent: Saturday, December 27, 2014 2:27 AM To: Barry Margolin Cc: comp-protocols-dns-b...@isc.org Subject: Re: can't-resolve Also, from querying from the outside (with TCP): ~# dig +tcp www.auth-servers.net @212.119.64.228 ; <<>> DiG 9.10.1-P1 <<>> +tcp www.auth-servers.net @212.119.64.228 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 20716 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;www.auth-servers.net. IN A ;; Query time: 8260 msec ;; SERVER: 212.119.64.228#53(212.119.64.228) ;; WHEN: Fri Dec 26 18:18:30 EST 2014 ;; MSG SIZE rcvd: 49 Then trying the same query a few seconds later: dig +tcp www.auth-servers.net @212.119.64.228 ; <<>> DiG 9.10.1-P1 <<>> +tcp www.auth-servers.net @212.119.64.228 ;; global options: +cmd ;; connection timed out; no servers could be reached This really looks like a firewall -- perhaps there is some firewall software on the box itself? W On Fri, Dec 26, 2014 at 6:17 PM, Warren Kumari <war...@kumari.net> wrote: > What OS is this machine running? > > Interestingly enough, it is unpingable, and a quick nmap fingerprints it as: > Running: Sun Solaris 8 > OS CPE: cpe:/o:sun:sunos:5.8 > OS details: Sun Solaris 8 (SPARC) > > nmap could only find one open port (TCP 53 :-)) and so its > fingerprinting is unreliable, but it *does* look like you are behind a > firewall type devices. > It is unusual for machines themselves to not respond to pings. > > fpdns says: > fingerprint (212.119.64.228, 212.119.64.228): ISC BIND 9.2.3rc1 -- > 9.6.1-P1 [recursion enabled] > > > > On Fri, Dec 26, 2014 at 5:55 PM, Barry Margolin <bar...@alum.mit.edu> wrote: >> In article <mailman.1330.1419633581.26362.bind-us...@lists.isc.org>, >> "Ejaz" <me...@cyberia.net.sa> wrote: >> >>> I am sure sir there is no firewall on in the server you can make >>> sure by telnet to the port 53 of this IP 212.119.64.228 >> >> That doesn't mean anything. The firewall may be blocking OUTGOING >> packets to port 53, or they're blocking the returning replies (which >> go to an ephemeral port). >> >>> >>> >>> Regards, >>> Mohammed Ejaz >>> CYBERIAR SAUDI ARABIA >>> P.O.Box 301079, Riyadh 11372, Saudi Arabia >>> Tel: +966 11 464 7114 Ext. 140 >>> Fax: +966 11 465 4735 >>> >>> -----Original Message----- >>> From: bind-users-boun...@lists.isc.org >>> [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Matus UHLAR - >>> fantomas >>> Sent: Friday, December 26, 2014 7:35 PM >>> To: bind-users@lists.isc.org >>> Subject: Re: can't-resolve >>> >>> On 26.12.14 19:21, Ejaz wrote: >>> >When run "dig a yahoo.com @212.119.64.228 below is the ouput. >>> > >>> >yahoo.com. (38) >>> >17:39:41.363532 IP 212.119.64.228.37891 > 212.119.64.228.domain: 34168+ >>> >[1au] A? yahoo.com. (38) >>> >17:39:42.246993 IP 212.119.64.228.53702 > 192.5.5.241.domain: 58238 >>> >[1au] >>> A? >>> >yah oo.com. (38) >>> >17:39:42.247012 IP 212.119.64.228.45701 > 192.5.5.241.domain: 13223 [1au] >>> >NS? . (28) >>> >17:39:43.047148 IP 212.119.64.228.43795 > 128.63.2.53.domain: 1539 A? >>> >yahoo.com. (27) >>> >17:39:43.047154 IP 212.119.64.228.55178 > 128.63.2.53.domain: 56002 NS? . >>> >(17) >>> >17:39:43.847447 IP 212.119.64.228.61664 > 192.58.128.30.domain: 165 A? >>> >yahoo.com . (27) >>> >17:39:43.847542 IP 212.119.64.228.30239 > 192.58.128.30.domain: 11435 NS? . >>> >(17) >>> >17:39:44.995096 IP 212.119.64.228.24477 > 199.7.83.42.domain: 25645 >>> >[1au] >>> A? >>> >yahoo.com. (38) >>> >17:39:44.995162 IP 212.119.64.228.22170 > 199.7.83.42.domain: 44767 >>> >[1au] NS? . (28) >>> >17:39:45.897226 IP 212.119.64.228.35574 > 199.7.91.13.domain: 29284 A? >>> >yahoo.com. (27) >>> >17:39:45.897233 IP 212.119.64.228.36946 > 199.7.91.13.domain: 17626 NS? . >>> >(17) >>> >17:39:46.363642 IP 212.119.64.228.37891 > 212.119.64.228.domain: >>> >34168+ [1au] A? yahoo.com. (38) >>> >17:39:46.370282 IP 212.119.64.228.domain > 212.119.64.228.37891: >>> >34168 ServFail 0/0/1 (38) >>> >>> these are just outgoing DNS requests , no replies coming back. >>> Are you sure there is no firewall, or "security" gateway between >>> your server and the world? >>> >>> >>> -- >>> Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ >>> Warning: I wish NOT to receive e-mail advertising to this address. >>> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. >>> 42.7 percent of all statistics are made up on the spot. >>> _______________________________________________ >>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to >>> unsubscribe from this list >>> >>> bind-users mailing list >>> bind-users@lists.isc.org >>> https://lists.isc.org/mailman/listinfo/bind-users >> >> -- >> Barry Margolin >> Arlington, MA >> _______________________________________________ >> Please visit https://lists.isc.org/mailman/listinfo/bind-users to >> unsubscribe from this list >> >> bind-users mailing list >> bind-users@lists.isc.org >> https://lists.isc.org/mailman/listinfo/bind-users > > > > -- > I don't think the execution is relevant when it was obviously a bad > idea in the first place. > This is like putting rabid weasels in your pants, and later expressing > regret at having chosen those particular rabid weasels and that pair > of pants. > ---maf -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
