I have bind-9.2.2 running on a scratch built server kernel 2.4.22.
It is setup as an cacheing DNS server (caches internet requests).
When it is first run it is fine and works properly, after 12 to 24 hours it
will fail to resolve URL's requested from http browers. After restarting
it, it is fine and will work again. I suspect something is probing port
53, causing bind to fail to resolve. The log file shows port 53 probes.
Can I block/stop this?
How can I keep bind resolving properly?
Right now I am using fcron to restart bind every 24 hrs and I would like to
fix this so I don't have to restart bind.
I have iptables running with this:
#
# DNS Name Server TCP 53/UDP 25
#
$IPTABLES -A OUTPUT -o $INTERNET -p udp \
--sport $UNPRIVPORTS \
-d $NAMESERVER --dport 53 \
-m state --state NEW -j ACCEPT
$IPTABLES -A OUTPUT -o $INTERNET -p tcp \
--sport $UNPRIVPORTS \
-d $NAMESERVER --dport 53 \
-m state --state NEW -j ACCEPT
if [ $DNS_CACHE = "1" ]; then
# DNS CACHE LAN clients to private server (53)
$IPTABLES -A INPUT -i $LAN -p udp \
--sport $UNPRIVPORTS \
-d $LAN_ADDR --dport 53 \
-m state --state NEW -j ACCEPT
$IPTABLES -A INPUT -i $LAN -p tcp \
--sport $UNPRIVPORTS \
-d $LAN_ADDR --dport 53 \
-m state --state NEW -j ACCEPT
else
$IPTABLES -A FORWARD -o $INTERNET -p udp \
--sport $UNPRIVPORTS \
-d $NAMESERVER --dport 53 \
-m state --state NEW -j ACCEPT
$IPTABLES -A FORWARD -o $INTERNET -p tcp \
--sport $UNPRIVPORTS \
-d $NAMESERVER --dport 53 \
-m state --state NEW -j ACCEPT
fi
Here's a snippet from the logs:
Jan 24 17:26:47 server kernel: IN=eth0 OUT=
MAC=00:a0:c9:73:69:84:00:03:fe:e5:ac:8c:08:00 SRC=216.73.84.31
DST=65.25.139.68 LEN=71 TOS=0x00 PREC=0x00 TTL=53 ID=11978 PROTO=UDP
SPT=44318 DPT=53 LEN=51
Jan 24 17:26:47 server kernel: IN=eth0 OUT=
MAC=00:a0:c9:73:69:84:00:03:fe:e5:ac:8c:08:00 SRC=216.73.83.10
DST=65.25.139.68 LEN=71 TOS=0x00 PREC=0x00 TTL=53 ID=265 PROTO=UDP
SPT=50301 DPT=53 LEN=51
Jan 24 17:26:47 server kernel: IN=eth0 OUT=
MAC=00:a0:c9:73:69:84:00:03:fe:e5:ac:8c:08:00 SRC=63.150.129.66
DST=65.25.139.68 LEN=71 TOS=0x00 PREC=0x00 TTL=46 ID=0 DF PROTO=UDP
SPT=17906 DPT=53 LEN=51
Jan 24 17:26:47 server kernel: IN=eth0 OUT=
MAC=00:a0:c9:73:69:84:00:03:fe:e5:ac:8c:08:00 SRC=4.78.20.2
DST=65.25.139.68 LEN=71 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF PROTO=UDP
SPT=45160 DPT=53 LEN=51
Jan 24 17:26:48 server kernel: IN=eth0 OUT=
MAC=00:a0:c9:73:69:84:00:03:fe:e5:ac:8c:08:00 SRC=65.169.170.131
DST=65.25.139.68 LEN=71 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF PROTO=UDP
SPT=62304 DPT=53 LEN=51
Jan 24 17:26:57 server kernel: IN=eth0 OUT=
MAC=00:a0:c9:73:69:84:00:03:fe:e5:ac:8c:08:00 SRC=216.73.84.31
DST=65.25.139.68 LEN=71 TOS=0x00 PREC=0x00 TTL=53 ID=14440 PROTO=UDP
SPT=44318 DPT=53 LEN=51
Jan 24 17:26:57 server kernel: IN=eth0 OUT=
MAC=00:a0:c9:73:69:84:00:03:fe:e5:ac:8c:08:00 SRC=216.73.83.10
DST=65.25.139.68 LEN=71 TOS=0x00 PREC=0x00 TTL=53 ID=2667 PROTO=UDP
SPT=50301 DPT=53 LEN=51
Jan 24 17:26:57 server kernel: IN=eth0 OUT=
MAC=00:a0:c9:73:69:84:00:03:fe:e5:ac:8c:08:00 SRC=63.150.129.66
DST=65.25.139.68 LEN=71 TOS=0x00 PREC=0x00 TTL=46 ID=0 DF PROTO=UDP
SPT=17906 DPT=53 LEN=51
Jan 24 17:26:57 server kernel: IN=eth0 OUT=
MAC=00:a0:c9:73:69:84:00:03:fe:e5:ac:8c:08:00 SRC=4.78.20.2
DST=65.25.139.68 LEN=71 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF PROTO=UDP
SPT=45160 DPT=53 LEN=51
Jan 24 17:26:58 server kernel: IN=eth0 OUT=
MAC=00:a0:c9:73:69:84:00:03:fe:e5:ac:8c:08:00 SRC=65.169.170.131
DST=65.25.139.68 LEN=71 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF PROTO=UDP
SPT=62304 DPT=53 LEN=51
Thanks for your help!
|
Similar Threads
Linear Mode
