domain name system - how to open port 53 for bind - Server

It's a common default configuration for BIND on desktop installs to only listen on the "loopback" IP address. In fact your netstat -an output confirms that - I can see it listening on 127.0.0.1:53 but not on 0.0.0.0:53. Have a look at /etc/named.conf and check for the listen-on directive. Mine says: listen-on port 53 { any; }; If our port analysis reveals that your system's port 53 is open and listening for incoming traffic, you should determine what's going on. Even though only a few Trojan programs are known to open port 53, the exact behavior of malicious software is a constantly moving target . . . which is why periodic security checkups here are always worthwhile. Listening port is a network port on which an application or process listens on, acting as a communication endpoint. Each listening port can be open or closed (filtered) using a firewall. In general terms, an open port is a network port that accepts incoming packets from remote locations. 0.0.0.0:53 means listening on all interfaces. To prove this, switch off any firewalls on the server and use telnet to establish a connection to the port: telnet 53 If you get a connection (i.e.: it doesn't just close immediately) something is listening on port 53. listen-on port 53 { 127.0.0.1; 192.168..10; }; Add your network in the following line. I've added 192.168../24 to allow clients from 192.168../24 network to query the DNS server for the name to ip translation. options { directory "/var/cache/bind"; auth-nxdomain no; # conform to RFC1035 // contains a list of servers to which queries should // be forwarded (up to three servers may be listed) forwarders { 223.1.2.2; 223.1.2.3; }; // prefer usage of the name server declared in the // forwarders section forward first; // network interfaces to listen on and optionally the // port for IPv4/IPv6 (default port 53 does not need to be specified explicitly, because 53 is the default port. Enter 127.0.0.1 to permit requests from the local host. If you omit this entry entirely, all interfaces are used by default. listen-on-v6 port 53 {any; }; Tells BIND on which port it should listen for IPv6 client requests.

The port numbers in the range from 0 to 1023 (0 to 2 10 − 1) are the well-known ports or system ports. They are used by system processes that provide widely used types of network services. On Unix-like operating systems, a process must execute with superuser privileges to be able to bind a network socket to an IP address using one of the well-known ports.

1、配置 bind 服务,实现 www.magedu.org 域名解析. 服务端 10.0.0.71 yum install -y bind bind-utils;systemctl enable --now named. vim /etc/named.conf // listen-on port 53 { 127.0.0.1; }; Allow Both TCP and UDP Port 53 to Your DNS Servers

0.0.0.0:53 means listening on all interfaces. To prove this, switch off any firewalls on the server and use telnet to establish a connection to the port: telnet 53 If you get a connection (i.e.: it doesn't just close immediately) something is listening on port 53.

Allow Both TCP and UDP Port 53 to Your DNS Servers TCP port 53 can be used in the cases where the DNS responses greater than 512 bytes. However, using UDP messages are preferable to using TCP for large DNS messages is due to the fact that TCP The DNS Server service should listen on DNS port 53, but