[Pdns-users] Can't access remotely: "connection timed out; no servers could be reached"

Leen Besselink leen at wirehub.nl
Tue Jan 20 21:33:01 UTC 2009

On Tue, Jan 20, 2009 at 01:30:22PM -0700, JK E-Lists wrote:
> I have a fresh PowerDNS install with some test records in the database. 
> CentOS 5 (all updates)
> MySQL 
> Latest PowerDNS RPM
> I can query successfully when logged into the name server, e.g.
> [me at ns1 ~] $ host foo.test.com
> However, when I try to query the from my workstation, it fails. 
> [me at work ~] $ host foo.test.com xxx.xxx.xxx.xxx
> ;; connection timed out; no servers could be reached
> I believe that I have the firewall set up correctly. 
> /etc/sysconfig/iptables has the following: 
> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
> which I believe will accept incoming connection for DNS. 
> What else should I check? 

I've read somewhere not all host-commands are created equal, so I wouldn't suggest
to use that, try dig.

If it's just a test-machine and doesn't get all kinds of traffic, a simple way of
testing your firewall might be to use iptables -Z to zero the counters.

with iptables -nvL you can see what rules are actually matched.

personally I just use:
# tcpdump -npti ethX host work and not tcp port ssh # the machine I'm on, but without the ssh-port

to see the packets.

hope that helps.

you can also turn on more logging in the pdns-configuration-file.

> thx

More information about the Pdns-users mailing list