[colug-432] CentOS 7 weird DNS network oddity...

Greg Sidelinger gate at ilive4code.net
Sat Feb 21 22:03:32 EST 2015


Did you add the DNS service to the right zone with firewall-cmd?  That has
gotten me more than once.  I do have a tendency to do a iptable -F anytime
I think it's netfilter.  Granted I think the proper way is to stop the
firewalld service.

On Saturday, February 21, 2015, Joshua Kramer <joskra42.list at gmail.com>
wrote:

> Hello Everyone,
>
> I have a really weird problem here.  For reference, the client is my
> laptop, which is running CentOS 7.  The server is also running CentOS 7.
>
> The server is basically a KVM host, though it also runs NFS and DNS.  I
> have a virtual network set up that is routed and connected to my primary
> enp2s0.
>
> The primary address of the physical server is 192.168.2.220.
> The virtual network address of the server is 192.168.4.1.
> My laptop is on a 192.168.3 subnet.
>
> I can ssh from my laptop to the physical server at its .4.1 address.  I
> can also ssh from my laptop to virtual machines running in the server, for
> example, at .4.10.  I can even telnet to .4.1 on port 53 from my laptop and
> it will connect and then close the connection.
>
> Virtual machines running on the server can use the DNS server no problem,
> to resolve both internet-bound names and names of other virtual machines on
> that internal network.
>
> My laptop cannot use the DNS server!  I notice when I telnet to the dns
> port from one of the virtual machines, the connection opens and stays
> open.  If I telnet to the dns port from my laptop, it opens then
> immediately closes.  Relevant named.conf lines are:
>
> listen-on port 53 { 127.0.0.1; 192.168.4.1; };
> allow-query     { localhost; 192.168/16; };
> recursion yes;
> allow-recursion { 192.168/16; };
>
> I've made sure the selinux contexts are correct for the files, and I've
> used firewall-cmd to allow DNS queries through.  Where should I look next?
>
> Thanks!
> -JK
>


-- 
------------------------------------------
Sent from mobile device.... Please ingore my many typos.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.colug.net/pipermail/colug-432/attachments/20150221/8407d25b/attachment.html 


More information about the colug-432 mailing list