[colug-432] CentOS 7 weird DNS network oddity...
Juan Martinez
colug at martinez.cx
Sun Feb 22 06:51:52 EST 2015
firewall-cmd can make changes to both the permanent and running firewall
configurations. Changes made to the permanent configuration aren't
active until a reload but changes to the running config are immediate.
Most commands are the same with the difference being you have to add a
'--permanent' switch when designating the permanent configuration.
On Sat, 2015-02-21 at 22:15 -0500, Joshua Kramer wrote:
> Okay, so I forgot one very important command after configuring the
> firewall:
>
> firewall-cmd --reload
>
>
> Thanks Greg, your comment about zones made me look at the firewall-cmd
> man page (which I should have done to start). That's where I found
> out that changes aren't active until you reload.
>
>
> On Sat, Feb 21, 2015 at 10:03 PM, Greg Sidelinger
> <gate at ilive4code.net> wrote:
> Did you add the DNS service to the right zone with
> firewall-cmd? That has gotten me more than once. I do have a
> tendency to do a iptable -F anytime I think it's netfilter.
> Granted I think the proper way is to stop the firewalld
> service.
>
>
> On Saturday, February 21, 2015, Joshua Kramer
> <joskra42.list at gmail.com> wrote:
> Hello Everyone,
>
>
> I have a really weird problem here. For reference,
> the client is my laptop, which is running CentOS 7.
> The server is also running CentOS 7.
>
>
> The server is basically a KVM host, though it also
> runs NFS and DNS. I have a virtual network set up
> that is routed and connected to my primary enp2s0.
>
>
> The primary address of the physical server is
> 192.168.2.220.
>
> The virtual network address of the server is
> 192.168.4.1.
>
> My laptop is on a 192.168.3 subnet.
>
>
> I can ssh from my laptop to the physical server at
> its .4.1 address. I can also ssh from my laptop to
> virtual machines running in the server, for example,
> at .4.10. I can even telnet to .4.1 on port 53 from
> my laptop and it will connect and then close the
> connection.
>
>
> Virtual machines running on the server can use the DNS
> server no problem, to resolve both internet-bound
> names and names of other virtual machines on that
> internal network.
>
>
> My laptop cannot use the DNS server! I notice when I
> telnet to the dns port from one of the virtual
> machines, the connection opens and stays open. If I
> telnet to the dns port from my laptop, it opens then
> immediately closes. Relevant named.conf lines are:
>
> listen-on port 53 { 127.0.0.1; 192.168.4.1; };
> allow-query { localhost; 192.168/16; };
> recursion yes;
> allow-recursion { 192.168/16; };
>
>
> I've made sure the selinux contexts are correct for
> the files, and I've used firewall-cmd to allow DNS
> queries through. Where should I look next?
>
>
> Thanks!
>
> -JK
>
>
>
>
> --
> ------------------------------------------
> Sent from mobile device.... Please ingore my many typos.
>
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432
>
>
>
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432
More information about the colug-432
mailing list