Did you add the DNS service to the right zone with firewall-cmd? That has gotten me more than once. I do have a tendency to do a iptable -F anytime I think it's netfilter. Granted I think the proper way is to stop the firewalld service.<span></span><br><br>On Saturday, February 21, 2015, Joshua Kramer <<a href="mailto:joskra42.list@gmail.com">joskra42.list@gmail.com</a>> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div><div><div><div><div><div><div><div><div>Hello Everyone,<br><br></div>I have a really weird problem here. For reference, the client is my laptop, which is running CentOS 7. The server is also running CentOS 7.<br><br></div>The server is basically a KVM host, though it also runs NFS and DNS. I have a virtual network set up that is routed and connected to my primary enp2s0.<br><br></div>The primary address of the physical server is 192.168.2.220.<br></div>The virtual network address of the server is 192.168.4.1.<br></div>My laptop is on a 192.168.3 subnet.<br><br></div>I can ssh from my laptop to the physical server at its .4.1 address. I can also ssh from my laptop to virtual machines running in the server, for example, at .4.10. I can even telnet to .4.1 on port 53 from my laptop and it will connect and then close the connection.<br><br></div>Virtual machines running on the server can use the DNS server no problem, to resolve both internet-bound names and names of other virtual machines on that internal network.<br><br></div>My laptop cannot use the DNS server! I notice when I telnet to the dns port from one of the virtual machines, the connection opens and stays open. If I telnet to the dns port from my laptop, it opens then immediately closes. Relevant named.conf lines are:<br><br>listen-on port 53 { 127.0.0.1; 192.168.4.1; };<br>allow-query { localhost; 192.168/16; };<br>recursion yes;<br>allow-recursion { 192.168/16; };<br><br></div>I've made sure the selinux contexts are correct for the files, and I've used firewall-cmd to allow DNS queries through. Where should I look next?<br><br></div>Thanks!<br></div>-JK<br></div>
</blockquote><br><br>-- <br>------------------------------------------<br>Sent from mobile device.... Please ingore my many typos.<br>