PORT 53 is closed, cant open it

Question

I have a Centos Cloud Server and I had configured the named service for the server But I cant access it from outside. can you help me? what Im doing wrong?

if I execute this from the server it works perfect:

# dig @74.208.73.61 paisgdl.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.2 <<>> @74.208.73.61 paisgdl.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49672
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;paisgdl.com.                   IN      A

;; ANSWER SECTION:
paisgdl.com.            86400   IN      A       74.208.73.61

;; AUTHORITY SECTION:
paisgdl.com.            86400   IN      NS      ns.paisgdl.com.

;; ADDITIONAL SECTION:
ns.paisgdl.com.         86400   IN      A       74.208.73.61

;; Query time: 0 msec
;; SERVER: 74.208.73.61#53(74.208.73.61)
;; WHEN: Thu Mar 26 14:40:04 2015
;; MSG SIZE  rcvd: 78

How ever if I do the same from outside it does not work

# dig @74.208.73.61 paisgdl.com

; <<>> DiG 9.3.3rc2 <<>> @74.208.73.61 paisgdl.com
; (1 server found)
;; global options:  printcmd
;; connection timed out; no servers could be reached

I try open the port using IPTABLES but it does not work # service iptables status

Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
2    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
4    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
5    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:21
6    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:80
7    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:443
8    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:8443
9    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:8447
10   REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited
11   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:53
12   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:53
13   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:53

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination
1    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

Netstat reports:

# netstat -tanpl|grep named
tcp        0      0 74.208.73.61:53             0.0.0.0:*                   LISTEN      4026/named
tcp        0      0 127.0.0.1:53                0.0.0.0:*                   LISTEN      4026/named
tcp        0      0 127.0.0.1:953               0.0.0.0:*                   LISTEN      4026/named
tcp        0      0 :::53                       :::*                        LISTEN      4026/named

The page http://www.yougetsignal.com/tools/open-ports/ says:

Closed Port 53 is closed on 74.208.73.61

any Ideas ?? where is been blocked and how do I un block it?

see this link http://stackoverflow.com/questions/24729024/centos-7-open-firewall-port tings have changed in Centos — Namphibian, Mar 26 '15 at 20:53
It's CentOs 6 and it has not the command " firewall-cmd ". Returns: firewall-cmd: command not found — Juan Carlos, Mar 26 '15 at 21:46

score 1 · Accepted Answer · answered Mar 26 '15 at 20:58

Part of your iptables config:

10   REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited
11   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:53
12   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:53
13   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:53

Your named rules come after the Reject-All rule, and therefore never evaluated. Reorder them to:

10   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:53
11   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:53
12   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:53
13   REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

I reodered them as yo suggested .. and it did the trick .. how ever it is a little slow for responding.. is any I can accommodate to optimize it ?? — Juan Carlos, Mar 26 '15 at 21:51
Just queried your server: 135ms, Google (8.8.8.8): 166ms. Not so slow I'd say :) — itchee, Mar 26 '15 at 22:07

PORT 53 is closed, cant open it

1 Answers1