NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

derfz's avatar
derfz
Aspirant
May 20, 2018
Solved

DNS port forward

Hello all

 

I seem to be having trouble forwarding DNS to my server.

 

I have setup port forwarding 53 TCP/UDP to my server IP, but when I test it I only get a responce from TCP. To test I set port 53 to UDP only and it failed outright.

 

Just wondering if I'm missing something.

 

Regards

 

Fred

Troubleshooting
  • antinode's avatar
    antinode
    May 26, 2018

    > Read my second post, it does tell you what I did to test.

       I don't have an account with BuddyNS, so I assume that I can't use
    their "a test service within there consol", and "UDP queries ERROR"
    doesn't tell me much, either.  I'm far from an authority, but my dim
    impression was that UDP was used for DNS much more than TCP, so that if
    UDP port forwarding was bad, hardly anything would work.  (And, as I
    said, "I haven't noticed any problems" around here, but I don't know how
    to reproduce your test(s).)

    > Although it doesn't say [...]

       No, it does say.  As I said, I was looking for a way to compare the
    behavior of your server with that of mine from an outside-world
    location.  And, as I complained before, "I have also used several other
    internet based DNS test services" was less than helpful.

    > I changed my firmware to tomotoUSB [...] I'm thinking of ditching the
    > router as this is the obvious problem [...]

       You think that the _hardware_ is the problem?  That wouldn't be my
    first guess.

9 Replies

Sort By
  • antinode's avatar
    antinode
    Guru
    May 20, 2018

    > I have setup port forwarding 53 TCP/UDP to my server IP, [...]

       What is your "my server"?

    > [...] when I test it [...]

       How, exactly?  What happens if you "test it" using the LAN IP address
    of your "my server"?  Using your public IP address from within your LAN?

    > Just wondering if I'm missing something.

       At the very least, a clear description of what you're doing.

    > Model: R8000|Nighthawk X6 AC3200 Smart WIFI Router

       Is that accurate?  Firmware version?

    • derfz's avatar
      derfz
      Aspirant
      May 20, 2018

      Server: Debian 9 running bind (not that this is relavent)

       

      Secondary DNS server: BuddyDNS. They have a test service within there consol. But I have also used several other internet based DNS test services.

      Test results:

      StatusComplete

      UDP queries ERROR

      TCP queries OK

      AXFR queries OK

       

      The following tests were done from a different server on the same LAN.

       

      LAN IP UDP test: nc -vz -u local.ip.of.server 53

      Response: Connection to local.ip.of.server 53 port [udp/domain] succeeded!

       

      LAN FQDN UDP test: nc -vz -u fqdn.of.server 53

      Response: Connection to fqdn.of.server 53 port [udp/domain] succeeded!

       

      Firmware: Firmware Version V1.0.4.12_10.1.46 (up to date)

       

      My lan tests indicate that port 53 TCP/UDP are open and active. However it appears that connections from outside my lan only connect via TCP.

       

      However I cannot rule out that my ISP may be blocking or limiting port 53:UDP inbound requests.

       

      Regards

       

      Fred

      • derfz's avatar
        derfz
        Aspirant
        May 20, 2018

        I have just spoken with my Internet provider and they have confirmed that there are no blocks on my service.

         

        Hence I beleive that the issue may be with the router given the above tests.

         

        Regards

         

        Fred