Trying to propagate my domain--getting 'unreachable - admin prohibited'
John King
jking.email
Mon Jun 27 22:31:02 PDT 2005
I am trying to get my nameserver to propagate my domain to Internet but its
just not happening. I can see the requests coming in using tcpdump, but each
request is met with "unreachable - admin prohibited":
20:33:49.504131 IP 202.188.0.181.36949 > 192.168.100.3.domain: 17223 A?
mydomain.com <http://mydomain.com>. (24)
20:33:49.504242 IP 192.168.100.3 <http://192.168.100.3> >
202.188.0.181<http://202.188.0.181>:
icmp 60: host 192.168.100.3 <http://192.168.100.3> unreachable - admin
prohibited
I have the server behind a linksys router. The external IP of the router is
what the registrar was instructed to send requests to (nameserver) and I
have the linksys router rigged to forward all port 53 traffic to the server
(192.168.100.3 <http://192.168.100.3>).
Port 53 is indeed open on the server (portscanned from the LAN):
Starting nmap V. 3.00 ( www.insecure.org/nmap/<http://www.insecure.org/nmap/>)
Interesting ports on
dsl081-053-098.sfo1.dsl.speakeasy.net<http://dsl081-053-098.sfo1.dsl.speakeasy.net>(
64.81.53.98 <http://64.81.53.98>):
(The 1596 ports scanned but not shown below are in state: filtered)
Port State Service
21/tcp open ftp
22/tcp open ssh
53/tcp open domain
80/tcp open http
10000/tcp open snet-sensor-mgmt
Nmap run completed -- 1 IP address (1 host up) scanned in 189 seconds
and 53 is open to Internet on the router (portscanned from another server
out on Internet)
(The 1596 ports scanned but not shown below are in state: filtered)
Port State Service
21/tcp open ftp
22/tcp open ssh
53/tcp open domain
80/tcp open http
As far as the server is concerned--named is running just peachy:
named 424 1 0 Jun25 ? 00:00:00 /usr/sbin/named -u named -t /var/named/chroot
and the zone file appears to be fine:
$TTL 180s
@ IN SOA ns4.mydomain.com <http://ns4.mydomain.com>.
webmaster.mydomain.com<http://webmaster.mydomain.com>.
(
2005062602 ; Serial
180s ; Refresh Slaves
1H ; Retry
1W ; Expiry
1D ) ; Minimum
;
mydomain.com <http://mydomain.com>. IN NS
ns4.mydomain.com<http://ns4.mydomain.com>
.
mydomain.com <http://mydomain.com>. IN NS
ns5.mydomain.com<http://ns5.mydomain.com>
.
mydomain.com <http://mydomain.com>. IN A 123.123.123.123<http://123.123.123.123>
localhost.mydomain.com <http://localhost.mydomain.com>. IN A
127.0.0.1<http://127.0.0.1>
mydomain.com <http://mydomain.com>. IN MX 0 mydomain.com<http://mydomain.com>
.
mail IN CNAME mydomain.com <http://mydomain.com>.
www IN CNAME mydomain.com <http://mydomain.com>.
ftp IN CNAME mydomain.com <http://mydomain.com>.
So--the question is--why can't I propagate my domain name?
Thanks in advance--John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.linux-sxs.org/pipermail/linux-users/attachments/20050627/a61fb8ad/attachment.htm
More information about the Linux-users
mailing list