Applicable to:
- Plesk
Symptoms
-
A website is unavailable with the following error:
CONFIG_TEXT: This site can’t be reached
ERR_NAME_NOT_RESOLVED -
DNS service is enabled in Tools & Settings > Services Management.
-
DNS TCP or UDP port is filtered:
# nmap -p53 203.0.113.2
PORT STATE SERVICE
53/tcp filtered domain# nmap -sU -p53 203.0.113.2
PORT STATE SERVICE
53/udp open|filtered domain
Cause
The UDP or TCP port 53 is filtered by firewall for incoming or/and outgoing connections.
Resolution
Allow inbound and outbound connections through port 53 in the server Firewall:
Warning: In case that connections to the port 53 are filtered by an intermediate firewall, contact network administrator or Internet Service Provider (ISP) for assistance.
In case Plesk firewall is used:
-
Open port 53 by creating a custom rule in Tools & Settings > Firewall > Modify Plesk Firewall Rules > Add Custom Rule:
-
Apply firewall changes:
-
Connect to the server via SSH.
-
Open 53 UDP and TCP ports for incoming and outgoing connections on the server firewall:
# iptables -I INPUT -m tcp -p tcp --sport 53 -j ACCEPT
# iptables -I INPUT -m udp -p udp --sport 53 -j ACCEPT
# iptables -I INPUT -m udp -p udp --dport 53 -j ACCEPT
# iptables -I INPUT -m tcp -p tcp --dport 53 -j ACCEPTFor
firewalld
:# firewall-cmd --permanent --add-port=53/tcp
# firewall-cmd --permanent --add-port=53/udp
# firewall-cmd --reload -
Save the newly added
iptables
rules.# service iptables save
Comments
0 comments
Please sign in to leave a comment.