<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /></head><body style='font-size: 10pt; font-family: Verdana,Geneva,sans-serif'>
<p> </p>
<p>53 port is filtered when request coming from remote though other service ports are open to the host.Seems there is a application or firewall level filtering to the port.</p>
<p> </p>
<p>From remote server:</p>
<p>root@server:~# nmap 103.9.185.229</p>
<p><strong>25/tcp open smtp<br />53/tcp filtered domain<br />465/tcp open smtps</strong></p>
<p>root@server:~# nmap ns2.aknetbd.com |grep 53<br />53/tcp open domain</p>
<p> </p>
<p> </p>
<p>Thanks</p>
<p>Suman</p>
<p> </p>
<p>On 2015-12-23 23:01, Brian Candler wrote:</p>
<blockquote type="cite" style="padding: 0 0.4em; border-left: #1010ff 2px solid; margin: 0"><!-- html ignored --><!-- head ignored --><!-- meta ignored -->
<div class="pre" style="margin: 0; padding: 0; font-family: monospace"><span style="white-space: nowrap;">On 23/12/2015 16:44, Jasim Alam wrote:</span>
<blockquote type="cite" style="padding: 0 0.4em; border-left: #1010ff 2px solid; margin: 0">I understand this not a proper implementation. But this setup is running from years, until this week we didn't face any similar problem .</blockquote>
<br /> <span style="white-space: nowrap;">Then you have been lucky.</span><br /> <br />
<blockquote type="cite" style="padding: 0 0.4em; border-left: #1010ff 2px solid; margin: 0">Infact another domain of ours having ns boxes in same subnet not facing any similar issue.<br /> <br /> <span style="white-space: nowrap;">[<a href="mailto:root@Jasim">root@Jasim</a> ~]# host -t ns btraccl.com</span><br /> <span style="white-space: nowrap;">btraccl.com name server ns2.aknetbd.com.</span><br /> <span style="white-space: nowrap;">btraccl.com name server ns1.aknetbd.com.</span><br /> <span style="white-space: nowrap;">[<a href="mailto:root@Jasim">root@Jasim</a> ~]# host ns1.aknetbd.com</span><br /> <span style="white-space: nowrap;">ns1.aknetbd.com has address 221.120.96.2</span><br /> <span style="white-space: nowrap;">[<a href="mailto:root@Jasim">root@Jasim</a> ~]# host ns2.aknetbd.com</span><br /> <span style="white-space: nowrap;">ns2.aknetbd.com has address 221.120.96.3</span><br /> </blockquote>
You are also lucky that works. The fact that it works today does not mean it will work next week - nor that this is a good or reliable configuration.<br /> <br /> RFC 2182 was written by people who really, really know what they are talking about. If you ignore their advice, your nameservice is liable to break in exactly the way you are experiencing. Don't say they didn't tell you :-)<br /> <br /> <span style="white-space: nowrap;">"3.2. Unsuitable Configurations</span><br /> <br /> <span style="white-space: nowrap;"> While it is unfortunately quite common, servers for a zone should</span><br /> <span style="white-space: nowrap;"> certainly not all be placed on the same LAN segment in the same room</span><br /> <span style="white-space: nowrap;"> of the same building - or any of those. Such a configuration almost</span><br /> <span style="white-space: nowrap;"> defeats the requirement, and utility, of having multiple servers."</span><br /> <br /> If DNS is important to your business, isn't it worth paying $5 per month for off-site secondary? That would cover an unlimited number of domains.<br /> <br /> <span style="white-space: nowrap;">Regards,</span><br /> <br /> <span style="white-space: nowrap;">Brian.</span><br /> </div>
</blockquote>
<p> </p>
<div> </div>
</body></html>