Symptoms
-
A website is unavailable with the following error:
This site can’t be reached
ERR_NAME_NOT_RESOLVED -
DNS service is enabled in Tools & Settings > Services Management.
-
DNS TCP or UDP port is filtered:
# nmap -p53 203.0.113.2
PORT STATE SERVICE
53/tcp filtered domain# nmap -sU -p53 203.0.113.2
PORT STATE SERVICE
53/udp open|filtered domain
Cause
The UDP or TCP port 53 is filtered by firewall for incoming or/and outgoing connections.
Resolution
Allow inbound and outbound connections through port 53 in the server Firewall:
Warning: In case that connections to the port 53 are filtered by an intermediate firewall, contact network administrator or Internet Service Provider (ISP) for assistance.
Configuring Firewall rules in case Plesk firewall is used
In case Plesk firewall is used:
-
Open port 53 by creating a custom rule in Tools & Settings > Firewall > Modify Plesk Firewall Rules > Add Custom Rule:
-
Apply firewall changes:
Configuring Firewall rules via SSH (For Linux only)
-
Connect to the server via SSH.
-
Open 53 UDP and TCP ports for incoming and outgoing connections on the server firewall:
# iptables -I INPUT -m tcp -p tcp –sport 53 -j ACCEPT
# iptables -I INPUT -m udp -p udp –sport 53 -j ACCEPT
# iptables -I INPUT -m udp -p udp –dport 53 -j ACCEPT
# iptables -I INPUT -m tcp -p tcp –dport 53 -j ACCEPTFor
firewalld
:# firewall-cmd –permanent –add-port=53/tcp
# firewall-cmd –permanent –add-port=53/udp
# firewall-cmd –reload -
Save the newly added
iptables
rules.# service iptables save