DNS Server access weirdness with Ubuntu and SonicWall router/firewall
Robert Heller
heller at deepsoft.com
Mon Oct 2 21:44:02 UTC 2023
I have a server running Ubuntu 20.04. It originally was the DNS server for a
LAN, but now the DNS is being handled by a SonicWall router/firewall device.
I am NOT using systemd-resolved (which has generally given me grief in the
past). I have two VMs, one running Ubuntu 18.04 and the other running Mint
21.1. The Ubuntu 18.04 is also not running systemd-resolved, but the Mint
21.1 is running systemd-resolved. Both VMs are set up with drbl and the drbl
client machines are all NOT running systemd-resolved. When the DNS was
handled by the Ubuntu server, everything was fine. But with the DNS server
now on the SonicWall router/firewall device, the linux machines NOT running
systemd-resolved cannot access the SonicWall router/firewall device's DNS
server (they get a DNS server timeout). The Mint 21.1 VM, which is running
systemd-resolved has no trouble. The MS-Windows machines on the network have
no trouble either.
I am totally mistified as to what is going on.
Here is the output of NMap:
(192.168.1.251 is the Ubuntu 20.04 server, running Bind9, 192.168.1.1 is the
SonicWall router/firewall device)
newserver% sudo nmap -sUV -p53 192.168.1.251 192.168.1.1
[sudo] password for heller:
Starting Nmap 7.80 ( https://nmap.org ) at 2023-10-02 17:18 EDT
Nmap scan report for newserver.wendellfreelibrary.org (192.168.1.251)
Host is up (0.00022s latency).
PORT STATE SERVICE VERSION
53/udp open domain ISC BIND 9.16.1 (Ubuntu Linux)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Nmap scan report for wirelessap.wendellfreelibrary.org (192.168.1.1)
Host is up (0.00019s latency).
PORT STATE SERVICE VERSION
53/udp open|filtered domain
MAC Address: 18:C2:41:19:76:B0 (Unknown)
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 2 IP addresses (2 hosts up) scanned in 99.37 seconds
newserver% nmap -A -T4 192.168.1.251 192.168.1.1
Starting Nmap 7.80 ( https://nmap.org ) at 2023-10-02 17:28 EDT
Nmap scan report for newserver.wendellfreelibrary.org (192.168.1.251)
Host is up (0.00023s latency).
Not shown: 986 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.9 (Ubuntu Linux; protocol 2.0)
25/tcp open smtp Postfix smtpd
|_smtp-commands: newserver.wendellfreelibrary.org, PIPELINING, SIZE 10240000, VRFY, ETRN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, SMTPUTF8, CHUNKING,
53/tcp open domain ISC BIND 9.16.1 (Ubuntu Linux)
| dns-nsid:
|_ bind.version: 9.16.1-Ubuntu
80/tcp open http Apache httpd 2.4.41 ((Ubuntu))
|_http-server-header: Apache/2.4.41 (Ubuntu)
|_http-title: Apache2 Ubuntu Default Page: It works
111/tcp open rpcbind 2-4 (RPC #100000)
| rpcinfo:
| program version port/proto service
| 100000 2,3,4 111/tcp rpcbind
| 100000 2,3,4 111/udp rpcbind
| 100000 3,4 111/tcp6 rpcbind
| 100000 3,4 111/udp6 rpcbind
| 100003 3 2049/udp nfs
| 100003 3 2049/udp6 nfs
| 100003 3,4 2049/tcp nfs
| 100003 3,4 2049/tcp6 nfs
| 100005 1,2,3 35257/tcp mountd
| 100005 1,2,3 37723/tcp6 mountd
| 100005 1,2,3 43193/udp6 mountd
| 100005 1,2,3 51457/udp mountd
| 100021 1,3,4 40783/tcp6 nlockmgr
| 100021 1,3,4 46433/tcp nlockmgr
| 100021 1,3,4 48326/udp6 nlockmgr
| 100021 1,3,4 51266/udp nlockmgr
| 100024 1 32933/tcp status
| 100024 1 36455/tcp6 status
| 100024 1 44530/udp6 status
| 100024 1 51190/udp status
| 100227 3 2049/tcp nfs_acl
| 100227 3 2049/tcp6 nfs_acl
| 100227 3 2049/udp nfs_acl
|_ 100227 3 2049/udp6 nfs_acl
389/tcp open ldap OpenLDAP 2.2.X - 2.3.X
514/tcp open shell?
631/tcp open ipp CUPS 2.3
|_http-server-header: CUPS/2.3 IPP/2.1
|_http-title: Bad Request - CUPS v2.3.1
2049/tcp open nfs_acl 3 (RPC #100227)
3551/tcp open apcupsd apcupsd
6666/tcp open http Apache httpd 2.4.41 ((Ubuntu))
|_http-server-header: Apache/2.4.41 (Ubuntu)
|_http-title: Site doesn't have a title (text/html; charset=UTF-8).
7777/tcp open http Apache httpd 2.4.41 ((Ubuntu))
|_http-server-header: Apache/2.4.41 (Ubuntu)
|_http-title: Local Public Files
8888/tcp open http Apache httpd 2.4.41 ((Ubuntu))
|_http-server-header: Apache/2.4.41 (Ubuntu)
|_http-title: Local Repository
9999/tcp open http Apache httpd 2.4.41 ((Ubuntu))
|_http-server-header: Apache/2.4.41 (Ubuntu)
|_http-title: Apache2 Ubuntu Default Page: It works
Service Info: Host: newserver.wendellfreelibrary.org; OS: Linux; CPE: cpe:/o:linux:linux_kernel
Nmap scan report for wirelessap.wendellfreelibrary.org (192.168.1.1)
Host is up (0.0046s latency).
Not shown: 998 closed ports
PORT STATE SERVICE VERSION
80/tcp open http SonicWALL firewall http config
|_http-favicon: SonicWall
|_http-server-header: SonicWALL
|_http-title: Did not follow redirect to https://wirelessap.wendellfreelibrary.org/sonicui/7/login/
443/tcp open ssl/http SonicWALL firewall http config
|_http-favicon: SonicWall
|_http-server-header: SonicWALL
| http-title: SonicWall Network Security Login
|_Requested resource was https://wirelessap.wendellfreelibrary.org/sonicui/7/login/
| ssl-cert: Subject: commonName=192.168.168.168/organizationName=HTTPS Management Certificate for SonicWALL (self-signed)/stateOrProvinceName=California/countryName=US
| Not valid before: 1970-01-01T00:00:01
|_Not valid after: 2038-01-19T03:14:07
Service Info: Device: firewall
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 2 IP addresses (2 hosts up) scanned in 173.81 seconds
--
Robert Heller -- Cell: 413-658-7953 GV: 978-633-5364
Deepwoods Software -- Custom Software Services
http://www.deepsoft.com/ -- Linux Administration Services
heller at deepsoft.com -- Webhosting Services
More information about the ubuntu-users
mailing list