I am implementing a dns client, in which i try to connect to a local dns server, but the dns server is returning the message with an error code 5 , which means that its refusing the connection.
Any thoughts on why this might be happening ?? Thanks
A:
Policy enforcement?
The DNS server could be configured to accept only connections from certain hosts.
jldupont
2009-11-08 13:09:41
ohh...the dns server i am using is my universities local server...how can i fix this? can i connect to an external dns server?
Abhishek
2009-11-08 13:11:22
... and the machine you are sending to requests **from** is located on the same LAN? Or are you trying to access the DNS Server **remotely**?
jldupont
2009-11-08 13:12:35
its located on the same lan...
Abhishek
2009-11-08 13:13:56
A:
Hmm, if you're able to access StackOverflow you have a working DNS server SOMEwhere. Try doing
host -v stackoverflow.com
and look for messages like
Received 50 bytes from 192.168.1.1#53 in 75 ms
then pick the address out of that line and use THAT as your DNS - it's obviously willing to talk to you.
If you're on Windows, use NSLOOKUP for the same purpose. Your name server's address will be SOMEwhere in the output.
EDIT:
When I'm stuck for a DNS server, I use the one whose address I can remember most easily: 4.2.2.2 . See how that works for you.
Carl Smotricz
2009-11-08 13:27:25
i know my dns server and i am able to use it...i am aslo able to dig any domain name from the system...but i cant seem to connect to it using my own dns client..
Abhishek
2009-11-08 14:27:45
OK, have you verified that your client is using the same protocol as your built-in client? It's possible to do DNS via TCP or UDP.
Carl Smotricz
2009-11-08 15:30:19
+1
A:
DNS response error code 5 ("Refused") doesn't mean that the connection to the DNS server is refused. It means that the DNS server refuses to provide whatever data you asked for, or to do whatever action you asked it to do (for example a dynamic update).
Since you mention a "connection", I assume that you are using TCP? DNS primarilly uses UDP, and some DNS servers will refuse all requests over TCP. So the solution might be as simple as switching to UDP.
Otherwise, assuming you are building your own DNS client from scratch, my first guess would be that you are formatting the request incorrectly. Eventhough the DNS protocol seems fairly simple, it is very easy to get this wrong.
Finally, the DNS server may of course simply be configured to refuse requests for whatever you are asking.
Jesper
2009-11-08 18:15:48
A:
You might try monitoring the conversation using WireShark. It can also decode the packets for you, which might help you determine if your client's packets are correctly encoded. Just filter on port 53 (DNS) to limit the packets captured by the trace.
Also, make sure you're using UDP and not TCP for queries; TCP should be used primarily for zone transfers, not queries.
RickNZ
2009-11-23 01:56:25