I have a domain asm0dey.site (and also ns1.box.asm0dey.site etc) at 87.251.76.56
When I’m trying to perform lookup from my machine I get the error:
❯ dig @87.251.76.56 google.com
;; communications error to 87.251.76.56#53: timed out
;; communications error to 87.251.76.56#53: timed out
;; communications error to 87.251.76.56#53: timed out
At the same time lookup from the box itself works fine.
In the ufw port is open, with tcpdump I can see the incoming packages, nsd and named are running
nmap -sTU -p53 87.251.76.56
PORT STATE SERVICE
53/tcp open domain
53/udp open|filtered domain
Looks like Port 53/udp is filtered / not reachable. Does your hosting company provide some kind of firewall / packet filer in front of their servers / VPSs? If so, make sure that traffic from any host, for both TCP and UDP, is allowed to pass on Port 53.
Note: You still won’t be able to resolve third party domains from outside your box, which is normal. However, if port 53/udp is accessible, you should get the following response instead of a timeout:
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 24654
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; EDE: 20 (Not Authoritative)
;; QUESTION SECTION:
;google.com. IN A