Question about server on port 53

1

Hi there,

I’m trying to run a very simple DNS server. The code is pretty simple.

Based on some research, I’ve tome to the following:

INTERFACES = [
  [:udp, "fly-global-services", 53],
  [:tcp, "0.0.0.0", 53],
]

To server tcp and udp on, respectively, 0.0.0.0 and fly-global-services.

The following is in my toml.fly

app = "appname"

[experimental]
    cmd = "bundle exec ruby main.rb RUBYOPT=-w"
[build]
    builder = "heroku/buildpacks:20"

[[services]]
    internal_port = 53
    protocol = "tcp"
    [[services.ports]]
        port = "53"

[[services]]
    internal_port = 53
    protocol = "udp"
    [[services.ports]]
        port = "53"

When I deploy, I run into the following problem:

  {:kind=>"Errno::EACCES",
   :message=>"Permission denied - bind(2) for 0.0.0.0:53",

And

  {:kind=>"Errno::EACCES",
   :message=>"Permission denied - bind(2) for 172.19.6.219:53",
2

Hi,

I haven’t used the heroku buildpack myself, preferring the alternative Dockerfile approach to building apps, however since nobody else has replied, I’ll take a guess: normally ports below 1024 require the process to be running as root. That would explain not being able to bind to port 53.

Can you either use a higher port (you can still expose it to the outside world on 53, via the fly.toml) or run the process as root?

I would think either would fix that particular error.

1 Like
3

Thanks Greg. My bad. I used the buildpack thinking I just needed Ruby…

I now use a simple Dockerfile that uses EXPOSE 53/udp and EXPOSE 53/tcp, works like a charm.

@fly please add ipv6 on udp soon. I think this has priority right?

2 Likes
4

The guide says the internal and the external port have to be the same for UDP.