port 53 works through router but not without it

Jesse Goodfellow asked:

I have a linux server behind a Comcast business gateway. The gateway has two static ip addresses. I want to forward ports 25, 53, 80, and 143 for both ip addresses to the server. Within the gateway configuration there are two settings: DMZ, and 1-to-1 NAT. By enabling both of these with my server ip address I am able to forward all the ports except 53. This is my problem, port 53 gets blocked for some reason. However if I put a router behind the gateway and connect the server to the router. I am able to use the router ip address for the DMZ and 1-to-1 NAT settings and then forward the ports to the server withing the router configuration and all the ports including 53 work fine. My question is simply why does port 53 work with the router but not without it? Is there any way to get the server working while it is connected directly to the gateway? Any help is greatly appreciated.

I answered:

The SMC cable modem/router that Comcast gives business customers is a complete piece of junk. (It’s also not very reliable, but you’ll run into that problem later…)

I replaced mine with an off the shelf SURFboard and a more serious router behind that (ASA 5505’s are popular, but you could use just about anything). Comcast will complain and try to scare you off if you want to use your own cable modem on the business side, but be very insistent. It’s worth it.

View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.