[Solved] DNS 14.3 Ignoring Web Port Settings

[sproggit]

Thought I would share a really weird behavior that I am seeing from my Primary/Secondary pair of DNS Servers, running codebase v14.3. I'm not recording this as a bug, because I know for a fact that prior to the last couple of days this setup has worked perfectly, so I suspect that what I'm experiencing is being caused by an external factor.

But I'm sharing in the hope that if anyone else sees this, they can speak up.

The behaviour is: both of my DNS Servers have unilaterally changed their Web Service Listener port back to 5380 after I went in and changed it to the HTTP default of 80. I can now go to the Web Admin interface [on port 5380], select "Settings" and then "Web Service" and change the value of "Web Service HTTP Port" from the default value of 5380 to my preference of 80. I then "Save Settings" - but immediately after doing that, my Firefox browser tries to reload the page and reports an error.
Because this is Firefox 150.0.1, it also automatically ignores my use of "HTTP" and restores the browser to using HTTPS by default.

The odd thing is that the "Save Settings" with the port changed to 80 seems to work... but the moment I try to reload the page, either the core code hasn't actually written the change to disk, or it simply ignores and resets it.

I did see something very similar to this a while back, but that was caused when another piece of software on the same host [Apache] started to listen on socket 80 on the same IP Address - Technitium simply reverted to 5380. This time there is nothing on this IP address listening on this port.

I can work around the problem by editing my browser bookmarks to record socket 5380 for my two DNS instances... but I'd be very interested to know if anyone else has seen this and - if so - what they found or did to fix the issue...
In case it is relevant, both machines running Technitium DNS in my case are Raspberry Pi 4B/8Gb models, running the full Trixie image.

The only other thing I see when looking at the machines is that they were both reboot yesterday, about 27.5 hours ago. I did not intentionally reboot either of these machines, so I'm starting to wonder if maybe I had a power grid failure and didn't notice it, or maybe there was something else that happened.

Again, I'm not convinced this is an issue caused by Technitium - the DNS on both machines has been running flawlessly for weeks now. I suspect that something else in my environment is causing this... but I just can seem to find it [yet].

Any thoughts/suggestions very gratefully received.

Thanks!

[ShreyasZare]

Thanks for the post. You need to check for logs in the Logs > View Logs section on the panel to find out the reason for this. Usually the web service port will revert to default if the server fails to bind to the configured ports. So the error log will tell you the reason for the failure. Share the error log here if you need help with that.

[sproggit]

Shreyas,
It is very kind of you to offer assistance - thank you. I've just gone through the process of logging in, attempting to change the port and then logging out and I do see some odd results in the log.

Here is a cropped extract that covers the period where I fail to change the listening port:-

[2026-05-09 10:25:30 Local] [172.16.104.1:35704] [admin] User logged in.
[2026-05-09 10:25:31 Local] [172.16.104.1:35744] Check for update was done {updateAvailable: True; updateVersion: 15.1; updateTitle: New Update (15.1) Available!; updateMessage: Follow the instructions from the link below to update the DNS server to the latest version. Read the change logs before installing this update to know if there are any breaking changes.; instructionsLink: https://blog.technitium.com/2017/11/running-dns-server-on-ubuntu-linux.html; changeLogLink: https://github.com/TechnitiumSoftware/DnsServer/blob/master/CHANGELOG.md;}
[2026-05-09 10:25:35 Local] DNS Server auth config file was saved: /etc/dns/auth.config
[2026-05-09 10:25:38 Local] [172.16.106.6:37187] [UDP] QNAME: www.google.com; QTYPE: A; QCLASS: IN; RCODE: NoError; ANSWER: [142.251.156.119, 142.251.151.119, 142.251.155.119, 142.251.150.119, 142.251.153.119, 142.251.154.119, 142.251.152.119, 142.251.157.119]
[2026-05-09 10:25:39 Local] DNS Server failed to notify name server 'ben.saurian.net' (RCODE=Refused) for zone: saurian.net
[2026-05-09 10:26:44 Local] [172.16.104.1:50696] [UDP] QNAME: nc.saurian.net; QTYPE: AAAA; QCLASS: IN; RCODE: NoError; ANSWER: []
[2026-05-09 10:26:51 Local] [172.16.106.6:40837] [UDP] QNAME: quake-pa.googleapis.com; QTYPE: A; QCLASS: IN; RCODE: NoError; ANSWER: [172.217.76.95, 192.178.223.95, 142.250.140.95, 142.250.117.95, 142.250.129.95, 142.250.151.95, 142.251.29.95]
[2026-05-09 10:26:55 Local] [172.16.104.1:59160] [UDP] QNAME: nc.saurian.net; QTYPE: AAAA; QCLASS: IN; RCODE: NoError; ANSWER: []
**[2026-05-09 10:27:46 Local] [172.16.104.1:35704] [admin] DNS Settings were updated successfully.**
[2026-05-09 10:27:48 Local] Attempting to restart web service.
[2026-05-09 10:27:48 Local] [[::]:80] [HTTP] Web Service failed to bind.
**[2026-05-09 10:27:48 Local] Web Service failed to start: System.IO.IOException: Failed to bind to address http://[::]:80: address already in use.**
 **---> Microsoft.AspNetCore.Connections.AddressInUseException: Address already in use
 ---> System.Net.Sockets.SocketException (98): Address already in use**
   at System.Net.Sockets.Socket.UpdateStatusAfterSocketErrorAndThrowException(SocketError error, Boolean disconnectOnFailure, String callerName)
   at System.Net.Sockets.Socket.DoBind(EndPoint endPointSnapshot, SocketAddress socketAddress)
   at System.Net.Sockets.Socket.Bind(EndPoint localEP)
   at Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets.SocketTransportOptions.CreateDefaultBoundListenSocket(EndPoint endpoint)
   at Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets.SocketConnectionListener.Bind()
   --- End of inner exception stack trace ---
   at Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets.SocketConnectionListener.Bind()
   at Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets.SocketTransportFactory.BindAsync(EndPoint endpoint, CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Infrastructure.TransportManager.BindAsync(EndPoint endPoint, ConnectionDelegate connectionDelegate, EndpointConfig endpointConfig, CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.<>c__DisplayClass28_0`1.<<StartAsync>g__OnBind|0>d.MoveNext()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindEndpointAsync(ListenOptions endpoint, AddressBindContext context, CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindEndpointAsync(ListenOptions endpoint, AddressBindContext context, CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Server.Kestrel.Core.ListenOptions.BindAsync(AddressBindContext context, CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.EndpointsStrategy.BindAsync(AddressBindContext context, CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Hosting.GenericWebHostService.StartAsync(CancellationToken cancellationToken)
   at Microsoft.Extensions.Hosting.Internal.Host.<StartAsync>b__14_1(IHostedService service, CancellationToken token)
   at Microsoft.Extensions.Hosting.Internal.Host.ForeachService[T](IEnumerable`1 services, CancellationToken token, Boolean concurrent, Boolean abortOnFirstException, List`1 exceptions, Func`3 operation)
   at Microsoft.Extensions.Hosting.Internal.Host.StartAsync(CancellationToken cancellationToken)
   at DnsServerCore.DnsWebService.StartWebServiceAsync(Boolean httpOnlyMode) in Z:\Technitium\Projects\DnsServer\DnsServerCore\DnsWebService.cs:line 1605
   at DnsServerCore.DnsWebService.StartWebServiceAsync(Boolean httpOnlyMode) in Z:\Technitium\Projects\DnsServer\DnsServerCore\DnsWebService.cs:line 1627
   at DnsServerCore.DnsWebService.TryStartWebServiceAsync(IReadOnlyList`1 oldWebServiceLocalAddresses, Int32 oldWebServiceHttpPort, Int32 oldWebServiceTlsPort) in Z:\Technitium\Projects\DnsServer\DnsServerCore\DnsWebService.cs:line 1476
[2026-05-09 10:27:48 Local] Attempting to revert Web Service end point changes ...
[2026-05-09 10:27:48 Local] [[::]:5380] [HTTP] Web Service was bound successfully.
[2026-05-09 10:27:48 Local] Web Service config file was saved: /etc/dns/webservice.config
[2026-05-09 10:27:48 Local] Web service was restarted successfully.
[2026-05-09 10:27:49 Local] [172.16.104.1:47079] [UDP] QNAME: bill.saurian.net; QTYPE: HTTPS; QCLASS: IN; RCODE: NoError; ANSWER: []
[2026-05-09 10:27:49 Local] [172.16.104.1:48434] [UDP] QNAME: bill.saurian.net; QTYPE: AAAA; QCLASS: IN; RCODE: NoError; ANSWER: []
[2026-05-09 10:27:49 Local] [172.16.104.1:57443] [UDP] QNAME: bill.saurian.net; QTYPE: AAAA; QCLASS: IN; RCODE: NoError; ANSWER: []
[2026-05-09 10:27:51 Local] DNS Server config file was saved: /etc/dns/dns.config
[2026-05-09 10:27:51 Local] DNS Server log config file was saved: /etc/dns/log.config
[2026-05-09 10:27:51 Local] Web Service config file was saved: /etc/dns/webservice.config
[2026-05-09 10:27:51 Local] DNS Server block list config file was saved: /etc/dns/blocklist.config
[2026-05-09 10:28:08 Local] [172.16.104.1:48144] [UDP] QNAME: connectivity-check.ubuntu.com; QTYPE: AAAA; QCLASS: IN; RCODE: NxDomain; ANSWER: []
[2026-05-09 10:28:08 Local] [172.16.104.1:48144] [UDP] QNAME: connectivity-check.ubuntu.com; QTYPE: AAAA; QCLASS: IN; RCODE: NxDomain; ANSWER: []
[2026-05-09 10:28:08 Local] [172.16.104.1:48864] [UDP] QNAME: connectivity-check.ubuntu.com; QTYPE: A; QCLASS: IN; RCODE: NxDomain; ANSWER: []
[2026-05-09 10:28:08 Local] [172.16.104.1:48864] [UDP] QNAME: connectivity-check.ubuntu.com; QTYPE: A; QCLASS: IN; RCODE: NxDomain; ANSWER: []
[2026-05-09 10:28:08 Local] [172.16.104.1:38992] [UDP] QNAME: connectivity-check.ubuntu.com; QTYPE: AAAA; QCLASS: IN; RCODE: NxDomain; ANSWER: []
[2026-05-09 10:28:08 Local] [172.16.104.1:49037] [UDP] QNAME: connectivity-check.ubuntu.com; QTYPE: A; QCLASS: IN; RCODE: NxDomain; ANSWER: []
[2026-05-09 10:28:08 Local] [172.16.104.1:49037] [UDP] QNAME: connectivity-check.ubuntu.com; QTYPE: A; QCLASS: IN; RCODE: NxDomain; ANSWER: []
[2026-05-09 10:28:08 Local] [172.16.104.1:38992] [UDP] QNAME: connectivity-check.ubuntu.com; QTYPE: AAAA; QCLASS: IN; RCODE: NxDomain; ANSWER: []
[2026-05-09 10:28:11 Local] [172.16.106.8:37382] [UDP] QNAME: firehose.ap-southeast-1.amazonaws.com; QTYPE: A; QCLASS: IN; RCODE: NoError; ANSWER: [13.251.113.69]
[2026-05-09 10:28:11 Local] [172.16.106.8:37382] [UDP] QNAME: firehose.ap-southeast-1.amazonaws.com; QTYPE: AAAA; QCLASS: IN; RCODE: NoError; ANSWER: []
[2026-05-09 10:28:11 Local] [172.16.104.1:38482] Check for update was done {updateAvailable: True; updateVersion: 15.1; updateTitle: New Update (15.1) Available!; updateMessage: Follow the instructions from the link below to update the DNS server to the latest version. Read the change logs before installing this update to know if there are any breaking changes.; instructionsLink: https://blog.technitium.com/2017/11/running-dns-server-on-ubuntu-linux.html; changeLogLink: https://github.com/TechnitiumSoftware/DnsServer/blob/master/CHANGELOG.md;}
[2026-05-09 10:28:25 Local] [172.16.104.1:34111] [UDP] QNAME: nc.saurian.net; QTYPE: AAAA; QCLASS: IN; RCODE: NoError; ANSWER: []

I am not sure if it is related to the problem, but I also spotted another unexpected log entry:-
[2026-05-09 10:25:39 Local] DNS Server failed to notify name server 'ben.saurian.net' (RCODE=Refused) for zone: saurian.net

My two DNS Servers are "bill" and "ben" [Primary / Secondary, respectively]... I have not looked in to that yet, not sure what that might be.

Looking at the log data concerning the TCP port 80 issue... I think this is the relevant problem:-

Failed to bind to address http://[::]:80: address already in use.

But if I read that correctly, it is saying that there is an issue because I have an IPv6 address on the host that is trying to listen on TCP port 80... This seems a bit odd, given that I do not believe I have any active IPv6 configurations on the host:-

$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether d8:3a:dd:e2:ba:d6 brd ff:ff:ff:ff:ff:ff
    inet 172.16.103.1/16 brd 172.16.255.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet 172.16.100.2/16 brd 172.16.255.255 scope global secondary noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet 172.16.103.121/16 brd 172.16.255.255 scope global secondary noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet 172.16.103.127/16 brd 172.16.255.255 scope global secondary noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet 172.16.108.1/16 brd 172.16.255.255 scope global secondary noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::84e1:eea6:d239:4764/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
pi@thor:~ $ 

I definitely see the port conflict error in the log... I am just not sure what can possibly be causing it, or why Technitium thinks there is IPv6 involved. When I check "Settings" > "General Settings" > "IPv6 Support", the toggle setting for "Prefer IPv6" is disabled [box is empty] and
"Settings" > "General Settings" > "DNS Server IPv6 Source Addresses" field contains just "::". I tried to delete the "::" value and save the settings, but the admin screen simply re-instates that value.

I see the error - I am just not sure what could possibly cause it... and it is puzzling because this is happening on one of my two "Production" Pi machines... and the only changes I've made to it recently were some hardening measures - in the file /boot/firmware/config.txt I added the value: dtoverlay=disable-wifi, then I used "sudo systemctl stop bluetooth" and "sudo systemctl disable bluetooth".

Other than that - and regular software updates - this host hasn't been changed in weeks.

[sproggit]

Not sure if it helps... but the only other piece of software on this host that is likely to be listening on TCP socket 80 would be Apache2. After i saw the conflict previously [with Apache listening to all ports on socket 80] I made changes to Apache's ports.conf file to address the problem. Here is the edited/active version of /etc/apache2/ports.conf:-

# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf

Listen 172.16.103.121:80
Listen 172.16.103.127:80

<IfModule ssl_module>
	Listen 172.16.103.121:443
	Listen 172.16.103.127:443
</IfModule>

<IfModule mod_gnutls.c>
	Listen 172.16.103.121:443
	Listen 172.16.103.127:443
</IfModule>

[sproggit]

Another piece to the puzzle... Given the nature of the Technitium error message - suggesting that there was something listening to socket 80... I went to my workstation and tried to perform an nmap port scan of the IPv6 address showing when I run "ip addr" on the Technitium host, just to see if there are active listeners. This is what I see in response:-

$ nmap -6 fe80::84e1:eea6:d239:4764
Starting Nmap 7.80 ( https://nmap.org ) at 2026-05-09 10:33 BST
Strange read error from fe80::84e1:eea6:d239:4764 (22 - 'Invalid argument')
Strange read error from fe80::84e1:eea6:d239:4764 (22 - 'Invalid argument')
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 0.01 seconds

[ShreyasZare]

Thanks for the details.

---> System.Net.Sockets.SocketException (98): Address already in use**

This error confirms that the port is already in use. You need to run sudo ss -nlpt command to find out which app is using both port 80 and 443. No need to use nmap here, just this command will do.

The DNS web service listens on [::] address by default and it will use dual mode socket to bind to both IPv4 and IPv6 addresses together. So you must ensure that the port are available on both.

I am not sure if it is related to the problem, but I also spotted another unexpected log entry:-

That is not related to this issue. You need to make sure that the source IP of the primary DNS is allowed by the secondary DNS. Check for the logs on secondary DNS to find out what source IP is being used.

But if I read that correctly, it is saying that there is an issue because I have an IPv6 address on the host that is trying to listen on TCP port 80... This seems a bit odd, given that I do not believe I have any active IPv6 configurations on the host:-

You do have ipv6 addresses in there like fe80::84e1:eea6:d239:4764/64. The web server just listens on ipv6 stack in general and having ipv6 address on the adapter is not a criteria for it.

I definitely see the port conflict error in the log... I am just not sure what can possibly be causing it, or why Technitium thinks there is IPv6 involved. When I check "Settings" > "General Settings" > "IPv6 Support", the toggle setting for "Prefer IPv6" is disabled [box is empty] and
"Settings" > "General Settings" > "DNS Server IPv6 Source Addresses" field contains just "::". I tried to delete the "::" value and save the settings, but the admin screen simply re-instates that value.

The IPv6 Support option is unrelated and used only for outbound requests. The source address too is not related to this and is also for outbound DNS requests.

[sproggit]

OK, here's a really weird conclusion to this thread.

If you know that expression, "Cannot see the wood for the trees" then you will understand that I went snowblind to the problem, even though it was right in front of me. I was able to resolve this issue by making one change to the "Settings" > "Web Service" page, where I removed the value found in the "Web Service Local Addresses" field - which was "::" and I changed that back to what it should have been, which was 172.16.100.1.

I made the corresponding change to the Secondary DNS server and I've re-tested and I find that the web interface now has returned to operating as expected on socket 80.

What I can't explain - at least not yet - is how or why the value of the "Web Service Local Addresses" field managed to change from my desired IPv4 address and had left the field at "::".

That explains why the Technitium DNS Log made a reference to the web server listening on socket 80.

But here's the weird thing... what seems to have happened here is that the way I had manually set each server [with "::" in the Web Service Local Addresses" and then specifying "80" in the Port field... Even though that should not have caused conflict, it seems to have done so.

I'm not sure if this is an indicator that the service allows an internally inconsistent configuration that then undertakes some automated reset process. I have a strong hunch that the automatic reset is happening in the .Net library code on which Technitium is built - and I stress that I don't think that's in error.

I'm sufficient intrigued that I'm going to experiment a bit more with this. That will have to wait just a little while though - I'm currently wrangling with a postfix/dovecot setup, but will circle back to this when I have that up and running.

Thanks again, Shreyas, for responding to this thread.

[sproggit]

For completeness, here's the output from "sudo ss -nlpt":-

$ sudo ss -nlpt | grep :80
LISTEN 0      512      172.16.100.1:80        0.0.0.0:*    users:(("dotnet",pid=633,fd=242))                                                                                                                                            
LISTEN 0      511    172.16.103.126:80        0.0.0.0:*    users:(("apache2",pid=173389,fd=4),("apache2",pid=173388,fd=4),("apache2",pid=173387,fd=4),("apache2",pid=173386,fd=4),("apache2",pid=173385,fd=4),("apache2",pid=1076,fd=4))
LISTEN 0      511    172.16.103.122:80        0.0.0.0:*    users:(("apache2",pid=173389,fd=3),("apache2",pid=173388,fd=3),("apache2",pid=173387,fd=3),("apache2",pid=173386,fd=3),("apache2",pid=173385,fd=3),("apache2",pid=1076,fd=3))


...but of course this is now showing in a "fixed" state... 

[ShreyasZare]

You're welcome. Good to know that the issue is resolved with the config update.