-   Linux - Server (
-   -   Configuring my VPS - BIND (

gassganso 03-16-2010 10:22 AM

Configuring my VPS - BIND
Hallo to every one,

I'm trying to move all my websites to a VPS that I hired.
(CentOS Linux 5.4)
To create my DNS server I'm using addresses (free domains) for test until I get a correct configuration.
What I am trying to do is this:

I create in site the domain and configure the ZONE RECORD: A A A

(names and ips showed here are fictitious, of course)

Also I create domain and configure the Service Type as "name server DNS" to:

In my VPS server configure BIND:
Create MASTER ZONE A A A NS Default

Create MASTER ZONE A NS Default

And I create in my Apache 2 Virtual Hosts, one for and another for Each with its path and a test index.html file in each home.
I also open port 53 for TCP and UDP on firewall.
Obviously I can "dig" to and all is right, but when I dig it says:

;; Connection timed out, no servers could be reached

When I dig @localhost everything seems to be ok...

Am I making a big mistake?
I already know that ns1 and ns2 have the same IP, but I want to see if my idea works before "buying" another IP.

Any idea for me?

Thank you very much for your patience and sorry for my accent.

Blue_Ice 03-16-2010 01:33 PM

Can you provide us with your named.conf and the complete zone files, not just parts of it. What you put in your post shows that you have records in your zone file, but there should be a lot more.

gassganso 03-17-2010 04:23 AM

Hi Blue_Ice,

Thank you very much for your interest, but last night (about 2:30 h) after 10 days working arround this problem I had a good idea.... I scaned the port 53 and guess what....

The VPS provider has filtered this port.
Well, it's a 5$ /mo VPS so I will look for another system.

Any way, to scan the port should have been first thing to do, isn't it?

Thank you again,

Blue_Ice 03-17-2010 04:54 AM

Well, I guess you better checked with the provider if they supported this. But it is always a good thing to check your configurations, especially when it is about firewalls.

gassganso 03-17-2010 11:22 AM

I show my firewall config, just in case...


# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -d --dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state -m tcp --dport 10000 --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp -m state --dport 22 --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp -m state --dport 21 --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp -m state --dport 53 --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp -m state --dport 53 --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp -m state --dport 80 --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
# Generated by webmin
# Completed
# Generated by webmin
# Completed

Should be properly configured.

Thx for you time.

Blue_Ice 03-17-2010 11:50 AM

Should be ok... Looks like mine accept I opened port 953 as well for rndc. I run my DNS server in a Xen VPS, although on my own servers.

malikperera 03-24-2010 05:36 AM

I'm not sure what's wrong with your configuration. Better if you use proper DNS server.
You could use free DNS service like

All times are GMT -5. The time now is 11:08 AM.