LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 03-16-2010, 10:22 AM   #1
gassganso
LQ Newbie
 
Registered: Mar 2010
Posts: 3

Rep: Reputation: 0
Post Configuring my VPS - BIND


Hallo to every one,

I'm trying to move all my websites to a VPS that I hired.
(CentOS Linux 5.4)
To create my DNS server I'm using co.cc addresses (free domains) for test until I get a correct configuration.
What I am trying to do is this:

I create in co.cc site the domain aaa.co.cc and configure the ZONE RECORD:

aaa.co.cc A 111.111.111.111
ns1.aaa.co.cc A 111.111.111.111
ns2.aaa.co.cc A 111.111.111.111

(names and ips showed here are fictitious, of course)

Also I create bbb.co.cc domain and configure the Service Type as "name server DNS" to:

ns1.aaa.co.cc
ns2.aaa.co.cc

In my VPS server configure BIND:
Create MASTER ZONE aaa.co.cc:

aaa.co.cc. A 111.111.111.111
ns1.aaa.co.cc. A 111.111.111.111
ns2.aaa.co.cc. A 111.111.111.111
aaa.co.cc. NS Default ns1.aaa.co.cc.

Create MASTER ZONE bbb.co.cc:
bbb.co.cc A 111.111.111.111
bbb.co.cc NS Default ns1.aaa.co.cc.


And I create in my Apache 2 Virtual Hosts, one for aaa.co.cc and another for bbb.co.cc. Each with its path and a test index.html file in each home.
I also open port 53 for TCP and UDP on firewall.
Obviously I can "dig" to aaa.co.cc and all is right, but when I dig bbb.co.cc it says:

;; Connection timed out, no servers could be reached

When I dig @localhost everything seems to be ok...

Am I making a big mistake?
I already know that ns1 and ns2 have the same IP, but I want to see if my idea works before "buying" another IP.

Any idea for me?

Thank you very much for your patience and sorry for my accent.
 
Old 03-16-2010, 01:33 PM   #2
Blue_Ice
Member
 
Registered: Jul 2006
Location: Belgium
Distribution: Debian, Fedora, CentOS, Windows
Posts: 352

Rep: Reputation: Disabled
Can you provide us with your named.conf and the complete zone files, not just parts of it. What you put in your post shows that you have records in your zone file, but there should be a lot more.
 
Old 03-17-2010, 04:23 AM   #3
gassganso
LQ Newbie
 
Registered: Mar 2010
Posts: 3

Original Poster
Rep: Reputation: 0
Hi Blue_Ice,

Thank you very much for your interest, but last night (about 2:30 h) after 10 days working arround this problem I had a good idea.... I scaned the port 53 and guess what....

The VPS provider has filtered this port.
Well, it's a 5$ /mo VPS so I will look for another system.

Any way, to scan the port should have been first thing to do, isn't it?

Thank you again,
 
Old 03-17-2010, 04:54 AM   #4
Blue_Ice
Member
 
Registered: Jul 2006
Location: Belgium
Distribution: Debian, Fedora, CentOS, Windows
Posts: 352

Rep: Reputation: Disabled
Well, I guess you better checked with the provider if they supported this. But it is always a good thing to check your configurations, especially when it is about firewalls.
 
Old 03-17-2010, 11:22 AM   #5
gassganso
LQ Newbie
 
Registered: Mar 2010
Posts: 3

Original Poster
Rep: Reputation: 0
Right,
I show my firewall config, just in case...

Code:
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -d 224.0.0.251 --dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state -m tcp --dport 10000 --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp -m state --dport 22 --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp -m state --dport 21 --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp -m state --dport 53 --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp -m state --dport 53 --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp -m state --dport 80 --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Generated by webmin
*mangle
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
# Completed
# Generated by webmin
*nat
:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
# Completed
Should be properly configured.

Thx for you time.
 
Old 03-17-2010, 11:50 AM   #6
Blue_Ice
Member
 
Registered: Jul 2006
Location: Belgium
Distribution: Debian, Fedora, CentOS, Windows
Posts: 352

Rep: Reputation: Disabled
Should be ok... Looks like mine accept I opened port 953 as well for rndc. I run my DNS server in a Xen VPS, although on my own servers.
 
Old 03-24-2010, 05:36 AM   #7
malikperera
LQ Newbie
 
Registered: Aug 2004
Location: Australia
Distribution: Kubuntu
Posts: 10

Rep: Reputation: 0
I'm not sure what's wrong with your configuration. Better if you use proper DNS server.
You could use free DNS service like http://www.everydns.com/
 
  


Reply

Tags
bind, centos, dns, vps


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
noob configuring BIND/DNS - does this look ok? sneakyimp Linux - Server 12 01-22-2010 07:04 PM
Configuring bind-chroot pablo1999 Linux - Server 3 10-25-2009 07:48 PM
Where can I download UML VPS or Xen VPS to make a virtual private server? abefroman Linux - Software 3 12-09-2005 10:00 AM
Configuring BIND to work with a domain name Immolo Linux - Networking 4 04-20-2005 06:32 AM
Configuring cache server with BIND Bobbychat Linux - Networking 6 12-26-2003 10:32 PM


All times are GMT -5. The time now is 04:06 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration