I've got a server running redhat es4 (academic with no support)
I like the distro but something is wrong with bind or my dns provider.

Are there specific ports required for bind to runner properly?

What packages do I need for bind to run properly?

I can resolve:
ns1.pascobulldogs dot com but not
pascobulldogs dot com

domainbank.net is our dns server

Any hints why the url pascobulldogs dot com fails but my name server does resolve?

cwc

What does your "etc/named.conf" look like?
What does your zone file look like?
Have you set a rule in your ipchains (if used) that allows traffic on UDP and TCP port 53?

Have you set a rule in your ipchains (if used) that allows traffic on UDP and TCP port 53?
I've never configured ipchains nor do I know where to start. But it looks like I need to make sure port 53 is open.

What does your zone file look like?
Someone who knwe what they were doing did this is a file called pascobulldogs.com.db in /var/named/chroot/var/named/
$TTL 14440
@ 14440 IN SOA pascobulldogs.com. root.pascobulldogs.com. (
2005013120
14400
7200
3600000
86400
)

pascobulldogs.com. IN NS ns1.pascobulldogs.com.
pascobulldogs.com. IN NS ns2.pascobulldogs.com.

pascobulldogs.com. 14400 IN A 66.225.18.30

ns1.pascobulldogs.com. IN A 66.225.18.30
ns2.pascobulldogs.com. IN A 66.225.18.31


localhost.pascobulldogs.com. 14400 IN A 127.0.0.1

pascobulldogs.com. 14400 IN MX 0 pascobulldogs.com.

mail 14400 IN CNAME pascobulldogs.com.
www 14400 IN CNAME pascobulldogs.com.
ftp 14400 IN CNAME pascobulldogs.com.

What does your "etc/named.conf" look like?
nameserver 127.0.0.1
nameserver 207.38.45.140

Once again thanks for the help. I've allways set up servers on experimental class c networks. This is new to me.
Thanks cwc

It seems your zone file is ok. Your named.conf file does not look like what a named.con file should look like. Make sure you posted the right file. I would be willing to bet your issue is with your firewall.

To check if iptables is running type "service iptables status". If you get a return that says it is running or shows some rules then it is running.

To add a rule for both tcp and udp port 53 to your firewall edit "/etc/sysconfig/iptables" and add the following two lines to your main table.

The "RH-Firewall-1-INPUT" portion of both lines is just the name of my main iptable rule I added these inputs to. Yours may be the same or it may not be. If it is not the same make sure you change this to match what your system has.

Once you edit and save that file restart your firewall, "service iptables restart"

You can do a "host domainname.com" to see if your name server is resolving correctly and what IP it is pointing to. Then try a ping to your domain name. Also remember if you ever make any changes to your zone file you have to increment your serial number to tell other domain name servers that you link to, to update their records.

Lastly I would portscan yourself if all else fails after this and make sure you are listening on port 53 for name server queries.

I'm running REDHAT ES4 (I got a academic price!)

Port 53 is turned on. I'm not sure how put it is.
I used nmap to my ip the status of my ports.

(The 1651 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
53/tcp open domain
80/tcp open http
111/tcp open rpcbind
443/tcp open https
3306/tcp open mysql
8009/tcp open ajp13
8080/tcp open http-proxy

I can ping ns1.pascobulldogs.com and 66.225.18.30
but not pascobulldogs.com.

named.conf is pointing to pascobulldogs.com.db

I sent you my resolve.conf entries.

Thanks again!

It looks like in your named.conf file that you are not "allowing transfer" to any other dns servers. You have to have a list (at least one or two) other dns servers that your dns server talks to and sends updates to.

Here is what my "options" section of my named.conf looks like:
Try and grab a few of those and see what happens.

There is also an issue with your zone entry in your named.conf file. You have:
When it should be:
Looks like you had the db filename as the zone name when this needs to be the domain name. I also added the "IN" which I do not believe is absolutely neccessary on all system but it is more standard across the board to have it.

I also see you port scanned your sytem and saw that TCP port 53 is open and listening, but make sure that UDP port 53 is also open and listening.

Make the changes I have suggested and increment your zone file's serial number and then restart the server:
Then look in "/var/log/messages" for any error messages. If it says it started and broadcasted the zone properly you should be up and running. Just remember, if the name does not resolve locally on your machine first, it never will remotely for the rest of us out here. If it does start to resolve locally but not remotely then you are likely to have firewall issues.

Let me know how it goes.

I'm not srue if my thank you got sent!
That did it!
pascobulldogs.com is up and running now!
Are you involved with:
The Best Damn IRC Search Engine?
If so what type of irc software to you use?
I've started to use a product called moodle. It's mainly for educational uses.
Thanks again ZiaTioN. I'd like to put you on speed dial.

I teach Java and networking at Pasco High in Pasco, WA
I have a dns server but I used the redhat gui. I can see I need to go back
to school to be able to set up a stable dns server.

later,
cwc

No problem, glad to help.

Well there is your problem right there!

It is usually better to do server setup via command line. Sometimes the gui's work but most of the time they cause issues like you expereinced.

Yes, I am the owner/author/operator. As far as irc software, I assume you mean what client do I use? On Winblows I use mIRC and on Linux I usually use kvirc.

Glad to hear your server is now up. Happy resolving!