Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Is there some area in particular you are havin problems with
you may want to try searching the forums for dns or bind or google
If you are getting a particular error, let us know what it is and maybe someone can help./
I have been doing some reading and I heard BIND is crap.
There is another DNS server around which boasts no security breaches to date.
It is called DJBDNS. It sounds fantastic but god knows how to install it and get it working. I wouldn't know the first thing about configuring a DNS server.
Before you start posting zone-files tell us more about what we're
looking at; is your zone officially registered, if so, with who?
If not - how would you hope to get stuff resolved "from the web"?
Tink,
I understand, I am like a bull in a china shop wanting to get this resolve right now. Anyway
I have a domain acfd.biz with godaddy. I also have a static IP address that I have given my server. The two ns servers from godaddy is ns1.acfd.biz and ns2.acfd.biz. So I believe that is set up right Now, I have configured the
resolv.con, named.conf and set two zone files
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
You need A records for your DNS servers. If your "servers" are really just one server, give them both the same IP.
Code:
ns1 IN A myipaddress
ns2 IN A myipaddress
PS I don't know if BIND9 now allows @ signs in the SOA record, but typically the e-mail address in SOA uses dots:
jscedunn.yahoo.com.
PPS why are you only showing the first line of output from dig? "QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 0" shows that you performed 1 query, and got two answers, both of which were authoritative. It doesn't show what the answers are, though.
I am using dnsstuff.com to test and the result i get from them testing is:
Timeout occurred getting the NS records from your nameserver! None of your nameservers responded fast enough. They are down or unreachable .....
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
You dig query did not fail. It returned exactly the information that it was supposed to.
Now the question is: Is myipaddress an internal-only IP, such as 192.168.n.n, or 10.n.n.n? If so, then it's little wonder why the external tools cannot perform a lookup. There is no way to reach your DNS server.
You need to login to your godaddy.com account and setup "Domain Hosts". This will allow you to put in ns1 and ns2 and put in your external IP address (hopefully it's static). This is the only way hosts on the Internet can lookup your DNS records since they need to know the IP addresses of your DNS servers.
Chort,
Yes this is a static ip address from my isp. I can ping the ip address from the web and it returns. I also have pointed my ns1.acfd.biz and ns2.acfd.biz to my static
ip. If you do an dns look up from the web you will see that they point it to my static ip. The error I get is
"Searching for www.acfd.biz A record at NS2.acfd.biz. [myipaddress]: Timed out. Trying again."
This repeats 6 times.
The only thing I can thing of is how long does it take for the new zone file to take effect?
Is there some kind of firewall that I am not aware of? I have the linux firewall disabled now and SeLinux disabled
One more thing I have check the ports and UDP and TCP are on for port 53
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
It still does not look like you added your static IP to your GoDaddy account as a host for ns1 and ns2. If you do not put your IP in your account at GoDaddy.com there is no way for anyone on the Internet to look up your DNS servers... How are we supposed to know what IP address to connect to? The only place it is in DNS is on your servers, and all we have is the name of your DNS servers, but not the IP... It's impossible. You need to enter the IP on GoDaddy.com so we know what IP address to find your DNS servers at.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
Actually, I take that back. It hasn't fully propagated yet, but if I query the servers by hand I can find the tld servers for .biz and they have your IP... The problem is that you're behind some really weird firewall. Your ISP is doing some crazy filtering. Every single port comes up as open, except for telnet, bgp, and https, all of which are filtered. Very odd. Actual DNS query attempts do not go through, needless to say. I do not think your current ISP is going to allow you to host a server.
Chort,
I have contacted my ISP and they assure me that all ports are open. I spent 30 minutes on the phone with them and they insist that it is my problem and that other people are hosting web sites thru their company.
I am at a loss at what to do. Is there maybe a patch or upgrade to dns or maybe another product that I can verify my configuration?
Should I try to reinstall bind? I am just grabbing at straws
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
There's no problem with BIND, it's the path to you from the Internet that is the problem. Are you running any kind of firewall on your network? The nmap scan guessed your IP is protected by a Netscreen firewall, but that might not be accurate. Are you using NAT to your server? Are you running iptables on your server? There is something between the Internet and your server, whether it's your ISP or inside your house, something is blocking the requests.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.