Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
So this is my setup:
ISP connection with static IP address - Gateway router - LAN (192.168.1.0/24)
I use virtualmin as hosting solution on debian 6 as platform.
My server IP is static internal (192.168.1.1) with firewall enable becauze it is on DMZ zone.
My firewall rules: pop3s imaps3, https server port, smtp, dns, ssh - all to pass policy.
As master dns server I use dns.he.net services, where in my account I've created my zone/domain with A record, TXT PTR, MX FTP FTP-DATA.
But I want to use virtualmin dns server as slave. For that I've installed Slave DNS domain acording to http://www.virtualmin.com/documentat...e_dns_domains/.
But zones created on master don't transfer on slave.
When I creat my domains, I enable Setup slave DNS zone? option on each virtualserver.
Where I find logs file regardin DNS server?
As master dns server I use dns.he.net services, where in my account I've created my zone/domain with A record, TXT PTR, MX FTP FTP-DATA.
You must add a NS record pointing to your dns slave server:
Code:
...
@ IN NS ns2.domain.com.
ns2 IN A x.x.x.x
where x.x.x.x is the static IP given by your ISP.
And of course you need to forward port 53 tcp/udp from your router to your internal server IP (192.168.1.1)
You must add a NS record pointing to your dns slave server:
Code:
...
@ IN NS ns2.domain.com.
ns2 IN A x.x.x.x
where x.x.x.x is the static IP given by your ISP.
And of course you need to forward port 53 tcp/udp from your router to your internal server IP (192.168.1.1)
Regards
Ok. I added it. But I am in a dilema:
On internet there is only one nameserver for each IP?! It is posibile to have ns2.domain.com with A 10.0.0.1 and ns2.example.com with A 10.0.0.1
My real hostname server (FQDN) is master.domain.com - with A 10.0.0.1
I that case NS record must be FQDN or ns2.domain.com -with A 10.0.0.1 and master.domain.com entry allreaady exists.
My hosting server is in DMZ zone therefore it is enough to create a firewall rule for DNS on the server.
For root domain.com must be created an A record or it is ok to have www.domain.com and mail.domain.com A record pointing to the same IP?
First of all, if you want your domain to be publicly available, you cannot use IPs like 10.x.x.x or 192.168.x.x. You should use the static IP you said that your ISP has provided you.
Quote:
On internet there is only one nameserver for each IP?! It is posibile to have ns2.domain.com with A 10.0.0.1 and ns2.example.com with A 10.0.0.1
Of course you can have the same A RR for ns2.domain.com and ns2.example.com. Just note that it's better to use one nameserver (e.g. ns2.domain.com) authoritative for both domain.com and example.com domains
Quote:
I that case NS record must be FQDN or ns2.domain.com -with A 10.0.0.1 and master.domain.com entry allreaady exists.
If I can understand you, the FQDN provided by the hosts file is irrelevant if you're going to use dns
Quote:
My hosting server is in DMZ zone therefore it is enough to create a firewall rule for DNS on the server.
If you mean that your server has a public IP, then yes. You have to only open port 53 on firewall (tcp/udp)
Quote:
For root domain.com must be created an A record or it is ok to have www.domain.com and mail.domain.com A record pointing to the same IP?
Whatever you want. All of domain.com, www.domain.com and mail.domain.com can point to the same A record if you want so
Quote:
It is necesary to have a Reverse DNS on my dns hosting services?
It's necessary for the IP of the mail server (if yu want to use one). But's it's always good to have. Of course you must make sure that you can administer the reverse zone, or you have to tell your ISP to do this for you
First of all, if you want your domain to be publicly available, you cannot use IPs like 10.x.x.x or 192.168.x.x. You should use the static IP you said that your ISP has provided you.
Of course you can have the same A RR for ns2.domain.com and ns2.example.com. Just note that it's better to use one nameserver (e.g. ns2.domain.com) authoritative for both domain.com and example.com domains
I was refering to public IP (10.0.0.1) not private (192.168.1.1)
Quote:
If I can understand you, the FQDN provided by the hosts file is irrelevant if you're going to use dns
If I use DNS on my hosting server?! As a master or slave
What I understand if my FQDN is master.domain.com then NS record must be master.domain.com , not ns2.domain.com.
Quote:
If you mean that your server has a public IP, then yes. You have to only open port 53 on firewall (tcp/udp)
That is allready done
Quote:
Whatever you want. All of domain.com, www.domain.com and mail.domain.com can point to the same A record if you want so
I need A record for root domain if I want to acceess from internet at address http://domain.com
Quote:
It's necessary for the IP of the mail server (if yu want to use one). But's it's always good to have. Of course you must make sure that you can administer the reverse zone, or you have to tell your ISP to do this for you.Regards
That I was afraid, for PRT record must talk to my ISP.
I sent test email to my yahoo and google account with succes.
I I don't have a PTR record for mail.domain.com
Last edited by pcspyoffice; 06-09-2011 at 05:15 AM.
I was refering to public IP (10.0.0.1) not private (192.168.1.1)
Both IPs are private for the rest of the world. Have a look here for details.
Quote:
What I understand if my FQDN is master.domain.com then NS record must be master.domain.com , not ns2.domain.com.
Not necessarily. Since there will be an A RR for ns2.domain.com it could always be resolved.
Quote:
I sent test email to my yahoo and google account with succes.
I I don't have a PTR record for mail.domain.com
I guess you're using your ISP mail server as a relay (smarthost), that's why you had success. If you want your mail.domain.com to send mail directly to other mailservers, then its IP needs to be resolvable, i.e. have a PTR RR.
My real ip is starting with 89.bla.bla :-D
I am not using ISP as relay (smarthost), because I even don't know waht is the address of relay server.
on intoDNS.com a make a report for my domain.com:
MX Records Your MX records that were reported by your nameservers are:
5 mail.domain.com 89.xxx.xxx.xxx
[These are all the MX records that I found. If there are some non common MX records at your nameservers you should see them below. ]
Every think look ok except these:
Missing nameservers reported by parent FAIL: The following nameservers are listed at your nameservers as nameservers for your domain, but are not listed at the parent nameservers (see RFC2181 5.4.1). You need to make sure that these nameservers are working.If they are not working ok, you may have problems!
ns2.domain.com
At my registar account I have to request a form for nameserver(all done)
and
Reverse MX A records (PTR) ERROR: No reverse DNS (PTR) entries. The problem MX records are:
xxx.xxx.xxx.89.in-addr.arpa -> no reverse (PTR) detected
You should contact your ISP and ask him to add a PTR record for your ips
Last edited by pcspyoffice; 06-09-2011 at 06:28 AM.
Missing nameservers reported by parent FAIL
...
At my registar account I have to request a form for nameserver(all done)
You might need to wait until changes are propagated.
Quote:
Reverse MX A records (PTR) ERROR: No reverse DNS (PTR) entries
Ditto.
But if you can send mail without ending in the recipient's spam/trash folder, then it might be that you use SPF/TXT (I guess the TXT you mentioned) RRs and maybe DKIM too.
You might need to wait until changes are propagated.
Ditto.
But if you can send mail without ending in the recipient's spam/trash folder, then it might be that you use SPF/TXT (I guess the TXT you mentioned) RRs and maybe DKIM too.
Yes I use SPF.
I want to use DKIM but I don't know verry well how to that.
On my hosting server I installed and enable DKIM option, but from there ....god knows...
First of all I want to thank you very much for your help!
I'll wait 24 hours to propagate changes. Till now transfer not ocur (3 hours ago I mange to create ns2.domain.com on my registar pointing to 89.xxx.xxx.xxx , create an @ IN NS ns2.domain.com for each virtualdomain with ns2 A 89.xxx.xxx.xxx
You can increase the serial in master and watch the logs for notifies
Or you can try to do a manual transfer and see if it works
Code:
dig axfr domain.com
It may help you identify problems without waiting for the one to expire.
For the moment I remove ns2.domain.com from dns.he.net si deleted from my registar.
Now I can't access some website, could not resolve host, something like that.
Repo from virtualmin not working.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.