HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=4)
-   -   External DNS request BIND (http://www.howtoforge.com/forums/showthread.php?t=14025)

jdhaig 13th July 2007 11:53

External DNS request BIND
 
Hi

I'm reasonably new to DNS, I have used it before but only for small internal jobs at companies.

I've set up a DNS server as part of my web hosting machine.

All the DNS appears to work fine on the machine (my resolv.conf has the machine's IP at the top of the list).

Unfortunately wherever else I am (outside this machine) I cannot resolve the domain. The ns0 and ns1 records both point to the machine in question (different ips, same machine) for now.

EG:

From the machine if I do nslookup mydomain.com the IP address of the machine is returned. However if I do it from anywhere else in the world it returns a non-existent domain error (see below).

Server: cache1.ntli.net
Address: 194.168.4.100

*** cache1.ntli.net can't find mydomain.com: Non-existent host/domain

If I add the server to the top of the list on remote machine's resolv.conf it returns the following error:

*** Can't find server name for address <MACHINES_IP>: No response from server
Server: cache1.ntli.net
Address: 194.168.4.100

*** cache1.ntli.net can't find mydomain.com: Non-existent host/domain

So it looks to me as if BIND is blocking external requests in some way or there is something else preventing external requests. I have tried telneting to port 53 on the machine (from outside) and a connection is established.

If any one knows what could be causing this I would appreciate the help!!

Thanks
James

falko 14th July 2007 13:59

Can you post the real domain name so that I can do some tests?

jdhaig 15th July 2007 12:18

Domain name
 
the domain name is:

509hosting dot co dot uk

If you have any questions please let me know & thank you for trying to help!!

James

falko 16th July 2007 15:02

There are no nameservers defined for the domain:

Code:

mh1:~# dig ns 509hosting.co.uk

; <<>> DiG 9.2.1 <<>> ns 509hosting.co.uk
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 2235
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;509hosting.co.uk.              IN      NS

;; Query time: 5009 msec
;; SERVER: 213.191.92.84#53(213.191.92.84)
;; WHEN: Mon Jul 16 13:48:25 2007
;; MSG SIZE  rcvd: 34

mh1:~#

Please go to your registrar's web interface and define two nameservers; on these nameservers you must create the zone for 509hosting.co.uk.

If your nameservers are in the same domain (e.g. ns1.509hosting.co.uk), you also need a glue record: http://en.wikipedia.org/wiki/Dns#Cir...d_glue_records

jdhaig 16th July 2007 17:14

OK, so I've changed things around. I've kept the NS records for 509hosting. co. uk with 123-reg.co. uk so now when you do a whois 509hosting. co. uk you get:

Name servers:
ns.123-reg.co .uk
ns2.123-reg.co. uk

And dig ns0.509hosting. co. uk:

;; ANSWER SECTION:
ns0.509hosting. co. uk. 86175 IN A 83.166. 161. 148


I've now set up an other domain (italaroma.co.uk) and pointed the ns0 and ns1 records to ns0.509hosting.co .uk and ns1.509hosting.co .uk

I now have exactly the same problem for italaroma.co .uk!!

Whois:

Name servers:
ns0.509hosting.co .uk
ns1.509hosting.co .uk

dig italaroma.co .uk

;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 6304
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;italaroma.co.uk. IN A

;; Query time: 5021 msec
;; SERVER: 158.152.1.58#53(158.152.1.58)
;; WHEN: Mon Jul 16 15:11:38 2007
;; MSG SIZE rcvd: 33


Bind is obviously aware of the fact that it is hosting both domains (from the confirm files) and lookups on the machine itself work fine. I'm presuming its something to do with external requests as I said before.

falko 17th July 2007 18:46

Is port 53 (TCP and UDP) open on ns0.509hosting.co.uk and ns1.509hosting.co.uk? Because I can't connect:

Code:

server1:~# dig @ns1.509hosting.co.uk italaroma.co.uk

; <<>> DiG 9.3.4 <<>> @ns1.509hosting.co.uk italaroma.co.uk
; (1 server found)
;; global options:  printcmd
;; connection timed out; no servers could be reached
server1:~#


jdhaig 17th July 2007 21:32

Doh!
 
Quote:

Originally Posted by falko
Is port 53 (TCP and UDP) open on ns0.509hosting.co.uk and ns1.509hosting.co.uk? Because I can't connect:

Code:

server1:~# dig @ns1.509hosting.co.uk italaroma.co.uk

; <<>> DiG 9.3.4 <<>> @ns1.509hosting.co.uk italaroma.co.uk
; (1 server found)
;; global options:  printcmd
;; connection timed out; no servers could be reached
server1:~#



OK! I'm the monkey here. I've just checked and the rule that I thought was correct was misspelt and therefore didn't active the UDP rule!!! I've updated it and all is fine now.

Thank you so much for your help, it's always better then you look at it from another person's perspective!!!!!

MANY MANY THANKS!
James


All times are GMT +2. The time now is 02:20.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.