HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   DNS configuration worries (http://www.howtoforge.com/forums/showthread.php?t=50358)

rzlines 4th December 2010 12:27

DNS configuration worries
 
Hello,

I have been following the ISPConfig 3 tutorial for CentOS and have completed the setup successfully.

My current server connects to the internet via a router and hence I have configured it to use a private ip i.e. 192.168.*.* series during the install process.

At the moment I am unable to access the server from the internet nor can I link up the DNS to any domain I try to host or the domain of the server, do I have to configure the router in anyway to allow the server to be online? I have 2 static ip's given to me by my ISP but I'm at a loss of how to configure the router to allow the server ip (local) to translate the the public static ip. I could be wrong here but I think that is the problem in my case.

Please guide me appropriately.


EDIT: I looked at this post after I posted here and realized that I have to port forward my server's ip address. I had already configured an A record on my domain to point to my static IP address and it does indeed currently point to my router. I have port forwarded the local ip address of my server to forward port 80 and port 8080 but it still points to the router.

- I have added a DNS zone using the DNS Zone Wizard, but I have a query about it - should I add the public ip address here or the private (local) ip of my server (192.168.*.*) ? (configured this using the ISPConfig 3 manual)

- What happens in a multi-server setup? Do I have to also port foward all my other server's IP's and will it work with just 1 public ip?

falko 5th December 2010 19:47

Quote:

Originally Posted by rzlines (Post 245838)
- I have added a DNS zone using the DNS Zone Wizard, but I have a query about it - should I add the public ip address here or the private (local) ip of my server (192.168.*.*) ? (configured this using the ISPConfig 3 manual)

Always use public IPs for DNS records.

Quote:

Originally Posted by rzlines (Post 245838)
- What happens in a multi-server setup? Do I have to also port foward all my other server's IP's and will it work with just 1 public ip?[/COLOR][/SIZE]

IF you run different services on your servers, e.g. a web server on one system and a mail server on the other system, then this is no problem because you can forward port 80 to the web server and port 25 to the mail server. But if you run multiple web or mail servers, then this is is problem because you can forward a port to just one server.

rzlines 7th December 2010 11:23

Hello Falko,

Thanks for your reply! I was following the tutorial of setting up my own name servers and I have indeed used my public IP for setting up my nameservers. But I yet have been unsuccesful (atleast that's what I think) I will list down all that I have done till date and then you can advise me accordingly, and pm you the details as I would not like my server information to be out in the open.

rzlines 7th December 2010 12:31

Quote:

Originally Posted by falko (Post 245963)
Always use public IPs for DNS records.

IF you run different services on your servers, e.g. a web server on one system and a mail server on the other system, then this is no problem because you can forward port 80 to the web server and port 25 to the mail server. But if you run multiple web or mail servers, then this is is problem because you can forward a port to just one server.

I have replied with a PM, about all my settings please let me know if you need any more inputs from me.

Thanks,
rzlines

rzlines 7th December 2010 19:32

2 Attachment(s)
I have also attached the outputs of netstat -tap and iptables -L to this post, please have a look.

I would also like to add here that when I boot into the machine all the services start up OK except Enabling local file system quotas shows FAILED

falko 8th December 2010 18:20

As far as I can see, named is listening only on localhost instead of on all interfaces. dnsmasq is listening on your other IP... Please change the configuration so that named listens on all interfaces.

rzlines 8th December 2010 18:32

Quote:

Originally Posted by falko (Post 246147)
As far as I can see, named is listening only on localhost instead of on all interfaces. dnsmasq is listening on your other IP... Please change the configuration so that named listens on all interfaces.

amm.. how do I do I get named to listen to all interfaces? and sorry I just pm'ed you right now! have you seen my other settings of ISPConfig3, domains and my router?

falko 8th December 2010 18:37

Your settings seem to be ok. Please stop dnsmasq, and then post your named.conf here.

rzlines 8th December 2010 18:44

I stopped dnsmasq and here's the output of named.conf

Code:

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
        listen-on port 53 { 127.0.0.1; };
        listen-on-v6 port 53 { ::1; };
        directory      "/var/named/chroot/var/named";
        dump-file      "/var/named/chroot/var/named/data/cache_dump.db";
        statistics-file "/var/named/chroot/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/chroot/var/named/data/named_mem_stats.txt";
        allow-query    { localhost; };
        recursion yes;
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "." IN {
        type hint;
        file "named.root";
};
include "/var/named/chroot/etc/named.conf.local";


rzlines 8th December 2010 19:17

Quote:

Originally Posted by falko (Post 246147)
As far as I can see, named is listening only on localhost instead of on all interfaces. dnsmasq is listening on your other IP... Please change the configuration so that named listens on all interfaces.

.

I tried to read up on how to get named to listen to all interfaces and I reached this page, any way to keep it short should I configure named.conf to

Code:

listen-on { any; };
instead of

Code:

listen-on port 53 { 127.0.0.1; };
and do I have to always stop the dnsmasq process? or was it just to debug/get the output of named.conf file.

I'm not really sure if I'll be doing the right thing. ( Phew! at the end of this i'll definitely write a mini how to, to configure DNS zones if your configuration is behind a router.. ;) )


---------------------------------------------------------------------------------------------------------------------------------------

Edit: I have changed the named.conf file from the previous
Code:

listen-on port 53 { 127.0.0.1; };
to
Code:

listen-on port 53 { any; };
but it didn't make a difference should I start dnsmasq too or let it continue to be stopped?


All times are GMT +2. The time now is 20:15.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.