Run your own nameserver with ISPConfig 3 and a Godaddy Domain

[dpicella]

I am not a newbie to linux, but I am a newbie to DNS.

My goal is to register ns1 and ns2 nameservers for a godaddy domain and then set up my own ISPConfig 3 DNS to resolve DNS requuests for my websites.

This tutorial seems to be out of date since it uses Godaddy's old domain configuration tools and the example is also using ISPConfig 2.
http://www.howtoforge.com/ispconfig_dns_godaddy

Here is what I have done so far. If I can get this set up, then perhaps this can help somebody else with the same problem.

First, I set up my new server with ISPConfig 3 on the CentOS 5.5 OS according to the "Perfect Server" tutorial on this website. On page 5 of the tutorial, I followed the instructions to Install A Chrooted DNS Server
http://www.howtoforge.com/perfect-se...ispconfig-3-p5

Here is my DNS tab in the Server Config on ISPConfig 3


Question: Should I change my conf paths as follows? ...
/var/named/chroot/etc/named.conf
/var/named/chroot/etc/named.conf.local

Next, I set up my DNS Zone as follows:


Then, I set up the DNS Records:


I know this is not right but again I am a newbie to DNS.

Finally, I registered my nameservers (The next image is from my Godaddy domain control panel for the domain jpre.net) within my domain (jpre.net) and forwarded jpre.net nameservers to ns1.jpre.net and ns2.jpre.net:


When I restart the named service, I now get:

Quote:

Starting named:
Error in named configuration:
dns_master_load: /var/named/pri.jpre.net:16: www.jpre.net: CNAME and other data
zone jpre.net/IN: loading master file /var/named/pri.jpre.net: CNAME and other data
_default/jpre.net/IN: CNAME and other data
[FAILED]

Here are a few follow up questions and points:
1. I also installed the caching-nameserver package ... is that a problem?
2. My new server is on a fairly restricted LAN for right now until I get everything up and running. At that time I will colocate to a data center. For now, I have port 53 forwarded. I hope that is enough.
3. I have not touched IPtables
4. There is no file named /etc/named.conf ... I only have: /var/named/chroot/etc/named.conf (which I think is correct).
5. SELinux is disabled

[Moten]

You can try to use dnssy.com to troubleshoot dns resolution.

[dpicella]

Well ... right now, I can't even get my named service started so the DNS request stops when it gets to my server.

Here is the output of #dig jpre.net

Quote:

; <<>> DiG 9.6.2-P2-RedHat-9.6.2-5.P2.fc12 <<>> jpre.net
;; global options: +cmd
;; connection timed out; no servers could be reached

[falko]

Why do you have an A and a CNAME record for www? An A record is enough.

Also, since you host jpre.net on ns1.jpre.net and ns2.jpre.net, you need glue records for your nameservers: http://en.wikipedia.org/wiki/Domain_...d_glue_records

[dpicella]

I think it may be working (minus the glue record at Godaddy). I probably just have to wait for some things to resolve now but here is where I am at.

I changed my DNS server config settings in ISPConfig as follows:


Then, I modified the DNS entry for the domain that will hold the nameservers:


Then (using the DNS wizard), I created DNS zone and record entries for the website jabsock.com (this time I used ns1.jpre.net) in the wizard for the nameservers.
Note that the wizard didn't work until I copied the template and gave it my own name "dns-type1".


Now here is what I am getting when I check on my domains:

Code:

# dig ns1.jpre.net

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> ns1.jpre.net
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39710
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;ns1.jpre.net.			IN	A

;; ANSWER SECTION:
ns1.jpre.net.		26570	IN	A	65.60.101.156

;; Query time: 1 msec
;; SERVER: 10.1.1.10#53(10.1.1.10)
;; WHEN: Thu Aug  5 06:55:55 2010
;; MSG SIZE  rcvd: 46

Code:

# dig @localhost jabsock.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> @localhost jabsock.com
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37686
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;jabsock.com.			IN	A

;; ANSWER SECTION:
jabsock.com.		86400	IN	A	65.60.101.156

;; AUTHORITY SECTION:
jabsock.com.		86400	IN	NS	ns1.jpre.net.
jabsock.com.		86400	IN	NS	ns2.jpre.net.

;; ADDITIONAL SECTION:
ns1.jpre.net.		86400	IN	A	65.60.101.156
ns2.jpre.net.		86400	IN	A	65.60.101.156

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Aug  5 06:56:35 2010
;; MSG SIZE  rcvd: 121

[dpicella]

I called Godaddy and asked them about the glue records, but I don't think they knew what I was talking about.

My understanding is that I don't need a glue record unless I plan to host something at the same domain where the nameservers have authority which causes a circular reference.

At this point, I am only going to host different websites on different domains than the one I am using for the nameservers.

Last thing ...

Here is the output now for:

Code:

# dig jabsock.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> jabsock.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 59308
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;jabsock.com.			IN	A

;; Query time: 3188 msec
;; SERVER: 10.1.1.10#53(10.1.1.10)
;; WHEN: Thu Aug  5 07:04:07 2010
;; MSG SIZE  rcvd: 29

I think I should just wait for everything to resolve. Can it really take up to 72 hours? I have never seen it take more than 20 min at the most ...

[dpicella]

Just a quick question ... could there possibly be a firewall issue and that is the reason my dns requests won't resolve.

My server is on the other side of a router that is port forwarding the ports that I requested. For DNS requests - I was granted port 53. It will be in this location until everything is configured and I colocate to a data center.

[falko]

Make sure you open port 53 TCP and UDP.

Quote:

My understanding is that I don't need a glue record unless I plan to host something at the same domain where the nameservers have authority which causes a circular reference.

That's right, if the nameservers are in the same domain as the zone then you need a glue record.

[dpicella]

Quote:

Originally Posted by falko

Make sure you open port 53 TCP and UDP..

Thanks! Yes ... I did that, but now I seem to have discovered that my server is not listening to those requests. The DNS server is definitely working.

I opened a new topic to see if I might be able to get some help on how to configure my server to listen to port 53 (UDP and TCP) on the IP address where I put the nameserver.

http://www.howtoforge.com/forums/showthread.php?t=47784

Thanks!

[eponymous]

Hi All,

I don't mean to hijack a dead thread (ok maybe I do), but I am having a similar issue. I'm faced with having to administer my own VPS for the first time, and I am just learning about DNS and all that jazz.

I have installed ISPConfig 3 and all prerequisites.

I think the main difference between my setup and the original poster of the thread is that my domain, booksjamaica.com, will host both a website and the nameservers, ns1.booksjamaica.com and ns2.booksjamaica.com.

To further complicate things, the domain is already pointing to another host.

The domain registrar won't accept an IP address for the nameserver, but requires it in the format ns1.domain.com.

Please see my ISPConfig setup below.

So my (noobish) question is: How do I make it so that my nameservers are discoverable over the internet, so that I can point my domain to ns1.booksjamaica.com?

I realize from your posts that I have a circular dependency and need a "glue record". How do I create a glue record?