DNS and ISPConfig

Discussion in 'General' started by demortes, Mar 24, 2007.

  1. demortes

    demortes New Member

    I'm at a loss of what to do here. I have posted in two other forums, then I thought that I should go to the ISPConfig support forums...

    Anyhow, I have my server in a DMZ of my router right now, the ISPConfig firewall active on it. The firewall is disabled on the router, and for added assurance, I have port forwarded all needed port (80, 81, 53, 22, 21, etc) to the server.

    The first weird thing, after changing the nameserver address from NS2 to NS, the server doesn't respond to NS. NS2 and NS3 points to a zoneedit nameserver set to copy NS.SERENITY-TECH.COM

    Now... everytime I query the server directly, I get a SERVFAIL.

    So what do I need to give you in order for someone more advance in this can help me troubleshoot this? NS.SERENITY-TECH.COM is the nameserver, fireflythemud.com is hosted on it as well as the serenity-tech.com IP's and all.

    Also, should the A records be the 192.168 address or my ISP's IP? I figured it wouldn't help anyone outside of the LAN to be resolving sites to 192 addresses, so I changed it all from the 192 to the 69 address.

    Tell me what I need, and you will receive.

    Thanks in advance,
  2. demortes

    demortes New Member

    Since I posted, I have upgraded to the latest version of ISPConfig.

    Also, something that might help, NS.SERENITY-TECH.COM forwards as a website... but the domain that ISPconfig tells me is test.serenity-tech.com

    So what now?

    I use Godaddy for the NS registering, etc.
  3. demortes

    demortes New Member

    BIND9 configuration files.

    It seems that the BIND9 configuration files are not being written correctly by ISPConfig.

    There are a bunch of ;'s before what I believe are comments. When I get home, I will post more on this, but is this a known issue, or something unique to me?
  4. falko

    falko Super Moderator ISPConfig Developer

    You must use public IP addresses if you want people form outside your LAN to access your web sites.

    Did you add NS.SERENITY-TECH.COM as a Co-Domain to the test.serenity-tech.com web site in ISPConfig?

    Do you see any BIND error messages in your logs?

    There's a problem with the name servers for SERENITY-TECH.COM:
    mh1:~# dig ns SERENITY-TECH.COM
    ; <<>> DiG 9.2.1 <<>> ns SERENITY-TECH.COM
    ;; global options:  printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 3602
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
    ;SERENITY-TECH.COM.             IN      NS
    ;; Query time: 1945 msec
    ;; SERVER:
    ;; WHEN: Sun Mar 25 15:13:34 2007
    ;; MSG SIZE  rcvd: 35
    Do you want NS.SERENITY-TECH.COM to host DNS records for SERENITY-TECH.COM? Then you need a glue record: http://en.wikipedia.org/wiki/Dns#Circular_dependencies_and_glue_records
  5. demortes

    demortes New Member

    Glue record? Wikipedia doesn't say anything about how to set it up. However, I figured GoDaddy took my IP address for this reason. I set it up to point ns.serenity-tech.com to my public IP address, port forwarded 53 to the server... however, you still get SERVFAIL.

    When I do a named-checkconf on the pri.serenity-tech.com file it gives me a bunch of syntax errors. At that time, it was unedited by me. After that, I tried changing all the ;'s to //'s, cause comments were being preceded by ;'s.

    Also, I realized that test.serenity-tech.com was still active, but since I no longer had a host, I was making this live, I deleted test.serenity-tech.com. (Little traffic to lose, if any) After this, I will be using a virtual machine to test changes before making them live...

    Something else I find interesting. When I go to my servers internal IP address, it defaults to the first page created and still active, in this case catalog.serenity-tech.com. Obviously, I don't get images, since the href tags refer to serenity-tech.com, etc.
  6. demortes

    demortes New Member

    Thought I'd toss this GoDaddy information for hosts:
    Last Updated: 3/23/2007

    Last Updated: 3/23/2007

    Last Updated: 3/23/2007

    Just to verify that it is set up right...
  7. demortes

    demortes New Member

    named-checkconf returns these errors:
    pri.serenity-tech.com:1: unknown option '$TTL'
    pri.serenity-tech.com:3: unknown option 'serial,'
    pri.serenity-tech.com:4: unknown option 'refresh,'
    pri.serenity-tech.com:5: unknown option 'retry,'
    pri.serenity-tech.com:6: unknown option 'expire,'
    pri.serenity-tech.com:7: unknown option 'minimum,'
    pri.serenity-tech.com:9: unknown option 'NS'
    pri.serenity-tech.com:9: unknown option 'Inet'
    pri.serenity-tech.com:10: unknown option 'Inet'
    pri.serenity-tech.com:13: unknown option 'ASPMX.L.GOOGLE.COM.'

    I did this AFTER reverting to the default ISPConfig written file, which is as follows:

    $TTL 86400
    @ IN SOA ns.serenity-tech.com. admin.serenity-tech.com. (
    2007032401 ; serial, todays date + todays serial #
    28800 ; refresh, seconds
    7200 ; retry, seconds
    604800 ; expire, seconds
    86400 ) ; minimum, seconds
    NS ns.serenity-tech.com. ; Inet Address of name server 1
    NS ns2.serenity-tech.com. ; Inet Address of name server 2


    serenity-tech.com. A
    catalog A
    www A
    ns A
    ns2 A

    google9d372bf15970f817 CNAME google.com.



    At this point, to minimize headachs, I'm going to take advantage of Godaddy's Total DNS control feature, and all hosted websites can go through my server.
  8. demortes

    demortes New Member

    Nameserver works fine now. Just reinstalled the OS (Went with Ubuntu 6.10 server edition this time). Now I have a new problem, which is already in a new thread...

Share This Page