DNS configuration

Discussion in 'Installation/Configuration' started by dimas, Dec 18, 2010.

  1. dimas

    dimas Member

    I've read just about everything there is to read on this matter on the forum, but I still can't figure out a number of things about DNS and BIND.

    I'm setting up ISPConfig on two servers according to perfect setup on CentOS 5.5.

    All services including DNS are up (green), but after I made my first master DNS record at one server and tried

    dig @localhost mydomain.com any

    - it returned a "status: SERVFAIL" error.

    After reading comments on the same "perfect server" page I changed the last line of /var/named/chroot/etc/named.conf to include "/var/named/chroot/var/named/named.local"; (as was suggested) and now "dig @localhost mydomain.com any" is OK.

    But there are still problems.

    1. If I try:

    dig @my_server_ip_address mydomain.com any

    I get:
    ; (1 server found)
    ;; global options: printcmd
    ;; connection timed out; no servers could be reached

    Shouldn't I receive the same results as with localhost?

    2. Secondly, BIND zonefiles directory option within the panel by default is:

    With this setting inside named.local the line with "file" looks like this, with TWO slashes:

    file "/var/named/chroot/var/named//pri.mydomain.com";

    Is it OK, or should I remove the last slash within the panel: /var/named/chroot/var/named ?

    3. And lastly, I can't make the zone transfer happen if I make a secondary DNS zone on my second server. The IP of the second server, from which the request comes, is successfully written within the allow-transfer {}; on my first server, but still I see in the system log of second server:

    Dec 18 21:30:56 server3 named[7731]: transfer of 'mydomain.com/IN' from xx.yy.xx.yy#53: failed to connect: connection refused
    Dec 18 21:30:56 server3 named[7731]: transfer of ''mydomain.com/IN' from xx.yy.xx.yy#53: end of transfer

    Why is that? - I'll greatly appreciate your help!
    Last edited: Dec 18, 2010
  2. dimas

    dimas Member

    I answer myself.

    Please correct me if I'm wrong somewhere, but at least it worked for me.

    1. I changed named.conf this way:

    listen-on port 53 {; };

    I changed to:
    listen-on port 53 {; my_server_ip};


    allow-query { localhost; };

    I changed to:
    allow-query { any; };

    2. I DID remove the trailing slash inside panel options:

    3. The fight to make the zone transfer was a long and hard one, because even after bind became listening where it should have been listening and became allowing any queries, I still received REFUSED error.

    Finally I got the answer. My servers are connected by local network - and the allow-transfer {}; should have stated not the "web" IP of the secondary server but it's second IP (of it's second NIC) through which this secondary server connected to the primary.

    Hope this helps someone - and please correct me if I did something wrong.

Share This Page