ISPconfig and DNS

Discussion in 'Installation/Configuration' started by cpq, May 22, 2012.

  1. cpq

    cpq New Member

    Hi all and thanks for all how put in som time at this site and forum :)

    I have made an multi server setup : http://www.howtoforge.com/multiserv...se-servers-on-debian-squeeze-with-ispconfig-3

    I made all servers with LAN IP address, and now i kinde of stuck.

    How do i create 2 public DNS servers that works with public IP address?

    NS1: 192.168.1.161 - want it to work on Wan IP 123.123.123.1
    NS2: 192.168.1.162 - want it to work on Wan IP 123.123.123.2

    All servers it located behinde a firewall
     
  2. falko

    falko Super Moderator

    You must make the A records of your nameservers (e.g. ns1.example.com and ns2.example.com) point to your public IP addresses. Also configure your router to forward port 53 (TCP and UDP) to the nameserver's local IP addresses.
     
  3. cpq

    cpq New Member

    Hi Falco.

    Thanks for you´re answer :)
    is this right? (se photos)
    I want to run my own DNS for all my domains instead havind to host then at a DNS hoster.
     

    Attached Files:

    Last edited: May 23, 2012
  4. falko

    falko Super Moderator

  5. cpq

    cpq New Member

    Hi Falco.

    Thank you so much for you´re time :)
     
  6. cpq

    cpq New Member

    It seems that i need som configuration for my DNS servers...
    I only followed the guide and nothing else, how do i configure my name servers?
     
  7. till

    till Super Moderator

    No. Falko talked about the dns server of the registry were you ordered the domain and not your dns servers. Glue records have to be added at the registry and not your own dns server. The records of your own server as shown on the screenshot are fine.
     
  8. cpq

    cpq New Member

    I got that, but the servers is not responding internal nor externat when asking at there IP address.

    Dos they need to be made som changes af some config files?
     
  9. falko

    falko Super Moderator

    Do you see BIND running in the outputs of
    Code:
    netstat -tap
    and
    Code:
    netstat -udp
    ?

    also make sure that port 53 (TCP and UDP) is open.
     
  10. cpq

    cpq New Member

    I´ll try that tomorrow...
     
  11. cpq

    cpq New Member

    root@ns1:~# netstat -tap
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0 localhost:mysql *:* LISTEN 1161/mysqld
    tcp 0 0 *:sunrpc *:* LISTEN 748/portmap
    tcp 0 0 *:munin *:* LISTEN 30817/munin-node
    tcp 0 0 ns1.XXX.dk:domain *:* LISTEN 945/named
    tcp 0 0 localhost:domain *:* LISTEN 945/named
    tcp 0 0 *:ssh *:* LISTEN 1229/sshd
    tcp 0 0 localhost:smtp *:* LISTEN 1514/exim4
    tcp 0 0 localhost:953 *:* LISTEN 945/named
    tcp 0 0 *:39107 *:* LISTEN 760/rpc.statd
    tcp 0 0 ns1.XXX.dk:48040 web.XXX.dk:mysql TIME_WAIT -
    tcp 0 52 ns1.XXX.dk:ssh 192.168.2.60:56597 ESTABLISHED 10166/0
    tcp6 0 0 [::]:domain [::]:* LISTEN 945/named
    tcp6 0 0 [::]:ssh [::]:* LISTEN 1229/sshd
    tcp6 0 0 ip6-localhost:smtp [::]:* LISTEN 1514/exim4
    tcp6 0 0 ip6-localhost:953 [::]:* LISTEN 945/named
    root@ns1:~#
     
  12. cpq

    cpq New Member

    root@ns1:~# netstat -udp
    Active Internet connections (w/o servers)
    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    root@ns1:~#
     
  13. falko

    falko Super Moderator

    Sorry, I meant
    Code:
    netstat -u[COLOR="Red"]a[/COLOR]p
     
  14. cpq

    cpq New Member

    root@ns1:~# netstat -uap
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    udp 0 0 ns1.XXX.dk:domain *:* 13202/named
    udp 0 0 localhost:domain *:* 13202/named
    udp 0 0 *:sunrpc *:* 748/portmap
    udp 0 0 ns1.XXX.dk:ntp *:* 1611/ntpd
    udp 0 0 localhost:ntp *:* 1611/ntpd
    udp 0 0 *:ntp *:* 1611/ntpd
    udp 0 0 *:33025 *:* 760/rpc.statd
    udp 0 0 *:936 *:* 760/rpc.statd
    udp6 0 0 [::]:domain [::]:* 13202/named
    udp6 0 0 fe80::250:56ff:febb:ntp [::]:* 1611/ntpd
    udp6 0 0 ip6-localhost:ntp [::]:* 1611/ntpd
    udp6 0 0 [::]:ntp [::]:* 1611/ntpd
    root@ns1:~#
     
  15. falko

    falko Super Moderator

    Ok, named is running. Please cehck your firewall - port 53 (TCP and UDP) must be open.
     
  16. cpq

    cpq New Member

    I did that, its not working internal either...
     
  17. falko

    falko Super Moderator

    Are there any named errors in your syslog?
     
  18. cpq

    cpq New Member

    Where is that located?
     
  19. cpq

    cpq New Member

    Found it.... got some....

    Jun 10 18:00:01 ns1 /USR/SBIN/CRON[9230]: (root) CMD (if [ -x /etc/munin/plugins/apt_all ]; then /etc/munin/plugins/apt_all update 7200 12 >/dev/null; elif [ -x /etc/munin/plugins/apt ]; then /etc/munin/plugins/apt update 7200 12 >/dev/null; fi)
    Jun 10 18:00:02 ns1 named[13202]: error (network unreachable) resolving 'security.debian.org/A/IN': 2001:41b8:202:deb:216:36ff:fe40:3905#53
    Jun 10 18:00:02 ns1 named[13202]: error (network unreachable) resolving 'security.debian.org/A/IN': 2001:8d8:580:400:6564:a62:0:4#53
    Jun 10 18:00:13 ns1 mpt-statusd: detected non-optimal RAID status
    Jun 10 18:01:01 ns1 /USR/SBIN/CRON[9314]: (root) CMD (/usr/local/ispconfig/server/server.sh > /dev/null 2>> /var/log/ispconfig/cron.log)
    Jun 10 18:02:01 ns1 /USR/SBIN/CRON[9689]: (root) CMD (/usr/local/ispconfig/server/server.sh > /dev/null 2>> /var/log/ispconfig/cron.log)
    Jun 10 18:03:01 ns1 /USR/SBIN/CRON[9697]: (root) CMD (/usr/local/ispconfig/server/server.sh > /dev/null 2>> /var/log/ispconfig/cron.log)
    Jun 10 18:04:01 ns1 /USR/SBIN/CRON[9705]: (root) CMD (/usr/local/ispconfig/server/server.sh > /dev/null 2>> /var/log/ispconfig/cron.log)
    Jun 10 18:05:01 ns1 /USR/SBIN/CRON[9714]: (root) CMD (/usr/local/ispconfig/server/server.sh > /dev/null 2>> /var/log/ispconfig/cron.log)
    Jun 10 18:05:01 ns1 /USR/SBIN/CRON[9715]: (root) CMD (if [ -x /etc/munin/plugins/apt_all ]; then /etc/munin/plugins/apt_all update 7200 12 >/dev/null; elif [ -x /etc/munin/plugins/apt ]; then /etc/munin/plugins/apt update 7200 12 >/dev/null; fi)
    Jun 10 18:06:01 ns1 /USR/SBIN/CRON[9773]: (root) CMD (/usr/local/ispconfig/server/server.sh > /dev/null 2>> /var/log/ispconfig/cron.log)
    Jun 10 18:07:01 ns1 /USR/SBIN/CRON[10148]: (root) CMD (/usr/local/ispconfig/server/server.sh > /dev/null 2>> /var/log/ispconfig/cron.log)
    Jun 10 18:08:01 ns1 /USR/SBIN/CRON[10156]: (root) CMD (/usr/local/ispconfig/server/server.sh > /dev/null 2>> /var/log/ispconfig/cron.log)
    Jun 10 18:09:01 ns1 /USR/SBIN/CRON[10165]: (root) CMD (/usr/local/ispconfig/server/server.sh > /dev/null 2>> /var/log/ispconfig/cron.log)
    Jun 10 18:09:01 ns1 /USR/SBIN/CRON[10166]: (root) CMD ( [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -delete)
    Jun 10 18:10:01 ns1 /USR/SBIN/CRON[10180]: (root) CMD (/usr/local/ispconfig/server/server.sh > /dev/null 2>> /var/log/ispconfig/cron.log)
    Jun 10 18:10:01 ns1 /USR/SBIN/CRON[10181]: (root) CMD (if [ -x /etc/munin/plugins/apt_all ]; then /etc/munin/plugins/apt_all update 7200 12 >/dev/null; elif [ -x /etc/munin/plugins/apt ]; then /etc/munin/plugins/apt update 7200 12 >/dev/null; fi)
    Jun 10 18:10:13 ns1 mpt-statusd: detected non-optimal RAID status
    Jun 10 18:10:36 ns1 named[13202]: error (network unreachable) resolving 'blackhole-1.iana.org/A/IN': 2001:500:89::53#53
    Jun 10 18:10:36 ns1 named[13202]: error (network unreachable) resolving 'b.iana-servers.net/A/IN': 2001:500:8d::53#53
    Jun 10 18:10:36 ns1 named[13202]: error (network unreachable) resolving 'a.iana-servers.net/A/IN': 2001:500:8c::53#53
    Jun 10 18:10:36 ns1 named[13202]: error (network unreachable) resolving 'a.iana-servers.net/A/IN': 2001:648:2c30::1:10#53
    Jun 10 18:10:36 ns1 named[13202]: error (network unreachable) resolving 'a.iana-servers.net/AAAA/IN': 2620:0:2ee0:2::153#53
    Jun 10 18:10:36 ns1 named[13202]: client 192.168.1.121#57419: RFC 1918 response from Internet for 60.2.168.192.in-addr.arpa
    Jun 10 18:11:01 ns1 /USR/SBIN/CRON[10252]: (root) CMD (/usr/local/ispconfig/server/server.sh > /dev/null 2>> /var/log/ispconfig/cron.log)
    Jun 10 18:11:12 ns1 named[13202]: client 192.168.1.121#60912: RFC 1918 response from Internet for 60.2.168.192.in-addr.arpa
     
  20. falko

    falko Super Moderator

    Does the server's internet connection work? Do you have valid nameservers in /etc/resolv.conf?
     

Share This Page