To start off, I find DNS the most confusing thing in the world, so I apologize if this question is rather stupid.
I’m running Virtualmin behind a NAT. Ports 80, 443 and 10000 are forwarded to it.
Virtualmin has a hostname of ns1.sitea.com. I own the sitea.com TLD.
I have other domains that I own, lets call them siteb.com, and sitec.com.
On my registrar’s website, the A record for *.sitea.com is my public IP address. siteb.com and sitec.com have both had their nameservers changed to ns1.sitea.com.
For the life of me, I can’t figure out why every DNS check I run shows Virtualmin as not responding to DNS requests: https://i.imgur.com/SCgU0po.png
Again, I have no idea what I’m doing when it comes to DNS, so if someone could please point me in the right direction as to how to get Virtualmin to be an authoritative nameserver for my domains, I’d greatly appreciate it.
I read the FAQ topic at the bottom of this page: https://www.virtualmin.com/documentation/dns/faq
But I’m having trouble understanding it. Could someone clarify?
If you’re hosting dns/domains behind NAT firewall, you also have to forward port 53 tcp and udp for DNS requests through that firewall and any firewall virtualmin has setup as well(if any).
Test DNS resolution/track down where the problem is, On the local terminal do…
‘dig @127.0.0.1 yourhostname.com’ Will test if local dns is resolving locally.
Then ‘dig @184.108.40.206 randomhostname.com’ Will test if your machine can resolve Dns outside the lan.
Then ‘dig @220.127.116.11 yourhostname.com’ Will test if google dns servers has your hostname yet.
Then, ‘dig @yournameserver.com yourhostname.com’ Will test your name server’s resolution of your own domain.
All 4 of those should show yourhostname and IP.
Have you added glue records for your nameserver at your registrar?
Your nameserver still has to be registered for other nameservers to know it exists…an A record just for the parent domain name is not enough…that only resolves your parent domain to an ip address, but it does not tell the internet about your nameserver/s
You have to register your nameserver/s with your registrar too.
Check out this article on one of my registrar support documents…obviously your registrar will have a slightly different way of doing it…but this will at least help you understand enough to google search more accurately for information about registering custom nameservers
Thanks for the help guys. I figured out what it was. I’m with a relatively small registrar, and they require you to open a ticket before nameserver changes will actually start propagating. Odd, but that fixed the propagation issue.
Thanks to scottwnw, I did not know I needed to forward the DNS port into the nameserver. I thought it was all going through port 80. That quickly resolved my DNS issue!
Ah i dont believe that…what your registrar has done is create glue records for your nameservers…they just didnt tell you what they actuallly did. As far as my country domains work, nameserver zones do not function without glue records…everyone has to use them.
As i said,to get nameservers working requires two things, an a record for your primary domain,and glue records for nameserver at your domain. You did the first(as stated in your first post), your registrar has just done the second (as you have just stated without realising it in your last post).
It sounds to me that if your registrar did this manually for you, your registrar may really be a domain reseller…not that it matters…i am a domain reseller in my country there is nothing wrong with this.