DNS configuration

Help! (Home for newbies)
1

Hey everyone

I’m trying to get my DNS records correct so that domains hosted on my server can use ns1-4.mydomain.tld. I’ve viewed the help at http://www.virtualmin.com/documentation/dns/faq and at http://www.virtualmin.com/documentation/dns/troubleshooting and I’m not sure what to try next. I’m hoping that someone out there might be able to point me in the right direction and help me find the solution.

Here’s where I’m at right now:

I have changed my nameservers with my registrar (123-reg) to ns1-4.mydomain.tld and pointed them all to 4 unique IP addresses for my server.

Within BIND I have:
created a Master Zone for mydomain.tld,
set the nameserver for mydomain.tld as my.fqdn.tld
created 4 x A records for ns1-4.mydomain.tld pointing to the same 4 IP addresses listed with my registrar.

The results of all this are as follows:
A whois search from domaintools.com reveals the correct ns1-4 records are listed.
A reverse IP results in a ‘no website’ response
host mydomain.tld reports the connection timed out; no servers could be reached
dig mydomain.tld reports the same

Have I missed something out within this setup or is something not configured properly?

Any help or advise would be very much appreciated.

Thanks

Chris

2

A reverse IP results in a ‘no website’ response

Reverse DNS entries would be setup by your ISP – so you’ll want to contact your provider regarding having reverse DNS setup.

host mydomain.tld reports the connection timed out; no servers could be reached

Well, it sounds like something is unable to contact the BIND service running on your server.

Is your server by chance running behind a NAT router? If so, you’d need to forward in port 53 UDP.

Or, is there a firewall setup on your server (or in front of it)? If so, you’d want to open up a port for those DNS queries.

If you don’t think those are the issue – try running this command:

netstat -an | grep :53 | grep udp

Does that return any entries?

-Eric

3

Hi Eric, again!

Port 53 is open - or there is no firewall? I’m not entirely sure of the datacentre setup.

Here are the results from the netstat command

udp 0 0 213.229.120.xxx:53 0.0.0.0:* udp 0 0 127.0.0.1:53 0.0.0.0:* udp6 0 0 :::53 :::*

Do you by chance have any other ideas?

Chris

4

Ah, so, it looks like BIND is only listening on 213.229.120.xxx:53 and your localhost interface.

You may want to take a look in Webmin -> Servers -> BIND DNS Server -> Addresses and Topology, and make sure that it’s listening on all of your IP addresses.

What you see in “Ports and addresses to listen on” should be a space separated list of all the IP addresses BIND should be listening on.

-Eric

5

Cheers Eric

That seems logical to me, but when I go to Addresses and Topology the interface doesn’t include any configured addresses - everything is simply set to ‘default’. Is this info meant to come from some other config settings or should I manually change the values from default to a list? If so, should it be the localhost plus all 5 of my current IP addresses?

Chris

6

Well, before you change that – is it any different if you just restart BIND?

On Ubuntu, you can do that by running this command:

/etc/init.d/bind9 restart

7

I tried the restart and got nothing, so I’ve changed the listen on to manual and setup the 5 IP addresses, now it seems to be working - well, kind of

when I dig the domain I can see the SOA in the authority section but no mention of the 4 nameservers. Perhaps this is due to recent changes on the registrar nameserver settings and propagation.

I’ll leave it for a few hours (read tomorrow as it’s 23:30 here in the UK) and see what happens once the propagation period has passed.

Thanks for all of your help Eric, I’ll post back with results tomorrow.

Chris