Forwarding nameserver domains to actual nameserver? BIND / DNS / apache

Hi All,

I’m not exactly sure how to describe this action but here’s what I got:

Current setup:

• thedomain.com uses ns1.main.com & ns2.backup.com
• ns1.main.com & ns2.backup.com points to same ip (74.x.x.1)
• both nameservers are registered nameservers
• host server thehost.com has static ip 74.x.x.1
• BIND DNS enabled via Virtualmin/Webmin
• DNS entries on host server: master zone thedomain.com, a record thedomain.com to 74.x.x.1, cname (name alias) record 74.x.x.1, name server record thedomain.com. to ns1.main.com. & ns2.backup.com.

Hoping to:

• have my host server work as DNS when domains use ns1.main.com/ns2.backup.com instead of the typical ns1.thehost.com/ns2.thehost.com nameservers. (in the past, using the ns1.thehost.com/ns2.thehost.com worked, but now I would like to use different domain names).

Any thoughts or solutions?

Thanks!

Howdy,

Well, it sounds like you have DNS already setup, so it looks as if you have the DNS/nameserver setup process down.

It sounds like you may simply need to configure ns1.main.com/ns2.backup.com as registered domain servers with your domain name registrar, and then setup DNS ‘A’ records for them on your Virtualmin server.

That process is described here in the section named “How do I setup nameservers for my server”:

https://www.virtualmin.com/documentation/dns/faq

However, I’m not sure I fully understand what question you’re asking… so if I didn’t answer your question, let me know

-Eric

Hey Eric,

I just added an A record for ns1.main.com like so: Webmin->Servers->BIND DNS Server->Create Zones from Batch File-> entered main.com:master:main.com.hosts:74.x.x.1

Now in /etc/named.conf

options {
directory “/etc”;
pid-file “/var/run/named/named.pid”;
allow-recursion { localnets; 127.0.0.1; };
allow-transfer {
127.0.0.1;
localnets;
};
};

zone “.” {
type hint;
file “/etc/db.cache”;
};

zone “main.com” {
type master;
file “/var/named/main.com.hosts”;
};

And A records in /var/named/main.com.hosts

$ttl 38400
ns1.main.com. IN A 74.x.x.1
ns2.main.com. IN A 74.x.x.1


So, ns1.main.com (pointing to 74.x.x.1) is already registered with my registrar. By the way, I have main.com using my registrar’s dns hosting (currently only with one A record . to 74.x.x.1).

See if something is wrong?

I’m just as confused as Eric about this one.

Can you reiterate please what exactly you have set up now, what exactly you’re trying to achieve and what exactly the problem is?

Important information here would be: Which domain names are involved, which names are supposed to be served by which system, and which of these systems is under your administration? Are you trying to serve the zones from your own system or from a third-party DNS service?

It will also help if you used actual domain names and IP addresses instead of “aliases” like “main.com”. Using those can be confusing and prevent us from doing tests from the outside, and since you’re intending to host web services, hostnames and IP addresses are inherently not a secret anyway.

My goal is to park domains on my web server. At the same time, I would like to use that same machine as a DNS server for all those domains.

Host server:

• hostname: firelitehost.com
• ip: 74.80.225.104

Domain details of firelitehost.com:

• nameservers: 3rd party DNS
• firelitehost.com IN A 74.80.225.104
• registered DNS: 1st.firelitehost.com & 2nd.firelitehost.com to 74.80.225.104

On a 3rd party DNS hosted domain, domains park fine. The domain resolves and goes to default virtual server set in Virtualmin:

Domain details of andyofla.com:

• nameservers: 3rd party DNS
• andyofla.com. IN A 74.80.255.104

But when trying to use my own DNS server it fails, like so:

Domain details of bidswar.com:

• nameservers: 1st.firelite.co & 2nd.firelite.net
• bidswar.com. IN A 74.80.255.104
• bidswar.com. IN NS 1st.firelite.co.
• bidswar.com. IN NS 2nd.firelite.net.

Domain details of firelite.co:

• nameservers: 3rd party DNS
• firelite.co IN A 74.80.225.104
• registered DNS: 1st.firelite.co to 74.80.225.104

Domain details of firelite.net:

• nameservers: 3rd party DNS
• firelite.net IN A 74.80.225.104
• registered DNS: 2nd.firelite.net to 74.80.225.104

In the past, I was able to use nameservers 1st.firelitehost.com & 2nd.firelitehost.com successfully where I could control zone records via BIND and park all domains. That server crashed a month ago, and now I want to reconfig it using nameservers 1st.firelite.co & 2nd.firelite.net.

Does this help paint the picture?

Both of these domains, “bidswar.com” and “andyofla.com”, do not have their NS entries at the NIC set to your server, but to some other 3rd-party DNS, like you said:

[code]; <<>> DiG 9.7.0-P1 <<>> andyofla.com +trace
;; global options: +cmd
. 40875 IN NS m.root-servers.net.
[…]
. 40875 IN NS l.root-servers.net.
. 40875 IN NS c.root-servers.net.
;; Received 244 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms

com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
[…]
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
;; Received 502 bytes from 192.33.4.12#53(c.root-servers.net) in 23 ms

andyofla.com. 172800 IN NS ns1.dns-diy.net.
andyofla.com. 172800 IN NS del64.emailjiajia.com.
;; Received 139 bytes from 192.43.172.30#53(i.gtld-servers.net) in 23 ms

andyofla.com. 3600 IN A 74.80.225.104
;; Received 46 bytes from 74.200.220.212#53(ns1.dns-diy.net) in 134 ms[/code]

What you need to do to serve the zones from your server is: set them up in Virtualmin, and then go to your hoster’s control panel - where you can hopefully configure the NIC entries for your domains - and set the NS entries (i.e. nameserver delegation) to your Virtualmin.

It is configured correctly when the *.gtld-servers.net reply with something like this:

andyofla.com. 172800 IN NS 1st.firelitehost.com. andyofla.com. 172800 IN NS 2nd.firelitehost.com. ;; Received 139 bytes from 192.43.172.30#53(i.gtld-servers.net) in 23 ms

If you cannot configure the NS entries at your current hoster (which would surprise me), you need to switch to one where you can do that. Nameserver delegation, i.e. configuring NIC data records, is the only way to use your own server as nameserver.

Locutus,

So I have the ability to change the Nameserver delegations through my NIC. Does bidswar.com currently show something like this below?

All my domains are currently set to this use those nameservers except a few, like andyofla.com. But I would like this to work with my DNS server. 1st.firelite.co. and 2nd.firelite.net. are currently registered nameservers through my NIC and point to 74.80.225.104. Will this schema ever work?

Alrighty. I just added the A records for the hostnames via dns-diy.net. Which commands would you run on dig to check if they are correct?

1st.firelite.co has address 74.80.225.104
2nd.firelite.net has address 74.80.225.104

same IP’s for both??

Hey Yorkki,

Yup, it should be the same until I create another DNS server elsewhere.

“1st.firelight.co” and “2nd.firelight.net” look okay now.

Queries for “bidswar.com” reach your server, which then says “REFUSED” though. It seems the zone is not yet set up correctly on your BIND. Make sure the zone is active, loaded, queries are allowed for all sources, and BIND does not report any errors upon loading (check /var/log/syslog).

Best command to verify nameservers is dig, in addition to the website “intodns.com”.

dig 1st.firelight.co +trace shows the full recursive query path

dig bidswar.com @74.80.225.104 directly queries your server for the given name.

The hostnames 1st.firelite.co and 2nd.firelite.net seem to not be set up correctly.

The respective NICs report ns1.dns-diy.net to be responsible nameservers for firelite.co/.net. ns1.dns-diy.net though reports no A records for your two nameserver hostnames, only for “firelite.co” itself. Either you need to configure your server to be responsible for “firelite.co”, or enter the A records at the hoster.

You need to fix that problem first before you can try to set up your server as authoritative server for other domains.

executing from different remote server:
dig bidswar.com @74.80.225.104

while
tail -f /var/log/messages | grep “bidswar”
returns:

May 19 02:03:44 firelitehost named[4034]: client 208.94.116.220#58699: query ‘bidswar.com/A/IN’ denied


and

Currently in named.conf:

options {

directory "/etc";
pid-file "/var/run/named/named.pid";
allow-recursion { localnets; 127.0.0.1; };
    allow-transfer {
            127.0.0.1;
            localnets;
            localhost;
            };
};

zone “.” {
type hint;
file “/etc/db.cache”;
};

zone “bidswar.com” {
type master;
file “/var/named/bidswar.com.hosts”;
allow-transfer {
127.0.0.1;
localhost;
localnets;
};
allow-query { 0.0.0.0; };

    };

and bidswar.com.hosts:

$ttl 38400
bidswar.com. IN SOA 1st.firelite.co. root.1st.firelite.co. (
1305530268
10800
3600
3600
38400 )
bidswar.com. IN NS 1st.firelite.co.
bidswar.com. IN A 74.80.255.104
www IN CNAME 74.80.255.104
bidswar.com. IN NS 2nd.firelite.net.

How do I safely allow queries? Or is that not the issue here?

You have an error in your zone file:

www     IN      CNAME   74.80.255.104

CNAMEs map a hostname to another hostname, not to an IP address. If you want “www” to map to the server’s IP, you need an A record.

BIND notes such errors in the syslog when starting up. Like I suggested before, you should check that for further errors. You can also use Webmin’s BIND module to perform a configuration check which will tell you if there are any errors.