Pfsense + virtualmin + bind + namecheap

denisju · March 16, 2022, 4:32pm

pfsense + virtualmin + bind + namecheap

Hi all,

I want to host a webserver on my own with a domain from namecheap:

namecheap as as a domain host.
isp provider modem as a bridge.
pfsense (pppoe) as a firewall, ids and with static ip.
virtualmin as a control panel.
bind as a nameserver.

namecheap domain:
Domain - Advanced DNS - Type:
Type Host Value TTL
NS Record ns1.domain.com. xx.xx.xx.xx Automatic
NS Record ns2.domain.com. xx.xx.xx.xx Automatic
pfsense (pppoe) as a firewall, ids and with static ip.
wan address xx.xx.xx.xx nat port forward to virtualmin/webserver
(may be later i will configure it to dmz)

3.I followed the instructions here (How do I setup nameservers for my server?):
“DNS Frequently Asked Questions – Virtualmin”

Below the recordfile in “/var/lib/bind/domain.com.hosts”
Webmin - Servers - Bind DNS Server

$ttl 3600
@	IN	SOA	ns1.domain.com. root.ns1.domain.com. (
			1647263334
			3600
			600
			1209600
			3600 )
@	IN	NS	ns1.domain.com.
@	IN	NS	ns2.domain.com.
domain.com.	IN	A	xx.xx.xx.xx
ns1.domain.com.	IN	A	xx.xx.xx.xx
ns2.domain.com.	IN	A	xx.xx.xx.xx
mail.domain.com.	IN	A	xx.xx.xx.xx
domain.com.	IN	MX	5 mail.domain.com.
domain.com.	IN	TXT	"v=spf1 a mx a:domain.com ip4:192.168.100.19 ip4:xx.xx.xx.xx ip6:xxxx::xxxx:xxxx:xxxx:xxxx ?all"
subdomain.domain.com.	IN	A	xx.xx.xx.xx
mail.subdomain.domain.com.	IN	A	xx.xx.xx.xx
subdomain.domain.com.	IN	MX	5 mail.subdomain.domain.com.

Virtualmin - System Settings - Server Template - Default Setting - Bind DNS Domain:
Master DNS server hostname - Hostname: ns1.domain.com
Additionalmanually configured nameservers: ns2.domain.com

Webmin - Servers - Check BIND Config = “No errors were found in the BIND configuration file /etc/bind/named.conf or referenced zone files.”

user@server:~$ nslookup domain.com
Server:		127.0.0.53
Address:	127.0.0.53#53

Non-authoritative answer:
*** Can't find domain.com: No answer

Any help where I made a mistake? Or did I forget something?

Do I have any errors in namecheap, pfsense, virtualmin or bind?

SYSTEM INFORMATION
OS type and version	ubuntu 20.04 lts
Webmin version	1.990
Virtualmin version	6.17-3
Related packages	SUGGESTED

Joe · March 16, 2022, 6:21pm

You’re making this too confusing. pfsense has nothing to do with DNS. Disable any firewall/IDS you have on your router(s) while you sort this out, and if there is a pfsense problem, take it up with the pfsense folks. Not my circus, not my monkey. I literally cannot help you with pfsense, I barely know what it is.

I also don’t care about your registrar. Registrar only matters for glue records, and they aren’t relevant yet, if you can’t even get the local name server to answer for your domain…though you may not be querying what you think you’re querying.

Try this:

host domain.tld 127.0.0.1

Does that return something sensible?

If it does, your glue records are wrong, and your local resolver (the one on 127.0.0.53, probably systemd-resolved or dnsmasq) is not checking with the local BIND (which is mostly harmless, as long as you get your glue records right).

system · May 15, 2022, 6:21pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.