|
|
|
|
|
|||||||
| Web & Network Services Discussion related to network/web services such as apache, bind, sendmail, etc. |
 |
|
|
Thread Tools | Display Modes |
|
#1
January 22nd, 2010, 18:19
|
||||
|
||||
Setting up nameserver - bind
Hi,
First of all sorry for bad English. I'm a newcomer to FreeBSD, and I'm going to like it. Before I tried FreeBSD, I had a Linux VPS (My ISP set it up for me). I decide to drop it in favor of FreeBSD and installed FreeBSD from scratch on VMWare ESXi 4.0 (My ISP just offers Linux VPS, but they agreed to let me set it up myself). The problem is I know nothing about setting up DNS and Nameserver. I followed this guide to setup bind nameserver: http://www.freebsd.org/doc/handbook/network-dns.html The Server Spec: Code:
http://91.194.91.7/ ns1.babaei.net 91.194.90.11 ns2.babaei.net 91.194.90.12 ns3.babaei.net 193.200.241.6 ns4.babaei.net 93.104.209.252 I edit /etc/rc.conf: Code:
named_enable="YES" /etc/namedb/named.conf Code:
zone "babaei.net" {
type master;
file "master/babaei.net";
};
zone "1.168.192.in-addr.arpa" {
type slave;
file "slave/1.168.192.in-addr.arpa";
masters {
192.168.1.1;
};
};
/etc/namedb/master/babaei.net Code:
$TTL 3600 ; 1 hour default TTL
babaei.net. IN SOA ns1.babaei.net. root.babaei.net. (
2010012208 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
300 ; Negative Reponse TTL
)
; DNS Servers
IN NS ns1.babaei.net.
IN NS ns2.babaei.net.
IN NS ns3.babaei.net.
IN NS ns4.babaei.net.
; MX Records
IN MX 10 mx.babaei.net.
IN MX 20 mail.babaei.net.
IN A 91.194.91.7
; Machine Names
localhost IN A 127.0.0.1
ns1 IN A 91.194.90.11
ns2 IN A 93.104.209.252
ns3 IN A 193.200.241.6
ns4 IN A 91.194.90.12
mx IN A 91.194.91.7
mail IN A 91.194.91.7
; Aliases
www IN CNAME babaei.net.
/etc/namedb/slave/1.168.192.in-addr.arpa Code:
$TTL 3600
1.168.192.in-addr.arpa. IN SOA ns1.babaei.net. root.babaei.net. (
2010012208 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
300 ) ; Negative Reponse TTL
IN NS ns1.babaei.net.
IN NS ns2.babaei.net.
IN NS ns3.babaei.net.
IN NS ns4.babaei.net.
1 IN PTR babaei.net.
2 IN PTR ns1.babaei.net.
3 IN PTR ns2.babaei.net.
4 IN PTR ns3.babaei.net.
5 IN PTR ns4.babaei.net.
6 IN PTR mx.babaei.net.
7 IN PTR mail.babaei.net.
Code:
# named-checkzone babaei.net /etc/namedb/master/babaei.net zone babaei.net/IN: loaded serial 2010012208 OK # /etc/rc.d/named reload // or # rndc reload When I tried this from the VPS itself: Code:
# host -t ns babaei.net babaei.net name server ns4.babaei.net. babaei.net name server ns2.babaei.net. babaei.net name server ns3.babaei.net. babaei.net name server ns1.babaei.net. I tried this for 5 days, and still I can't browse my website: http://checkdns.net/quickcheck.aspx?...net&detailed=1 Code:
Tried to fetch SOA record for domain, but DNS server ns1.babaei.net [91.194.90.11] returned error code Refused Error fetching SOA from ns2.babaei.net [93.104.209.252]: Connection reset. Probably DNS server is offline. Tried to fetch SOA record for domain, but DNS server ns3.babaei.net [193.200.241.6] returned error code Refused Tried to fetch SOA record for domain, but DNS server ns4.babaei.net [91.194.90.12] returned error code Refused It's an rock-solid OS and I didn't want to ignore it just because I can't setup DNS in bind or my ISP doesn't support FreeBSD. Thanks in Advance. 
|
|
#2
January 22nd, 2010, 21:01
|
||||
|
||||
|
As far as I can see, your domain registration lacks glue records. Glue records are needed when a domain's nameservers are within that domain. So the problem is that nobody can find the IP address for the nameservers, because there's no way to ask the nameservers for the IP address, because the IP address for the nameservers is not known, making it impossible to find .... you see where this is going? So your domain registration needs to contain the IP addresses for your nameservers as well as their names.
Code:
Domain servers in listed order:
ns4.babaei.net
ns3.babaei.net
ns2.babaei.net
ns1.babaei.net
Code:
$ dnscheck -c -r -v -z babaei.net
[ ] /usr/bin/dig +norecurse ns "babaei.net" "@a.root-servers.net"
[net] /usr/bin/dig +norecurse ns "babaei.net" "@h.gtld-servers.net"
+ babaei.net. IN NS ns1.babaei.net. (serial 0)
+ babaei.net. IN NS ns2.babaei.net. (serial 0)
+ babaei.net. IN NS ns3.babaei.net. (serial 0)
+ babaei.net. IN NS ns4.babaei.net. (serial 0)
[ ] /usr/bin/dig ns "babaei.net" "@localhost"
babaei.net (serial 0)
ns1.babaei.net -
ns2.babaei.net -
ns3.babaei.net -
ns4.babaei.net -
__________________
FreeBSD Forums: Information for New Members | FreeBSD Forums Rules FreeBSD Resources: The FreeBSD Handbook | Manuals | FAQ | Wiki Before you post: How to ask questions the smart way If you must know .. So, what does an Administrator/Moderator do? ---> Do not PM me with FreeBSD questions. I do not work here. <---
|
|
#3
January 22nd, 2010, 22:02
|
||||
|
||||
|
Thanks for the answer.
Well this is the first time I've heard of a glue records. but from what I read and understood the Glue Record is simply an IP: http://en.wikipedia.org/wiki/Domain_...d_glue_records http://faq.domainmonster.com/dns/glue_record/ I checked my Domain Panel on Directi and found each dns registered with an IP address (If I'm not wrong, a glue record). My ISP did that for me. I attached a pic that shows each dns and it's registered IP. The problem is my ISP's technical support does know nothing about BSD and usually they setup DNS's with web interfaces like CPANEL or Webmin. I'm not sure about my config files. Is the syntax and situation OK?? If I'll be sure the I can ask them for help (Maybe somethings on their side is wrong.). However thanks for responding.
|
|
#4
February 5th, 2010, 01:44
|
||||
|
||||
|
Finally it works:
I just changed everything to VPS IP itself: Code:
ns1 IN A 91.194.91.7 ns2 IN A 91.194.91.7 ns3 IN A 91.194.91.7 ns4 IN A 91.194.91.7 I also needed to change this line in /etc/namedb/named.conf Code:
// listen-on { 127.0.0.1; };
// Changed to:
listen-on { 91.194.91.7; };
I added /etc/rc.conf Code:
sendmail_enable="YES" Code:
error connecting to mail server port 25 : connection refused. I'm still waiting till DNS databases across the NET is updating. Code:
http://checkdns.net/quickcheck.aspx?domain=www.babaei.net&detailed=1 That's a shame!! They told me these IP's are authoritative for my domain, But it's not. I think these are my ISP's DNS Server, since I can browse them by a browser. I really don't know how they can handle this, But I'm happy for now.
|
|
#6
February 6th, 2010, 09:53
|
||||
|
||||
|
Quote:
Thanks for the tip. But as you can see here http://student.ing-steen.se/unix/named.conf.html it says: Quote:
Code:
allow-query { any; };
I also found this nice brief tip for securing bind: http://www.cyberciti.biz/tips/howto-...-dns-bind.html As a good security practice I'm going to try this.
|
|
#8
February 8th, 2010, 12:32
|
||||
|
||||
|
Well!!
I just listen to your advice and put allow-query for every zone in named.conf. If I use nameserver other than 91.194.91.7 in resolv.conf the DNS query failed. But with allow-query set to any now I can use any nameserver that I want in resolv.conf. tnx, for the advise.
|
|
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| FreeBSD-SA-10:01.bind | admin | News & Announcements | 0 | January 7th, 2010 00:10 |
| FreeBSD-SA-09:12.bind | admin | News & Announcements | 0 | July 29th, 2009 02:00 |
| FreeBSD-SA-09:04.bind | admin | News & Announcements | 0 | January 13th, 2009 23:51 |
| Bind 9.4.2 on Freebsd 6.3 reverts to Bind 9.3.4 | ITFCTECH | Web & Network Services | 4 | November 21st, 2008 17:17 |
| FreeBSD-SA-08:06.bind | admin | News & Announcements | 0 | July 13th, 2008 21:28 |
Linear Mode
