Solved

Configuring DNS

Posted on 2004-04-22
7
998 Views
Last Modified: 2012-08-14
Ok, here's my setup now:

I registered nucleardog.com with GoDaddy. I set up two hosts for nucleardog, ns1.nucleardog.com and ns2.nucleardog.com, both pointing to my IP, 24.72.35.15.

On that computer, I have bind running. I have two firewall openings on port 53, one for TCP one for UDP, since I'm not 100% sure which it runs on. Anyway, my problem is that dig is not reporting the correct ip for anything. It reports:

------------------------------------------
; <<>> DiG 9.2.1 <<>> nucleardog.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 14930
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;nucleardog.com.                        IN      A

;; Query time: 120 msec
;; SERVER: 204.83.142.2#53(204.83.142.2)
;; WHEN: Thu Apr 22 13:05:50 2004
;; MSG SIZE  rcvd: 32
------------------------------------------

I am fairly sure named is running:
[root@INSANITY root]# ps -Al | grep named
1 S    25  4138     1  0  85   0    -  2849 rt_sig ?        00:00:00 named
1 S    25  4141  4138  0  75   0    -  2849 schedu ?        00:00:00 named
5 S    25  4142  4141  0  75   0    -  2849 rt_sig ?        00:00:00 named
1 S    25  4143  4141  0  75   0    -  2849 schedu ?        00:00:00 named
1 S    25  4144  4141  0  75   0    -  2849 schedu ?        00:00:00 named

So, what is the problem here? My dns configuration files are all available at http://insanelands.selfhost.com/dns. I am trying to run a mail\web server. Obviously the DNS system and how it works is not one of my strong spots, so any help is appreciated.

Thanks,
Adam
0
Comment
Question by:TheASP
  • 2
  • 2
  • 2
  • +1
7 Comments
 

Author Comment

by:TheASP
ID: 10892594
Oops, forgot to mention that I set the name servers for nucleardog.com to ns1.nucleardog.com and ns2.nucleardog.com (I know you're supposed to have two seperate nameservers, but I have nowhere else to host the records).

Adam
0
 

Expert Comment

by:azharnizam
ID: 10895690
Asp ,

i`m also running on single dns server and it works fine. sorry to ask...are u having a prob on configuring the DNS server or the DNS server already configured but still having a problem?
0
 
LVL 13

Accepted Solution

by:
td_miles earned 455 total points
ID: 10895812
first step:
http://www.tldp.org/HOWTO/DNS-HOWTO.html

I had a look at your config files. I'm not sure if you need to add the line:
   allow-query { any;};
to your "nucleardog.com" zone section to make sure that it will answer queries.

restart the named daemon (service named restart) then look in /var/log/messages to make sure that it is starting up ok.

From a command prompt on you linux box, try the following command:
dig web.nucleardog.com @127.0.0.1
and see what you get (check the log again). I have run a portscan and your server is listening on port 53, so that part appears correct.

You have also specified the MX record for email to be "mail" which is fine, but you haven't defined an "A" record for the server "mail" anywhere. This won't be stopping things from working, but means that when thigns do work, you won't get email until you sort that out.

A good utility to check your zone file is "named-checkzone". If I run it against you zone file, it generates the following:
(I copied your zoen file to "nd.com")
===============
[/etc 12:47:50] # named-checkzone nucleardog.com /var/named/zone/nd.com
dns_master_load: /var/named/zone/nd.com:21: unknown RR type 'ns1'
dns_master_load: /var/named/zone/nd.com:22: unknown RR type 'ns2'
dns_master_load: /var/named/zone/nd.com:23: unknown RR type 'web'
dns_master_load: /var/named/zone/nd.com:26: unknown RR type 'www'
zone nucleardog.com/IN: loading master file /var/named/zone/nd.com: unknown class/type
===============

anyway, there are some starters for you...
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 

Expert Comment

by:azharnizam
ID: 10896832
Sorry because forgot to checked your configuration...but try look at http://www.experts-exchange.com/Networking/Linux_Networking/Q_20705680.html for configuring the dns server.This can be applied either internal or public DNS.Hope it can help..
0
 
LVL 4

Expert Comment

by:bobgunzel
ID: 10897392
ns1.nucleardog.com and ns2.nucleardog.com are NOT the name servers for the nucleardog.com domain. You can't just set up a name server and expect it to be found. Authority for nucleardog.com has to be specifically delegated to your name server. If you are the technical contact for nucleardog.com you can do it yourself at NETSOL - www.networksolutions.com - or you'll have to ask GoDaddy to do it for you.

Bob Gunzel
0
 
LVL 4

Expert Comment

by:bobgunzel
ID: 10897424
I don't think you have set up the name server correctly. host nucleardog.com 24.72.35.15 answers "Host nucleardog.com not found".
0
 

Author Comment

by:TheASP
ID: 10904543
Thank you td_miles!

Ok, here's how I fixed it:

named-checkzone reported that the file was bad, so did the log files (Why didn't I check those in the first place? Then again everything seems obvious in hindsight.). I went to the how-to you linked to and rewrote the zone file, rebooted named and it works now :) :) :)

That was really making me mad. Thanks a ton for helping with that.

(If I had more points I'd give you more)

ASP
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now