ping request could not find host. Please check the name and try again

sam kalinguappa
sam kalinguappa used Ask the Experts™
on
I bought A vps and somehow i configured the nameservers wrong ON CentsOS 7. so i installed the bind and followed the instructions on this link http://www.unixmen.com/setting-dns-server-centos-7/ . when i ssh the server and ping the host i get this result.<br/>
ping livedigix.us<br/>
PING livedigix.us (67.21.78.228) 56(84) bytes of data.<br/>
64 bytes from mail.livedigix.us (67.21.78.228): icmp_seq=1 ttl=64 time=0.024 ms<br/>
64 bytes from mail.livedigix.us (67.21.78.228): icmp_seq=2 ttl=64 time=0.053 ms<br/>
64 bytes from mail.livedigix.us (67.21.78.228): icmp_seq=3 ttl=64 time=0.052 ms<br/>
64 bytes from mail.livedigix.us (67.21.78.228): icmp_seq=4 ttl=64 time=0.047 ms<br/>
64 bytes from mail.livedigix.us (67.21.78.228): icmp_seq=5 ttl=64 time=0.276 ms<br/>
64 bytes from mail.livedigix.us (67.21.78.228): icmp_seq=6 ttl=64 time=0.053 ms<br/>
64 bytes from mail.livedigix.us (67.21.78.228): icmp_seq=7 ttl=64 time=0.073 ms<br/>
64 bytes from mail.livedigix.us (67.21.78.228): icmp_seq=8 ttl=64 time=0.047 ms<br/>
64 bytes from mail.livedigix.us (67.21.78.228): icmp_seq=9 ttl=64 time=0.054 ms<br/>


and when i check the nslookup i get this result while sshing the server.<br/>
nslookup livedigix.us<br/>
Server:         67.21.78.228<br/>
Address:        67.21.78.228#53<br/>
<br/>
Name:   livedigix.us<br/>
Address: 67.21.78.228<br/>
<br/>
my named.conf file consist this<br/>
<br/>
//<br/>
// named.conf<br/>
//<br/>
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS<br/>
// server as a caching only nameserver (as a localhost DNS resolver only).<br/>
//<br/>
// See /usr/share/doc/bind*/sample/ for example named configuration files.<br/>
//<br/>
// See the BIND Administrator's Reference Manual (ARM) for details about the<br/>
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html<br/>
<br/>
options {<br/>
      listen-on port 53 { 127.0.0.1; 67.21.78.228; };<br/>
      listen-on-v6 port 53 { ::1; };<br/>
      directory       "/var/named";<br/>
      dump-file       "/var/named/data/cache_dump.db";<br/>
      statistics-file "/var/named/data/named_stats.txt";<br/>
      memstatistics-file "/var/named/data/named_mem_stats.txt";<br/>
      allow-query     { localhost; 67.21.78.0/24; };<br/>
        allow-transfer{ localhost; 67.21.78.228; }; <br/>
      /* <br/>
       - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.<br/>
       - If you are building a RECURSIVE (caching) DNS server, you need to enable
         recursion. <br/>
       - If your recursive DNS server has a public IP address, you MUST enable access <br/>
         control to limit queries to your legitimate users. Failing to do so will
         cause your server to become part of large scale DNS amplification
         attacks. Implementing BCP38 within your network would greatly
         reduce such attack surface <br/>
      */<br/>
      recursion yes;<br/>

      dnssec-enable yes;<br/>
      dnssec-validation yes;<br/>
<br/>
      /* Path to ISC DLV key */<br/>
      bindkeys-file "/etc/named.iscdlv.key";<br/>
<br/>
      managed-keys-directory "/var/named/dynamic";<br/>
<br/>
      pid-file "/run/named/named.pid";<br/>
      session-keyfile "/run/named/session.key";<br/>
};<br/>

logging {<br/>
        channel default_debug {<br/>
                file "data/named.run";<br/>
                severity dynamic;<br/>
        };<br/>
};<br/>
<br/>
zone "livedigix.us" IN {<br/>
type master;<br/>
file "forward.livedigix";<br/>
allow-update { none; };<br/>
};<br/>
zone "78.21.67.in-addr.arpa" IN {<br/>
type master;<br/>
file "reverse.livedigix";<br/>
allow-update { none; };<br/>
};<br/>

<br/>

<br/>
include "/etc/named.rfc1912.zones";<br/>
include "/etc/named.root.key";<br/>

<br/>
<br/>
and the forward.livedigix file consist of this <br/>
vi /var/named/forward.livedigix<br/>
<br/>
$TTL 86400<br/>
@   IN  SOA     ns1.livedigix.us. root.livedigix.us. (<br/>
        2011071001  ;Serial<br/>
        3600        ;Refresh<br/>
        1800        ;Retry<br/>
        604800      ;Expire<br/>
        86400       ;Minimum TTL<br/>
)<br/>
@       IN  NS          ns1.livedigix.us.<br/>
@       IN  NS          ns2.livedigix.us.<br/>
@       IN  A           67.21.78.228<br/>
@       IN  A           67.21.78.228<br/>
<br/>
and reverse.livedigix file consist of this<br/>
vi /var/named/reverse.livedigix<br/>
$TTL 86400<br/>
@   IN  SOA     ns1.livedigix.us. root.livedigix.us. (<br/>
        2011071001  ;Serial<br/>
        3600        ;Refresh<br/>
        1800        ;Retry<br/>
        604800      ;Expire<br/>
        86400       ;Minimum TTL<br/>
)<br/>
@       IN  NS          ns1.livedigix.us.<br/>
@       IN  NS          ns2.livedigix.us.<br/>
@       IN  PTR         livedigix.us.<br/>
ns1     IN  A           67.21.78.228<br/>
ns2     IN  A           67.21.78.228<br/>
<br/>
228     IN  PTR         ns1.livedigix.us.<br/>
228     IN  PTR         ns2.livedigix.us.<br/>
<br/>
and i have my domain registered with godaddy. i updated the nameserver ns1.livedigix.us and ns2.livedigix.us<br/>
<br/>
but when i ping through any cmd without sshing<br/>
i get this error :<br/>
<br/>
admin@admin-PC ~<br/>
$ nslookup livedigix.us<br/>
*** UnKnown can't find livedigix.us: Server failed<br/>
Server:  UnKnown<br/>
Address:  192.168.1.1<br/>
<br/>
and when i ping the server i get this :<br/>
admin@admin-PC ~<br/>
$ ping livedigix.us<br/>
Ping request could not find host livedigix.us. Please check the name and try again.<br/>
<br/>
and yes i have created two host name on godaddy with ns1 and ns2. and pointed it to the ip address.<br/>
All i am trying is to point the domain to the vps. I am a newbie and i dont know where is the probelm. Any help would be appreciated. Thanks<br/>
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2014

Commented:
Please don't cut and past text with HTML control codes in it.  It makes it very difficult to read.

Don't work on the reverse setup (PTR) until you have forward setup done.  In fact my guess is you will NEVER get the reverse setup done.  Unless you have at least a /24 allocated to you most ISP's will not delegate PTR zones to you.

As for the forward setup, it most likely works on your VPS host because you are pointing it to itself for DNS lookup and your DNS configuration is technically correct.

The problem is that the Internet does not know how to find you for DNS lookups.  You can't point your NS records to host names that are within your own domain.  Why?  Because I don't know what IP address to send the query to for ns1.livedigix.us in order to lookup ns1.livedigix.us.

I think you need to following these directions to get your domain name setup correctly within GoDaddy and on the Internet.

https://www.godaddy.com/help/find-my-websites-nameservers-6795
sorry for the html tags i will keep that in mind. what i understand from your answer is if i update the namserver ns1.livedigix.us and ns2.livedigix.us on another domain e.g, livedigix.info it will work. I have visited the link you mentioned and i think i have followed the steps. correct me if i am wrong. Thanks for your precious help but still i have n0t much idea what to do next. anyways i have updated the nameservers on another domain.
nociSoftware Engineer
Distinguished Expert 2018

Commented:
For the domain godaddy has a delegation created from the .us zone.... to theirs[ when you setup the domain name with them ], you need to add the NS (delegation) RR's to your DNS server in GoDaddies DNS system.
see other description.

Also note that NS1 & NS2 need to have different IP's..., if you need an extra DNS server, checkout ZONEEDIT. (or your favorite DNS hoster).
Angular Fundamentals

Learn the fundamentals of Angular 2, a JavaScript framework for developing dynamic single page applications.

i think i have similar problem like this    https://www.experts-exchange.com/questions/29012611/Centos-7-DNS-server-not-replying-to-clients.html    but i am not sure how to add dns to public zone. Googled about this but i found nothing relevant.  I have changed the dnnsec permission to no in named.conf.

BTW i have checked if the server IP is resolving the dns.  Below is the result

[root@mail ~]# dig @livedigix.us. @67.21.78.228

; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.2 <<>> @livedigix.us. @67.21.78.228
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25718
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 27

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;.                              IN      NS

;; ANSWER SECTION:
.                       517117  IN      NS      c.root-servers.net.
.                       517117  IN      NS      f.root-servers.net.
.                       517117  IN      NS      b.root-servers.net.
.                       517117  IN      NS      m.root-servers.net.
.                       517117  IN      NS      l.root-servers.net.
.                       517117  IN      NS      j.root-servers.net.
.                       517117  IN      NS      k.root-servers.net.
.                       517117  IN      NS      d.root-servers.net.
.                       517117  IN      NS      i.root-servers.net.
.                       517117  IN      NS      g.root-servers.net.
.                       517117  IN      NS      e.root-servers.net.
.                       517117  IN      NS      a.root-servers.net.
.                       517117  IN      NS      h.root-servers.net.

;; ADDITIONAL SECTION:
h.root-servers.net.     603517  IN      A       198.97.190.53
h.root-servers.net.     603517  IN      AAAA    2001:500:1::53
a.root-servers.net.     603517  IN      A       198.41.0.4
a.root-servers.net.     603517  IN      AAAA    2001:503:ba3e::2:30
b.root-servers.net.     603517  IN      A       192.228.79.201
b.root-servers.net.     603517  IN      AAAA    2001:500:84::b
e.root-servers.net.     603517  IN      A       192.203.230.10
e.root-servers.net.     603517  IN      AAAA    2001:500:a8::e
i.root-servers.net.     603517  IN      A       192.36.148.17
i.root-servers.net.     603517  IN      AAAA    2001:7fe::53
g.root-servers.net.     603517  IN      A       192.112.36.4
g.root-servers.net.     603517  IN      AAAA    2001:500:12::d0d
c.root-servers.net.     603517  IN      A       192.33.4.12
c.root-servers.net.     603517  IN      AAAA    2001:500:2::c
f.root-servers.net.     603517  IN      A       192.5.5.241
f.root-servers.net.     603517  IN      AAAA    2001:500:2f::f
l.root-servers.net.     603517  IN      A       199.7.83.42
l.root-servers.net.     603517  IN      AAAA    2001:500:9f::42
m.root-servers.net.     603517  IN      A       202.12.27.33
m.root-servers.net.     603517  IN      AAAA    2001:dc3::35
j.root-servers.net.     603517  IN      A       192.58.128.30
j.root-servers.net.     603517  IN      AAAA    2001:503:c27::2:30
k.root-servers.net.     603517  IN      A       193.0.14.129
k.root-servers.net.     603517  IN      AAAA    2001:7fd::1
d.root-servers.net.     603517  IN      A       199.7.91.13
d.root-servers.net.     603517  IN      AAAA    2001:500:2d::d

;; Query time: 0 msec
;; SERVER: 67.21.78.228#53(67.21.78.228)
;; WHEN: Wed Apr 05 10:35:36 EDT 2017
;; MSG SIZE  rcvd: 811


and then,


[root@mail ~]# dig livedigix.us. @l.root-servers.net

; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.2 <<>> livedigix.us. @l.root-servers.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65303
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 6, ADDITIONAL: 10
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;livedigix.us.                  IN      A

;; AUTHORITY SECTION:
us.                     172800  IN      NS      a.cctld.us.
us.                     172800  IN      NS      b.cctld.us.
us.                     172800  IN      NS      c.cctld.us.
us.                     172800  IN      NS      e.cctld.us.
us.                     172800  IN      NS      f.cctld.us.
us.                     172800  IN      NS      k.cctld.us.

;; ADDITIONAL SECTION:
a.cctld.us.             172800  IN      A       156.154.124.70
b.cctld.us.             172800  IN      A       156.154.125.70
c.cctld.us.             172800  IN      A       156.154.127.70
e.cctld.us.             172800  IN      A       156.154.126.70
f.cctld.us.             172800  IN      A       209.173.58.70
k.cctld.us.             172800  IN      A       156.154.128.70
b.cctld.us.             172800  IN      AAAA    2001:502:ad09::29
f.cctld.us.             172800  IN      AAAA    2001:500:3682::11
k.cctld.us.             172800  IN      AAAA    2001:503:e239::3:1

;; Query time: 171 msec
;; SERVER: 199.7.83.42#53(199.7.83.42)
;; WHEN: Wed Apr 05 10:38:00 EDT 2017
;; MSG SIZE  rcvd: 323


and ;


[root@mail ~]# dig livedigix.us. @a.cctld.us

; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.2 <<>> livedigix.us. @a.cctld.us
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31138
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 3
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;livedigix.us.                  IN      A

;; AUTHORITY SECTION:
LIVEDIGIX.us.           7200    IN      NS      NS2.LIVEDIGIX.us.
LIVEDIGIX.us.           7200    IN      NS      NS1.LIVEDIGIX.us.

;; ADDITIONAL SECTION:
NS1.LIVEDIGIX.us.       7200    IN      A       67.21.78.228
NS2.LIVEDIGIX.us.       7200    IN      A       67.21.68.26

;; Query time: 5 msec
;; SERVER: 156.154.124.70#53(156.154.124.70)
;; WHEN: Wed Apr 05 10:38:52 EDT 2017
;; MSG SIZE  rcvd: 119

the server ip is pointing to the namservers. but i dont know if i do nslookup from command from without sshing ofcourse, i get timed out error  and request to unknow timed out. like this

$ nslookup livedigix.us
*** Request to UnKnown timed-out
Server:  UnKnown
Address:  192.168.1.1

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.

still i  have no idea whats wrong.
Software Engineer
Distinguished Expert 2018
Commented:
First leave DNSSEC alone until you got basic DNS working. Then first look into the howto of signing zones etc. like in OpenDNSSEC or product like that to alleviate the regular returning tasks of updating stuff.... and DNSSEC only works if the parent zone get signed as well. (is .us DNSSEC signed?)...

Ok now look what you allow for queries: It works inside because you allow for that...

  allow-query     { localhost; 67.21.78.0/24; };
Besides this network and localhost, no one is allowed to query your server..... you may need to allow others to query your server.
if 192.168.1.1 is locally attached to that server it is also NOT allowed, if that is from a remote site then your public IP address will query your server.
If you have a VPN then 192.168.1.0/24 (and for local as well) may need to be added as well to the allowed list.


I think you can edit your Q still, could you update the DNS Config or paste it without HTML?

Author

Commented:
thanks noci. i think i dont need to post the question anymore.  you were right, i changed the localhost to any in the named.conf and it worked. woahhhhhhhhh!!!!!!

Author

Commented:
Thanks for the help. noci's solution worked like a charm.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial