Dear All I have a CentOS 6.3 machine. I am trying to setup DNS BIND setup in that machine. It is having a static global IP. I have done lot of reading , google search and tried all possible option, but still not able to resolve the issue.
My named.conf looks as below.
* * * // named.conf // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. //
options { listen-on port 53 { 127.0.0.1; 10.0.0.1; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; query-source address * port 53; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; 10.0.0.1/24; 10.0.0.254/24; }; recursion yes; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto;
/* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic"; };
logging { channel default_debug { file "data/named.run"; severity dynamic; }; };
zone "." IN { type hint; file "named.ca"; };zone "netcloudjobs.com" { type master; file "netcloudjobs.com.fwd"; allow-update { none; }; };
zone "189.201.173.in-addr.arpa" { type master; file "netcloudjobs.com.rev"; allow-update { none; }; };
include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; * Next my forward zone file looks as below * $TTL 86400 @ IN SOA ns1.netcloudjobs.com. root.netcloudjobs.com. ( 2021071001 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL )
@ IN NS ns1.netcloudjobs.com. @ IN NS ns2.netcloudjobs.com.
ns1 IN A 173.201.189.43 ns2 IN A 173.201.189.43 * And my reverse zone file looks as
*$TTL 86400 @ IN SOA ns1.netcloudjobs.com. root.netcloudjobs.com. ( 2021071001 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL )
@ IN NS ns1.netcloudjobs.com. @ IN NS ns2.netcloudjobs.com. ns1 IN A 173.201.189.43 ns2 IN A 173.201.189.43 43 IN PTR ns1.netcloudjobs.com. 44 IN PTR ns2.netcloudjobs.com. * I hope I am doing something wrong with configuration. I have done this since more than 60 hours. Still I am not able to resolve ns1.netcloudjobs.com.
Can somebody help here.
Best Regards Austin
On Sun, 2013-03-10 at 17:27 +0530, Austin Einter wrote:
Austin,
What is the DNS server that you are pointing to in /etc/resolv.conf
My registrar is Godad.com, looks they have registered nameservers ns1.netcloudjobs.com and ns2.netcloudjobs.com Now I am able to resolve to ns1.netcloudjobs.com I have only 1 IP address that x.x.x.43 , so I can not use x.x.x.44
From my dedicated server, if I ping to www.netcloudjobs.com , it says
*[root@ip-173-201-189-43 named]# ping www.netcloudjobs.com PING www.netcloudjobs.com (173.201.189.43) 56(84) bytes of data. ^C --- www.netcloudjobs.com ping statistics --- 3 packets transmitted, 0 received, 100% packet loss, time 2217ms*
But if ping to netcloudjobs.com, it says
[root@ip-173-201-189-43 named]#
*[root@ip-173-201-189-43 named]# ping netcloudjobs.com ping: unknown host netcloudjobs.com [root@ip-173-201-189-43 named]# * My corresponding zone file looks as below * * *[root@ip-173-201-189-43 named]# vi netcloudjobs.com.fwd $TTL 86400 @ IN SOA ns1.netcloudjobs.com. root.netcloudjobs.com. ( 2041071002 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL )
@ IN NS ns1.netcloudjobs.com. @ IN NS ns2.netcloudjobs.com. @ IN MX 0 mail.netcloudjobs.com.
ns1 IN A 173.201.189.43 ns2 IN A 173.201.189.43 www IN A 173.201.189.43 mail IN A 173.201.189.43 ~ * Can somebody kindly tell me what I need to do so that, from my dedicated server I can ping to netcloudjobs.com
Best regards Austin
On Sun, Mar 10, 2013 at 6:47 PM, Robert Moskowitz rgm@htt-consult.comwrote:
Hi Austin,
since your A record is fine and can be resolved, the issue is obviously not BIND related but lies somewhere in your network/firewall configuration.
The last address that is visible in the tracereoute output from here is
15 ip-208-109-113-174.ip.secureserver.net (208.109.113.174) 163.811 ms 163.984 ms 164.166 ms
so the issue must be somewhere between 208.109.113.174 and 173.201.189.43. Another IP (probably another customer of GoDaddy) in your /24 range is directly connected to 208.109.113.174 which makes it likely to be your next hop as well:
15 ip-208-109-113-174.ip.secureserver.net (208.109.113.174) 178.314 ms 165.344 ms 165.293 ms 16 ip-173-201-189-1.ip.secureserver.net (173.201.189.1) 164.007 ms 163.767 ms 163.820 ms
So probably the issue is in your router setup (packet filters and/or NAT, if applicable) or in the configuration of your own machine (iptables?).
Regards,
Peter.
Put this in a zone file: netcloudjob.com. IN A 173.201.189.43
Just after a MX line 10 mar 2013 14:51, "Austin Einter" austin.einter@gmail.com napisał(a):
On 10.03.2013, at 16:14, Arek Czereszewski arekczer@gmail.com wrote:
Austin already did that, and it doesn't help.
The name can already be resolved, and the address cannot be pinged either. I checked before I replied.
Am 10.03.2013 16:34, schrieb Peter Eckel:
Yes it does. The name can now be resolved.
The name can already be resolved,
Only since he added the A RR.
and the address cannot be pinged either. I checked before I replied.
That's a separate problem, and has nothing to do with BIND. What's more, given the complete lack of information about the network topology and involved components, we cannot even guess what may be the issue here. Routing? Firewall? NAT? Hardware? Everything's possible.
Dear All Thanks for great support.
Now the issue is completely resolved.
I had to add "netcloudjob.com http://netcloudjob.com. IN A 173.201.189.43" line in forward zone file. (As suggested by Arzek)perly.
Now from remote locations we are able to ping to www.netcloudjobs.com and netcloudjobs.com .
Thanks a lot all.
Best Regards Austin
On Mon, Mar 11, 2013 at 5:05 AM, Tilman Schmidt < t.schmidt@phoenixsoftware.de> wrote:
Am 10.03.2013 14:50, schrieb Austin Einter:
It seems you already fixed that and just forgot to tell the list.
This zone file does not contain an A RR for netcloudjobs.com itself, but if I dig netcloudjobs.com now I do get one. So obviously you have added it it the meantime.
Can somebody kindly tell me what I need to do so that, from my dedicated server I can ping to netcloudjobs.com
Generally speaking: 1. fix the name resolution (you already did that) 2. fix the network connectivity and/or firewall issues preventing your ping packets from getting through
HTH T.
Am 10.03.2013 12:57, schrieb Austin Einter:
After reading the entire thread I am still not sure what your actual issue is. I can only guess some name resolution is not working as expected.
Please state: - From which machine are you trying to resolve? - Which name are you trying to resolve? - Which result are you expecting? - Which result do you get?
In the meantime, a few comments on your config.
options { listen-on port 53 { 127.0.0.1; 10.0.0.1; };
That doesn't look right. You said your machine has a public IP address but you make it listen on a private IP address and localhost only.
listen-on-v6 port 53 { ::1; };
That doesn't look right either. If your machine does IPv6, why have it listen only on localhost? If it doesn't, why have it listen on IPv6 at all?
allow-query { localhost; 10.0.0.1/24; 10.0.0.254/24; };
This doesn't look right at all. Neither 10.0.0.1 nor 10.0.0.254 are compatible with a /24 netmask.
I don't think it's a good idea to activate DNSSEC before you have the basics running.
It's very strange to declare two nameservers with the same address. Why put in ns2 in the first place if it's actually the same machine as ns1? That doesn't make sense.
And my reverse zone file looks as
These entries are wrong here. Simple explanation: A RRs belong in the forward zone, not the reverse zone. Complex explanation: The RRs you actually create by this look like this:
ns1.189.201.173.in-addr.arpa. IN A 173.201.189.43 ns2.189.201.173.in-addr.arpa. IN A 173.201.189.43
43 IN PTR ns1.netcloudjobs.com. 44 IN PTR ns2.netcloudjobs.com.
You have a forward/reverse mismatch here. Your reverse zone resolves 173.201.189.44 to ns2.netcloudjobs.com but your forward zone resolves that to 173.201.189.43 instead of 173.201.189.44.
I am:
[ts@dns01 ~]$ host ns1.netcloudjobs.com ns1.netcloudjobs.com has address 173.201.189.43 [ts@dns01 ~]$
Looks fine to me. So again, please state from where you are trying the resolution, which result you expect and which result you get.
-
Arek Czereszewski -
Austin Einter -
Earl Ramirez -
Peter Eckel -
Robert Moskowitz -
Tilman Schmidt