Another DNS "I can't..." Thread

I've been browsing through a lot of forums now looking for solutions to problems similar to my own, so hopefully I'll cover and explain everything I need to in this first post, but let me know what more information you'd like or other tests you'd like me to run.

My Goal: To set up a DNS server in my home for an Apache web server, an ftp server, and a mail server. I would also like for my LAN clients (Windows) to be able to see/communicate with the (Linux) server.

My Network Setup:

Internet ---> Router ---> Other Windows Machines
---------------------|
---------------------|---> Switch ---> Linux Machine
-----------------------------------|---> Windows Machine
-------------------------------------------("paul-desk")

Internet:
IP Address: 68.14.19.214
Domain: ri.cox.net
DNS Servers: 68.105.28.12, 68.105.29.12, 68.105.28.11

Router:
Subnet Mask: 255.255.255.0
Local Gateway: 192.168.1.1

Linux Machine: (to be: primary DNS, web, mail, and ftp)
Local IP Address: 192.168.1.111

Windows Machine "paul-desk": (to be: slave DNS, client)
Local IP Address: 192.168.1.110
Preferred DNS server: 68.105.28.11
Alternate DNS server: 68.105.29.12

Other Windows Machines: (to be: clients)
Local IP Address: 192.168.1.1xx
Preferred DNS server: 68.105.28.11
Alternate DNS server: 68.105.29.12

***

I have already purchased and registered the domain "table-82.info" from go-daddy.com, told them I will be not be using their DNS services, and I've also registered with them the following hosts and IP Addresses:

ns1 : 68.14.19.214
ns2 : 68.14.19.214

***

My Configurations:

/etc/hosts

Code:

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1	localhost.localdomain	localhost	localhost
192.168.1.111	localhost.localdomain 	localhost
192.168.1.110	paul-desk.localdomain	paul-desk

/etc/resolv.conf

Code:

domain localdomain

search ri.cox.net
nameserver 68.105.28.11
nameserver 68.105.29.12
nameserver 68.105.28.12

search table-82.info
nameserver 192.168.1.110
nameserver 192.168.1.111
nameserver 127.0.0.1

/var/named/chroot/etc/named.conf

Code:

//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver 
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on 
// caching-nameserver package upgrade.
//

options {
	directory 	"/var/named";
	dump-file 	"/var/named/data/cache_dump.db";
       statistics-file "/var/named/data/named_stats.txt";
};

acl "mylan" {
	127/8; 192.168.1.1/24;
};

controls {
	inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

view "inside" {
	match-clients { "mylan"; };
	recursion yes;

	zone "." IN {
	type hint;
	file "named.ca";
	};

	zone "1.168.192.in-addr.arpa" IN {
	type master;
	file  "yourlan.db";
	};

	zone "table-82.info" {
	type master;
	file "db.table-82.info.inside";
	allow-transfer { 192.168.1.110; };
	 };
};

view "outside" {
	match-clients { any; };
	recursion no;

	zone "." IN {
	type hint;
	file "named.ca";
	};

	zone "table-82.info" {
	type master;
	file "db.table-82.info.outside";
	allow-transfer { 68.14.19.214; };
	 };
};

include "/etc/rndc.key";

/var/named/chroot/var/named/db.table-82.info.inside

Code:

$TTL	86400
@	IN	SOA	table-82.info.	hostmaster.table-82.info. (
					2008081002	; Serial
					28800		; Refresh
					14400		; Retry
					3600000		; Expire
					86400 )		; Minimum
; Name Servers
		IN	NS	ns1.table-82.info.
		IN	NS	ns2.table-82.info.

; Mail server for domain
		IN	MX 10	mail.table-82.info.

; Public Servers
ns1		IN	A	192.168.1.111
ns2		IN	A	192.168.1.110
mail		IN	A	68.14.19.214
www		IN	A	68.14.19.214
ftp		IN	A	68.14.19.214

; Private clients on the LAN
paul-desk	IN	A	192.168.1.110

; EOF

/var/named/chroot/var/named/db.table-82.info.outside

Code:

$TTL	86400
@	IN	SOA	table-82.info.	hostmaster.table-82.info. (
					2008081002	; Serial
					28800		; Refresh
					14400		; Retry
					3600000		; Expire
					86400 )		; Minimum
; Name Servers
		IN	NS	ns1.table-82.info.
		IN	NS	ns2.table-82.info.

; Mail server for domain
		IN	MX 10	mail.table-82.info.

; Public Servers
ns1		IN	A	68.14.19.214
ns2		IN	A	68.14.19.214
mail		IN	A	68.14.19.214
www		IN	A	68.14.19.214
ftp		IN	A	68.14.19.214

; EOF

/var/named/chroot/var/named/yourlan.db

Code:

$TTL	86400
@	IN	SOA	ns1.table-82.info	hostmaster.table-82.info. (
						2008081902	; Serial
						28800		; Refresh
						14400		; Retry
						3600000		; Expire
						86400 )		; Minimum
	IN	NS	ns1.table-82.info.
111	IN	PTR	table-82.info.
111	IN	PTR	ftp.table-82.info.
111	IN	PTR	www.table-82.info.
110    IN      PTR     paul-desk.table-82.info.

; EOF

My Tests:

# dig @localhost table-82.info

# dig @localhost www.table-82.info

# host paul-desk

# service httpd status

# /etc/init.d/named status

# nslookup -sil table-82.info

# nslookup -sil www.table-82.info

***

Being very new at this specific DNS stuff, I've been following the book that came with my installation of Fedora 8 fairly closely (though its example is very different from my setup/goal), as well as random suggestions posted in other forums for problems similar to mine with no clue as to whether it could help me or was even relevant.

As things are, on the Linux machine, I can view both internet websites (ex. google.com ...after a long "Looking up host") as well as my own table-82 site (http://localhost/ ...but NOT via http://www.table-82.info)

On the Windows machine, I can view internet websites (ex. google.com), but not the table-82 site.

At one point, I had things set up so that the Linux machine could view the table-82 both ways, the nslookups and host queries returned as they should have, but could not get online to view any outside site.

No LAN client has ever been able to view the table-82 site, but can always view outside sites.

If anyone has any suggestions, comments, or requests for other test results, let me know - I will do my best to accommodate as I would like to solve this very much.

 

If you have static Ip's with cox do this...

Internet-----> Switch----> Apache box
|
|---->Router----->Windows LAN

This configuration work for me while cox was ISP, I used to have 8 IPs with cox one for each Server(Primary DNS, slave DNS, WWW, email and Windows 2000 server with MSQL).

If you do not have static ips verify that port 53 is open on your router and do disable anonymously request.

 

What does "traceroute www.table-82.info"

return from outside and inside ?

 

aberrio:

By "Internet" I mean more specifically my modem, in which the coax cable from cox comes in, and 1 LAN cable can come out. The closest I could come to your diagram would be the following:

Internet ---> Switch ---> Linux Machine
---------------------|
---------------------|---> Router ---> Windows LAN (including
--------------------------------------------"paul-desk")

chipsafts:

Inside (from Linux Machine):

# tracert www.table-82.info

Outside (from "paul-desk"):

C:\> tracert www.table-82.info

 

did you change ns1 and ns2 with your registar? NS! and NS@ has to point to your DNS server.

 

seems to fine now

tracert www.table-82.info
traceroute to www.table-82.info (67.215.66.132), 30 hops max, 40 byte packets
[...]
15 hit-servfail.opendns.com (67.215.66.132) 275.966 ms 262.612 ms 262.570 ms


My guess would be the NS records hadn't propagated.

 

chipsafts:

What exactly do your results from traceroot mean? If the NS records have propagated, why can't I view the website outside of the machine? Nor the site using the address "www.table-82.info" on the machine itself? So far, still, only on the Linux machine can I see it and only by using "http://localhost/".


aberrio:

Is that not what you mean?

 

Someplace I didn't think to look for errors would be in how I've configured my router. Having a linksys router, is there anything in particular I should make sure I have set up correctly? Something I may have overlooked or not thought of to change from default?

 

Code:

mh1:~# dig ns table-82.info

; <<>> DiG 9.3.4 <<>> ns table-82.info
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 57541
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;table-82.info.                 IN      NS

;; Query time: 483 msec
;; SERVER: 145.253.2.75#53(145.253.2.75)
;; WHEN: Sat Aug 16 12:17:06 2008
;; MSG SIZE  rcvd: 31

mh1:~#

Did you tell your registrar that you want to use ns1.table-82.info and ns2.table-82.info as the name servers for table-82.info?

Did you create a glue record? http://en.wikipedia.org/wiki/Domain_Name_System#Circular_dependencies_and_glue_records

Did you open port 53 TCP and UDP on your router?

 

falko:

Yes, I set my nameservers with godaddy.com to be ns1.table-82.info and ns2.table-82.info.

Yes, port 53 is open for both UDP and TCP for 192.168.1.111 .

I, however, don't know much about glue records. I will do some research, and figure out what I can and how I can apply it. In the meantime, I'm going to see what happens if I try to set up the various servers that I need on the one Linux machine as separate and virtual.

 

Ask GoDaddy to set up a glue record for you. It might be possible to do this through their web interface. Here's an example (it's another registrar, but should give you the idea): http://www.howtoforge.com/ispconfig_dns_providerdomain_schlund

 

falko:

I don't see anything on their web-interface about glue records, perhaps I'll give them a call.

In the meantime, with some tinkering, I can now view my stand-in webpage (/index.html) by using the address "http://www.table-82.info" on the host (Linux) machine.

Also, on the site you linked me to, is actually another link for a godaddy-specific setup . I'll see if that can help me.

 

That tutorial has nothing about glue records.

 

So I found . Anyways, from what I could gather from the other tutorial, don't I already have my glue record in my /db.table-82.info.outside file?

/var/named/chroot/var/named/db.table-82.info.outside

Code:

$TTL	86400
@	IN	SOA	table-82.info.	hostmaster.table-82.info. (
					2008081002	; Serial
					28800		; Refresh
					14400		; Retry
					3600000		; Expire
					86400 )		; Minimum
; Name Servers
		[COLOR="Red"]IN	NS	ns1.table-82.info.[/COLOR]
		IN	NS	ns2.table-82.info.

; Mail server for domain
		IN	MX 10	mail.table-82.info.

; Public Servers
[COLOR="Red"]ns1		IN	A	68.14.19.214[/COLOR]
ns2		IN	A	68.14.19.214
mail		IN	A	68.14.19.214
www		IN	A	68.14.19.214
ftp		IN	A	68.14.19.214

; EOF

 

No, that doesn't help. Outside nameservers try to look up ns1.table-82.info which is in the table-82.info zone, but that zone is defined on ns1.table-82.info for which the other name server still doesn't know the IP address. Therefore you need a glue record.