DNS and ISPConfig

I'm at a loss of what to do here. I have posted in two other forums, then I thought that I should go to the ISPConfig support forums...

Anyhow, I have my server in a DMZ of my router right now, the ISPConfig firewall active on it. The firewall is disabled on the router, and for added assurance, I have port forwarded all needed port (80, 81, 53, 22, 21, etc) to the server.

The first weird thing, after changing the nameserver address from NS2 to NS, the server doesn't respond to NS. NS2 and NS3 points to a zoneedit nameserver set to copy NS.SERENITY-TECH.COM

Now... everytime I query the server directly, I get a SERVFAIL.

So what do I need to give you in order for someone more advance in this can help me troubleshoot this? NS.SERENITY-TECH.COM is the nameserver, fireflythemud.com is hosted on it as well as the serenity-tech.com IP's and all.

Also, should the A records be the 192.168 address or my ISP's IP? I figured it wouldn't help anyone outside of the LAN to be resolving sites to 192 addresses, so I changed it all from the 192 to the 69 address.

Tell me what I need, and you will receive.

Thanks in advance,
Demortes

 

Since I posted, I have upgraded to the latest version of ISPConfig.

Also, something that might help, NS.SERENITY-TECH.COM forwards as a website... but the domain that ISPconfig tells me is test.serenity-tech.com

So what now?

I use Godaddy for the NS registering, etc.

 

BIND9 configuration files.

It seems that the BIND9 configuration files are not being written correctly by ISPConfig.

There are a bunch of ;'s before what I believe are comments. When I get home, I will post more on this, but is this a known issue, or something unique to me?

 

You must use public IP addresses if you want people form outside your LAN to access your web sites.

Did you add NS.SERENITY-TECH.COM as a Co-Domain to the test.serenity-tech.com web site in ISPConfig?

Do you see any BIND error messages in your logs?

There's a problem with the name servers for SERENITY-TECH.COM:

Code:

mh1:~# dig ns SERENITY-TECH.COM

; <<>> DiG 9.2.1 <<>> ns SERENITY-TECH.COM
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 3602
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;SERENITY-TECH.COM.             IN      NS

;; Query time: 1945 msec
;; SERVER: 213.191.92.84#53(213.191.92.84)
;; WHEN: Sun Mar 25 15:13:34 2007
;; MSG SIZE  rcvd: 35

Do you want NS.SERENITY-TECH.COM to host DNS records for SERENITY-TECH.COM? Then you need a glue record: http://en.wikipedia.org/wiki/Dns#Circular_dependencies_and_glue_records

 

Glue record? Wikipedia doesn't say anything about how to set it up. However, I figured GoDaddy took my IP address for this reason. I set it up to point ns.serenity-tech.com to my public IP address, port forwarded 53 to the server... however, you still get SERVFAIL.

When I do a named-checkconf on the pri.serenity-tech.com file it gives me a bunch of syntax errors. At that time, it was unedited by me. After that, I tried changing all the ;'s to //'s, cause comments were being preceded by ;'s.

Also, I realized that test.serenity-tech.com was still active, but since I no longer had a host, I was making this live, I deleted test.serenity-tech.com. (Little traffic to lose, if any) After this, I will be using a virtual machine to test changes before making them live...

Something else I find interesting. When I go to my servers internal IP address, it defaults to the first page created and still active, in this case catalog.serenity-tech.com. Obviously, I don't get images, since the href tags refer to serenity-tech.com, etc.

 

Thought I'd toss this GoDaddy information for hosts:
NS.SERENITY-TECH.COM
69.92.133.71
Last Updated: 3/23/2007

NS2.SERENITY-TECH.COM
216.122.7.155
Last Updated: 3/23/2007

NS3.SERENITY-TECH.COM
206.55.124.4
Last Updated: 3/23/2007

Just to verify that it is set up right...

 

named-checkconf returns these errors:
pri.serenity-tech.com:1: unknown option '$TTL'
pri.serenity-tech.com:3: unknown option 'serial,'
pri.serenity-tech.com:4: unknown option 'refresh,'
pri.serenity-tech.com:5: unknown option 'retry,'
pri.serenity-tech.com:6: unknown option 'expire,'
pri.serenity-tech.com:7: unknown option 'minimum,'
pri.serenity-tech.com:9: unknown option 'NS'
pri.serenity-tech.com:9: unknown option 'Inet'
pri.serenity-tech.com:10: unknown option 'Inet'
pri.serenity-tech.com:13: unknown option 'ASPMX.L.GOOGLE.COM.'


I did this AFTER reverting to the default ISPConfig written file, which is as follows:

$TTL 86400
@ IN SOA ns.serenity-tech.com. admin.serenity-tech.com. (
2007032401 ; serial, todays date + todays serial #
28800 ; refresh, seconds
7200 ; retry, seconds
604800 ; expire, seconds
86400 ) ; minimum, seconds
;
NS ns.serenity-tech.com. ; Inet Address of name server 1
NS ns2.serenity-tech.com. ; Inet Address of name server 2
;

ASPMX.L.GOOGLE.COM. MX 10 ASPMX.L.GOOGLE.COM..
ALT1.ASPMX.L.GOOGLE.COM. MX 20 ALT1.ASPMX.L.GOOGLE.COM..
ALT2.ASPMX.L.GOOGLE.COM. MX 20 ALT2.ASPMX.L.GOOGLE.COM..
ASPMX2.GOOGLEMAIL.COM. MX 30 ASPMX2.GOOGLEMAIL.COM..
ASPMX3.GOOGLEMAIL.COM. MX 30 ASPMX3.GOOGLEMAIL.COM..
ASPMX4.GOOGLEMAIL.COM. MX 30 ASPMX4.GOOGLEMAIL.COM..
ASPMX5.GOOGLEMAIL.COM. MX 30 ASPMX5.GOOGLEMAIL.COM..

serenity-tech.com. A 69.92.133.71
catalog A 69.92.133.71
www A 69.92.133.71
ns A 69.92.133.71
ns2 A 69.92.133.71

google9d372bf15970f817 CNAME google.com.

;;;; MAKE MANUAL ENTRIES BELOW THIS LINE! ;;;;




**********************************************

At this point, to minimize headachs, I'm going to take advantage of Godaddy's Total DNS control feature, and all hosted websites can go through my server.

 

Nameserver works fine now. Just reinstalled the OS (Went with Ubuntu 6.10 server edition this time). Now I have a new problem, which is already in a new thread...