Can anyone please help me with the following problem: Problem: DNS not resolving from the Internet My progression: 1) Clean install of Ubuntu 16.04 2) Installed ISPCONFIG (https://www.howtoforge.com/tutorial/ispconfig-automated-install-script/) - everything fine 3) Created client,web etc.. in ISPConfig 4) Created DNS zone with these records : Code: Ano A ezweb.cz. 10.0.0.2 0 3600 Ano A mail 10.0.0.2 0 3600 Ano A ns1 10.0.0.2 0 3600 Ano A ns2 10.0.0.2 0 3600 Ano A www 10.0.0.2 0 3600 Ano MX ezweb.cz. mail.ezweb.cz. 10 3600 Ano NS ezweb.cz. ns1.ezweb.cz. 0 3600 Ano NS ezweb.cz. ns2.ezweb.cz. 0 3600 Ano TXT ezweb.cz. v=spf1 mx a ~all 0 3600 5) If i use 10.0.0.2 as DNS on local network i can see ezweb.cz working fine 6) Setup NS with glue records on domain registrator side, DNS trace overwiev from simpledns: Code: Loading root server list (static data): -> a.root-servers.net (198.41.0.4) -> b.root-servers.net (192.228.79.201) -> c.root-servers.net (192.33.4.12) -> d.root-servers.net (128.8.10.90) -> e.root-servers.net (192.203.230.10) -> f.root-servers.net (192.5.5.241) -> g.root-servers.net (192.112.36.4) -> h.root-servers.net (128.63.2.53) -> i.root-servers.net (192.36.148.17) -> j.root-servers.net (192.58.128.30) -> k.root-servers.net (193.0.14.129) -> l.root-servers.net (199.7.83.42) -> m.root-servers.net (202.12.27.33) Sending request to "j.root-servers.net" (192.58.128.30) Received referral response - DNS servers for "cz": -> a.ns.nic.cz (194.0.12.1) -> b.ns.nic.cz (194.0.13.1) -> c.ns.nic.cz (194.0.14.1) -> d.ns.nic.cz (193.29.206.1) Sending request to "a.ns.nic.cz" (194.0.12.1) Received referral response - DNS servers for "ezweb.cz": -> ns1.ezweb.cz (90.178.114.101) -> ns2.ezweb.cz (90.178.114.101) Sending request to "ns1.ezweb.cz" (90.178.114.101) Timeout waiting for response Sending request to "ns2.ezweb.cz" (90.178.114.101) Timeout waiting for response Failed to resolve - no more DNS servers left to try 7) Telnet on 90.178.114.101:53 works fine 8) /etc/bind/named.conf.options Code: options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. // forwarders { // 0.0.0.0; // }; //======================================================================== // If BIND logs error messages about the root key being expired, // you will need to update your keys. See https://www.isc.org/bind-keys //======================================================================== dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; listen-on { any; }; }; 9) /etc/bind/named.conf.local Code: zone "ezweb.cz" { type master; allow-transfer {none;}; file "/etc/bind/pri.ezweb.cz"; }; 10) /etc/bind/named.conf.default-zones Code: // prime the server with knowledge of the root servers zone "." { type hint; file "/etc/bind/db.root"; }; // be authoritative for the localhost forward and reverse zones, and for // broadcast zones as per RFC 1912 zone "localhost" { type master; file "/etc/bind/db.local"; }; zone "127.in-addr.arpa" { type master; file "/etc/bind/db.127"; }; zone "0.in-addr.arpa" { type master; file "/etc/bind/db.0"; }; zone "255.in-addr.arpa" { type master; file "/etc/bind/db.255"; }; Can somebody help? Im new in linux and ISPCONFIG (one week user
Sorry, my EN is bad . ad6) Request for ezweb.cz from internet Sending request to "ns1.ezweb.cz" (90.178.114.101) Timeout waiting for response Sending request to "ns2.ezweb.cz" (90.178.114.101) Timeout waiting for response My BING9 behind 90.178.114.101 wont work ... bud on local network is everthing fine
whois ezweb.cz show among others Code: nsset: EZWEB nserver: ns1.ezweb.cz (90.178.114.101) nserver: ns2.ezweb.cz (90.178.114.101) So both name servers have the same IP. There should be two separate name servers, but that is not the reason for not getting responses. The host answers to ping from the internet: Code: $ ping -c 3 90.178.114.101 PING 90.178.114.101 (90.178.114.101) 56(84) bytes of data. 64 bytes from 90.178.114.101: icmp_seq=1 ttl=51 time=54.6 ms 64 bytes from 90.178.114.101: icmp_seq=2 ttl=51 time=56.6 ms 64 bytes from 90.178.114.101: icmp_seq=3 ttl=51 time=55.7 ms --- 90.178.114.101 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2002ms rtt min/avg/max/mdev = 54.614/55.669/56.672/0.884 ms How did you check the dns works on local network? Try command Code: host ezweb.cz 90.178.114.101 If that works bind9 should be running on the host. If not, fix that. Check firewall rules from the Internet, maybe the DNS port is blocked. Use command dig to see that the bind9 has eaten, and try to see what is wrong.
Basically is it old server behind router (ports forwarded) This is the reason of one IP on both NS records. If im on same local network with my notebook (DNS in network connections manually set to 10.0.0.2) ezweb.cz give me websites Code: Using domain server: Name: 90.178.114.101 Address: 90.178.114.101#53 Aliases: ezweb.cz has address 10.0.0.2 ezweb.cz mail is handled by 10 mail.ezweb.cz. extrenal port check: Code: Port check – Tests if TCP port is opened on specified IP IP address or host name: 90.178.114.101 Port number: 53 90.178.114.101:53 port is open
