Problem with DNS configuration

Discussion in 'Installation/Configuration' started by Hasan Hatic, Aug 30, 2017.

  1. Hasan Hatic

    Hasan Hatic New Member

    Hello all,
    recently I've installed ISP Config 3 on my CentOS 7, and I'm trying to setup my own DNS.
    I've two virtual machines:
    10.60.xxx.x1 (this is local address) -> 185.49.xxx.xx5 (this is public address) and this is ns1.myserver.com
    10.60.xxx.x2 (this is local address) -> 185.49.xxx.xx6 (this is public address) and this is ns2.myserver.com -> SLAVE INSTALLATION

    HOST 1:
    named.conf

    options {
    listen-on port 53 { any; };
    listen-on-v6 port 53 { any; };
    directory "/var/named";
    dump-file "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    allow-transfer { 10.60.xxx.x2; };
    allow-query { trusted; };
    allow-recursion { trusted; };
    empty-zones-enable no;
    };
    acl "trusted" {
    185.49.xxx.xx5; # ns1
    185.49.xxx.xx6; # ns2
    10.60.xxx.x1; # host1
    10.60.xxx.x2; # host2
    };
    logging {
    channel default_debug {
    file "data/named.run";
    severity dynamic;
    };
    };
    zone "." IN {
    type hint;
    file "named.ca";
    };
    include "/etc/named.conf.local";
    include "/etc/named/named.conf.local";

    resolv.conf
    domain myserver.com
    search myserver.com
    nameserver 10.60.xxx.x6
    nameserver 10.60.xxx.x1
    nameserver 10.60.xxx.x2

    When I run the dig command I've got this:
    dig @ns1.myserver.com aroniats.com
    ; <<>> DiG 9.9.4-RedHat-9.9.4-50.el7_3.1 <<>> @ns1.myserver.com aroniats.com
    ; (1 server found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 58648
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;aroniats.com. IN A

    ;; Query time: 39 msec
    ;; SERVER: 185.49.xxx.xx5#53(185.49.222.135)
    ;; WHEN: Wed Aug 30 14:21:14 CEST 2017
    ;; MSG SIZE rcvd: 41

    aroniats.com is domain hosted at GoDaddy, and I've already pointed it to my nameservers and my host.

    When I run nslookup I've got this:
    nslookup aroniats.com
    ;; Got SERVFAIL reply from 10.60.xxx.x6, trying next server
    ;; Got SERVFAIL reply from 10.60.xxx.x1, trying next server
    Server: 10.60.xxx.x6
    Address: 10.60.xxx.x6#53

    ** server can't find aroniats.com: NXDOMAIN

    I've stucked with this few days and I really need help. Thanks in advance!
    Greetings from Bosnia!
     
    Last edited: Aug 30, 2017
  2. vk3heg

    vk3heg Member

    1. Change the named.conf query line to: allow-query { any; };
    As you have it no one on the internet can query your name server for information about your domain.

    2. Having a slave/secondary name server on the same subnet/network is not going to give you any protection if one system fails.

    3. Once you have the bind setup correct, then set the custom name server at godaddy.

    user@shadow: dig any aroniats.com

    ; <<>> DiG 9.9.5-9+deb8u14-Debian <<>> any aroniats.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26714
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;aroniats.com. IN ANY

    ;; ANSWER SECTION:
    aroniats.com. 600 IN A 160.153.129.21
    aroniats.com. 3600 IN NS ns17.domaincontrol.com.
    aroniats.com. 3600 IN NS ns18.domaincontrol.com.
    aroniats.com. 600 IN SOA ns17.domaincontrol.com. dns.jomax.net. 2017092000 28800 7200 604800 600
    aroniats.com. 3600 IN MX 0 mail.aroniats.com.
    aroniats.com. 3600 IN TXT "v=spf1 a mx ptr include:secureserver.net ~all"

    ;; Query time: 815 msec
    ;; SERVER: 208.67.222.222#53(208.67.222.222)
    ;; WHEN: Sun Sep 24 10:43:23 AEST 2017
    ;; MSG SIZE rcvd: 237
     

Share This Page