I am not a newbie to linux, but I am a newbie to DNS. My goal is to register ns1 and ns2 nameservers for a godaddy domain and then set up my own ISPConfig 3 DNS to resolve DNS requuests for my websites. This tutorial seems to be out of date since it uses Godaddy's old domain configuration tools and the example is also using ISPConfig 2. http://www.howtoforge.com/ispconfig_dns_godaddy Here is what I have done so far. If I can get this set up, then perhaps this can help somebody else with the same problem. First, I set up my new server with ISPConfig 3 on the CentOS 5.5 OS according to the "Perfect Server" tutorial on this website. On page 5 of the tutorial, I followed the instructions to Install A Chrooted DNS Server http://www.howtoforge.com/perfect-server-centos-5.5-x86_64-ispconfig-3-p5 Here is my DNS tab in the Server Config on ISPConfig 3 Question: Should I change my conf paths as follows? ... /var/named/chroot/etc/named.conf /var/named/chroot/etc/named.conf.local Next, I set up my DNS Zone as follows: Then, I set up the DNS Records: I know this is not right but again I am a newbie to DNS. Finally, I registered my nameservers (The next image is from my Godaddy domain control panel for the domain jpre.net) within my domain (jpre.net) and forwarded jpre.net nameservers to ns1.jpre.net and ns2.jpre.net: When I restart the named service, I now get: Here are a few follow up questions and points: 1. I also installed the caching-nameserver package ... is that a problem? 2. My new server is on a fairly restricted LAN for right now until I get everything up and running. At that time I will colocate to a data center. For now, I have port 53 forwarded. I hope that is enough. 3. I have not touched IPtables 4. There is no file named /etc/named.conf ... I only have: /var/named/chroot/etc/named.conf (which I think is correct). 5. SELinux is disabled
Godaddy domain and ISPConfig 3 DNS config Well ... right now, I can't even get my named service started so the DNS request stops when it gets to my server. Here is the output of #dig jpre.net
Why do you have an A and a CNAME record for www? An A record is enough. Also, since you host jpre.net on ns1.jpre.net and ns2.jpre.net, you need glue records for your nameservers: http://en.wikipedia.org/wiki/Domain_Name_System#Circular_dependencies_and_glue_records
ISPConfig 3 Setting up authoritative DNS and website DNS with Godaddy domains I think it may be working (minus the glue record at Godaddy). I probably just have to wait for some things to resolve now but here is where I am at. I changed my DNS server config settings in ISPConfig as follows: Then, I modified the DNS entry for the domain that will hold the nameservers: Then (using the DNS wizard), I created DNS zone and record entries for the website jabsock.com (this time I used ns1.jpre.net) in the wizard for the nameservers. Note that the wizard didn't work until I copied the template and gave it my own name "dns-type1". Now here is what I am getting when I check on my domains: Code: # dig ns1.jpre.net ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> ns1.jpre.net ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39710 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;ns1.jpre.net. IN A ;; ANSWER SECTION: ns1.jpre.net. 26570 IN A 65.60.101.156 ;; Query time: 1 msec ;; SERVER: 10.1.1.10#53(10.1.1.10) ;; WHEN: Thu Aug 5 06:55:55 2010 ;; MSG SIZE rcvd: 46 Code: # dig @localhost jabsock.com ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> @localhost jabsock.com ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37686 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;jabsock.com. IN A ;; ANSWER SECTION: jabsock.com. 86400 IN A 65.60.101.156 ;; AUTHORITY SECTION: jabsock.com. 86400 IN NS ns1.jpre.net. jabsock.com. 86400 IN NS ns2.jpre.net. ;; ADDITIONAL SECTION: ns1.jpre.net. 86400 IN A 65.60.101.156 ns2.jpre.net. 86400 IN A 65.60.101.156 ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Thu Aug 5 06:56:35 2010 ;; MSG SIZE rcvd: 121
Glue Records at Godaddy I called Godaddy and asked them about the glue records, but I don't think they knew what I was talking about. My understanding is that I don't need a glue record unless I plan to host something at the same domain where the nameservers have authority which causes a circular reference. At this point, I am only going to host different websites on different domains than the one I am using for the nameservers. Last thing ... Here is the output now for: Code: # dig jabsock.com ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> jabsock.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 59308 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;jabsock.com. IN A ;; Query time: 3188 msec ;; SERVER: 10.1.1.10#53(10.1.1.10) ;; WHEN: Thu Aug 5 07:04:07 2010 ;; MSG SIZE rcvd: 29 I think I should just wait for everything to resolve. Can it really take up to 72 hours? I have never seen it take more than 20 min at the most ...
ISPConfig 3 Setting up authoritative DNS and website DNS with Godaddy domains Just a quick question ... could there possibly be a firewall issue and that is the reason my dns requests won't resolve. My server is on the other side of a router that is port forwarding the ports that I requested. For DNS requests - I was granted port 53. It will be in this location until everything is configured and I colocate to a data center.
Make sure you open port 53 TCP and UDP. That's right, if the nameservers are in the same domain as the zone then you need a glue record.
ISPConfig 3 Setting up authoritative DNS and website DNS with Godaddy domains Thanks! Yes ... I did that, but now I seem to have discovered that my server is not listening to those requests. The DNS server is definitely working. I opened a new topic to see if I might be able to get some help on how to configure my server to listen to port 53 (UDP and TCP) on the IP address where I put the nameserver. http://www.howtoforge.com/forums/showthread.php?t=47784 Thanks!
Help configuring Nameserver with ISPConfig 3 Hi All, I don't mean to hijack a dead thread (ok maybe I do), but I am having a similar issue. I'm faced with having to administer my own VPS for the first time, and I am just learning about DNS and all that jazz. I have installed ISPConfig 3 and all prerequisites. I think the main difference between my setup and the original poster of the thread is that my domain, booksjamaica.com, will host both a website and the nameservers, ns1.booksjamaica.com and ns2.booksjamaica.com. To further complicate things, the domain is already pointing to another host. The domain registrar won't accept an IP address for the nameserver, but requires it in the format ns1.domain.com. Please see my ISPConfig setup below. So my (noobish) question is: How do I make it so that my nameservers are discoverable over the internet, so that I can point my domain to ns1.booksjamaica.com? I realize from your posts that I have a circular dependency and need a "glue record". How do I create a glue record?
Update I asked my hosting provider to set up glue records for me, which they said they did. I started a new thread here: http://www.how2forge.org/forums/showthread.php?p=237266#post237266
A "glue record" is also referred to as IPv6. Whoever has authority over your master domain, must have the glue record. The situation you describe now is exactly the same as mine. My server's host name is also the host name of the name servers that point to the website on the same server. It will work. You might want to use dig to take a look at how I have the entries set up for the server versus one of my websites. For example. Try ... syntax: dig [the dns entry you are interested in] jpre.net that is the host and the domain for dns. dig mx jpre.net Try using the domain information groper "dig" on other websites as well. Now ... one thing I would caution you about. Make sure you let your ISP (or whoever is selling you the internet space) to make sure the correctly enter "PTR" records for you so that when you get it all working you have both forward and reverse DNS. For example: dig -x your.ip.add.ress to see the domain listed in PTR for your IP. If both the A records and PTR records don't point to each other than some servers on the internet may not like your emails (in particular) and you will soon find that your server gets banned from other major servers that you might rely on for mail delivery and so forth. Good luck. If you need more, I can post my setting as they work now later. Sounds like you are close.
update Hi dpicella, Most things work as they should now, except that I need reverse DNS (PTR) records for my mail server. I was going to try and add the record from ISPConfig, but from another thread in which you participated I see that I have to ask my hosting provider for this. I already did this and am awaiting their reply. Thanks
