dns server not able to resolve local domain names

Bazzaah · 06-22-2009, 08:17 AM

The domain registrar had the wrong IP address so hope that's it - would explain the NOERROR and NXDOMAIN messages.

I'll see how things are once it has propagated.

In the meantime, thanks for your help.

Bazzaah · 06-23-2009, 02:32 PM

The correct IP address now seems to have propagated, but still no joy. I spoke to the registrar earlier. There is no IP address against the domain name.

This file:

#$ttl 38400 ;
$ORIGIN bazzaah.com.
@ IN SOA ns1.bazzaah.com. barry\.watson23.gmail.com. (
1245501424 ;
(
10800 ;
3600 ;
604800 ;
38400 ; )
bazzaah.com. IN NS ns1.bazzaah.com..
bazzaah.com. IN NS ns2.bazzaah.com..
bazzaah.com. IN A 78.105.125.227
ns1.bazzaah.com. IN A 78.105.125.227
ns2.bazzaah.com. IN A 78.105.125.227
bazzaah.com. IN NS www.bazzaah.com.
#

generates this response

#
zone localdomain/IN: loaded serial 42
zone localhost/IN: loaded serial 42
zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
zone 255.in-addr.arpa/IN: loaded serial 42
zone 0.in-addr.arpa/IN: loaded serial 42
dns_rdata_fromtext: /var/named/www.bazzaah.com.hosts:9: near 'bazzaah.com.': extra input text
zone bazzaah.com/IN: loading from master file /var/named/www.bazzaah.com.hosts failed: extra input text
_default/bazzaah.com/IN: extra input text
#

Could you help me tidy the zone file up please?

Also, should there be some symbolic link to www.bazzaah.com.hosts in /var?

This is starting to feel like having teeth drawn (no doubt for you too) so will give it one last go before I just get someone to host for me.

Thanks in advance for any help.

bathory · 06-23-2009, 03:40 PM

I cannot resolve anything from my side, so I guess it's because you've badly messed the zone file (a "(" more in the 5th line and 2 dots at the end of the NS records). Here is the edited version:

Code:

$TTL 38400       ;zone TTL default
$ORIGIN bazzaah.com.
@ IN SOA ns1.bazzaah.com. barry\.watson23.gmail.com. (
2009062301       ;serial
10800            ;refresh, seconds
3600             ;retry, seconds
604800           ;expire, seconds
38400 )          ;minimum, seconds

                 IN NS ns1.bazzaah.com.
                 IN NS ns2.bazzaah.com.
bazzaah.com.     IN A 78.105.125.227
ns1.bazzaah.com. IN A 78.105.125.227
ns2.bazzaah.com. IN A 78.105.125.227
bazzaah.com.     IN NS www.bazzaah.com.
www              IN A 78.105.125.227

I've added some comments, used the today's date as serial and the same IP for www, since you use is as NS.
There is no need for a symlink in /var

Bazzaah · 06-24-2009, 05:35 AM

Thanks for that.

Predictably, still no luck, though I spoke with the domain registrar - there is no IP address associated with my domain name, so I suppose that is (part of) the problem.

Is it the zonefile that associates the IP address with the domain name? If not, do you know how I can make that association?

Does the association take time to propagate?

bathory · 06-24-2009, 06:20 AM

When you register a domain, you can either let the registrar (or your isp) to provide you with dns services for that domain, or you tell them that your are going to do it yourself. In that case you have to give them the names and the IPs of the servers you're going to use as primary and secondary (al least) dns servers. Then you have to setup the dns server for that domain.
In your case everything seems to be ok, except from the fact that your dns server is not reachable from the internet, so no one knows about your domain.
It should be a firewall issue, because your web server is reachable from outside using its IP. Or maybe your isp blocks domain requests. You should start searching about these issues.

Regards

Bazzaah · 06-24-2009, 07:51 AM

Quote:

Originally Posted by bathory

When you register a domain, you can either let the registrar (or your isp) to provide you with dns services for that domain, or you tell them that your are going to do it yourself. In that case you have to give them the names and the IPs of the servers you're going to use as primary and secondary (al least) dns servers. Then you have to setup the dns server for that domain.
In your case everything seems to be ok, except from the fact that your dns server is not reachable from the internet, so no one knows about your domain.
It should be a firewall issue, because your web server is reachable from outside using its IP. Or maybe your isp blocks domain requests. You should start searching about these issues.

Regards

My wife tells me that the html displays on 78.105.125.227 so it's half way there.

I have switched my firewall off for the time being but the firewall was, in any event, configured to allow the web server to access the outside world. My ISP allows me to host my own web server (I have a business package and a static IP address) so I doubt they block domain requests.

I have set up port forwarding on my router for Apache. I will allow a port for BIND as well when I find out what port to use.

I am encouraged that the html displays though.

As I wrote above, the domain registrar tells me that there is no IP address associated with the domain name. I can't help but think that is the problem.

bathory · 06-24-2009, 11:04 AM

Quote:

As I wrote above, the domain registrar tells me that there is no IP address associated with the domain name. I can't help but think that is the problem.

I've written above the usual procedure when you register a domain, so since you're authoritative for the domain bazzaah.com whenever someone asks for your domain it must be forwarded to your dns.
You should open and forward port 53 tcp/udp on your router to serve dns requests.

Bazzaah · 06-24-2009, 01:02 PM

Quote:

Originally Posted by bathory

I've written above the usual procedure when you register a domain, so since you're authoritative for the domain bazzaah.com whenever someone asks for your domain it must be forwarded to your dns.
You should open and forward port 53 tcp/udp on your router to serve dns requests.

I still get a 404 but now I get it immediately now instead of after 1 minute or so. That's progress of sorts.

just one small issue off the zone file you kindly corrected for me.

Code:

named-checkconf -z -t /var/lib/named

Code:

zone localdomain/IN: loaded serial 42
zone localhost/IN: loaded serial 42
zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
zone 255.in-addr.arpa/IN: loaded serial 42
zone 0.in-addr.arpa/IN: loaded serial 42
zone bazzaah.com/IN: NS 'www.bazzaah.com' has no address records (A or AAAA)
zone bazzaah.com/IN: loaded serial 2009062302

Grateful for your insights.

Bazzaah · 06-24-2009, 02:38 PM

Quote:

Originally Posted by Bazzaah

I still get a 404 but now I get it immediately now instead of after 1 minute or so. That's progress of sorts.

just one small issue off the zone file you kindly corrected for me.

Code:

named-checkconf -z -t /var/lib/named

Code:

zone localdomain/IN: loaded serial 42
zone localhost/IN: loaded serial 42
zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
zone 255.in-addr.arpa/IN: loaded serial 42
zone 0.in-addr.arpa/IN: loaded serial 42
zone bazzaah.com/IN: NS 'www.bazzaah.com' has no address records (A or AAAA)
zone bazzaah.com/IN: loaded serial 2009062302

Grateful for your insights.

Perhaps this is the problem:

Code:

 host www.bazzaah.com ns1.bazzaah.com

Code:

;; reply from unexpected source: 192.168.1.254#53, expected 78.105.125.227#53
;; reply from unexpected source: 192.168.1.254#53, expected 78.105.125.227#53
Using domain server:
Name: 192.168.1.254
Address: 192.168.1.254#53
Aliases:

bathory · 06-24-2009, 04:09 PM

Now it works, at least from side:

Quote:

dig ns1.bazzaah.com

; <<>> DiG 9.6.1 <<>> ns1.bazzaah.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28899
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 0

;; QUESTION SECTION:
;ns1.bazzaah.com. IN A

;; ANSWER SECTION:
ns1.bazzaah.com. 38400 IN A 78.105.125.227

;; AUTHORITY SECTION:
bazzaah.com. 38400 IN NS ns2.bazzaah.com.
bazzaah.com. 38400 IN NS www.bazzaah.com.
bazzaah.com. 38400 IN NS ns1.bazzaah.com.

;; Query time: 132 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jun 25 00:03:04 2009
;; MSG SIZE rcvd: 99

So I guess you've opened port 53 on your router and everything is fixed.

Quote:

zone bazzaah.com/IN: NS 'www.bazzaah.com' has no address records (A or AAAA)

You didn't used the zone file in my post #48. Look at the last line of the zone file and the comments after it.
The fact is that it's useless to have 3 name servers on the same IP address.

Bazzaah · 06-24-2009, 04:49 PM

Quote:

Originally Posted by bathory

Now it works, at least from side:

So I guess you've opened port 53 on your router and everything is fixed.

You didn't used the zone file in my post #48. Look at the last line of the zone file and the comments after it.
The fact is that it's useless to have 3 name servers on the same IP address.

Yes, the port forwarding has partly fixed things in that my index.html will display on http://[IP address], but still not on www.bazzaah.com.

I think I have probably narfed something up in webmin. A better learning experience will be for me to look at the various files needed to run a server. Can I get a working server running by configuring the following? Are there any others that I should look at?

/etc/named.conf
/etc/.../httpd.conf
/var/lib/.../[my zone file]
/etc/resolv.conf
/etc/hosts

Thank you for your patience.

bathory · 06-24-2009, 05:06 PM

Now that your dns works and it's authoritative for the domain, all you have to do is to add pairs of hostnames/IPs in the zone file. So if you have used the zone file I've posted in post #48 you would be ok regarding your www.
Anywat edit the zone file add

Code:

www  IN A 78.105.125.227

increase the serial, restart bind and you'll be OK

Bazzaah · 06-25-2009, 01:47 AM

Quote:

Originally Posted by bathory

Now that your dns works and it's authoritative for the domain, all you have to do is to add pairs of hostnames/IPs in the zone file. So if you have used the zone file I've posted in post #48 you would be ok regarding your www.
Anywat edit the zone file add

Code:

www  IN A 78.105.125.227

increase the serial, restart bind and you'll be OK

I think I was experimenting to see the effect of deleting the last line of the corrected zonefile and neglected to add it back it in.

I don't have the authority section when I dig but the command dig www.bazzaah.com no longer returns NXDOMAIN! I don't know whether www.bazzaah.com displays anything as all I can see is the access screen to my router.

Also, I updated by adding one to it:

Code:

zone localdomain/IN: loaded serial 42
zone localhost/IN: loaded serial 42
zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
zone 255.in-addr.arpa/IN: loaded serial 42
zone 0.in-addr.arpa/IN: loaded serial 42
zone bazzaah.com/IN: loaded serial 2009062302

Should the serial be the same throughout?

bathory · 06-25-2009, 02:12 AM

Quote:

I don't have the authority section when I dig but the command dig www.bazzaah.com no longer returns NXDOMAIN! I don't know whether www.bazzaah.com displays anything as all I can see is the access screen to my router.

It works from outside finally!!!!
About the serial you have to increase only the serial for the zone you're changing. No need to be the same for all zones.

Bazzaah · 06-25-2009, 03:57 AM

Quote:

Originally Posted by bathory

It works from outside finally!!!!
About the serial you have to increase only the serial for the zone you're changing. No need to be the same for all zones.

That's great! At last! Thank you so much for your help.

I really appreciate all your help and your patience!

All the best and thanks again.