Thread: I think my DNS is not properly configured :(

Hello guys, good day.. I have configured a DNS machine but i think im lost already.
Here is what i have done so far:

1. I have register a domain blucard.com, and I setup a DNS(ns1.pl.blucard.com) at home
2 I already added a record ns1.pl.blucard.com pointing to the ip address(123.111.1.1) of my dns server at home
3. I setup bind(not chrooted) in ns1.pl.blucard.com and here are my configs.

/etc/named.conf

PHP Code:

options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { any; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        recursion yes;
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "." IN {
        type hint;
        file "named.ca";
};

zone "pl.blucard.com"  IN {
    type master;
    file "pl.blucard.com.zone";
    notify yes;
    #allow-transfer {192.168.245.0;};
}; 


/var/named/pl.blucard.com.zone

PHP Code:

$ORIGIN .
$TTL    3600 ; 1 hour
pl.blucard.com    IN      SOA     ns1.pl.blucard.com.    admin.blucard.com. (
                 2012121102 ; serial
                 10800      ; refresh (3 hours)
                 3600       ; retry (1 hour)
                 604800     ; expire (1 week)
                 86400      ; minimum (1 day)
                 )

        
        NS    pl.blucard.com.

pl.blucard.com    IN    A    123.111.1.1
test.pl         IN      A       123.111.1.1 


NOTE: i havent configured yet a reverse-lookup zone.


However after doing all these stuffs, i cant ping ns1.pl.blucard.com and test.pl.blucard.com. Adding ns1.pl.blucard.com record
to the domain registry is about 2 days now.. so i think it is propagated already. Please advice me what to do... thanks
in advance...

guys, any ideas?... i tried to troubleshoot but still no luck


netstat -tulpn | grep 53

PHP Code:

tcp        0      0 121.111.1.1:53                0.0.0.0:*                   LISTEN      23515/named         
tcp        0      0 127.0.0.1:53                0.0.0.0:*                   LISTEN      23515/named         
tcp        0      0 127.0.0.1:953               0.0.0.0:*                   LISTEN      23515/named         
tcp        0      0 :::53                       :::*                        LISTEN      23515/named         
udp        0      0 121.111.1.1:53                0.0.0.0:*                               23515/named         
udp        0      0 127.0.0.1:53                0.0.0.0:*                               23515/named         
udp        0      0 :::53                       :::*                                    23515/named 


/etc/init.d/named status

PHP Code:

version: 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.6
CPUs found: 2
worker threads: 2
number of zones: 17
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
named (pid  23515) is running... 


ive checked zone files for errors..

PHP Code:

named-checkconf /etc/named.conf 


host ns1.pl.blucard.com

PHP Code:

Host ns1.pl.blucard.com not found: 3(NXDOMAIN) 


dig 123.111.1.1

PHP Code:

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.6 <<>> 123.111.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52082
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0


;; QUESTION SECTION:
;123.111.1.1.            IN    A


;; AUTHORITY SECTION:
.            10800    IN    SOA    a.root-servers.net. nstld.verisign-grs.com. 2013010301 1800 900 604800 86400


;; Query time: 67 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jan  3 21:36:42 2013
;; MSG SIZE  rcvd: 106 


Thats true..

Where is your ns1.pl.blucard.com and test.pl.blucard.com A records in the zone files? I believe you forgot to add A records for these two machines. Can you point an A record to these and try to check once? It should resolve your issue.

hi kumarat9pm,

thanks for pointing that out.. i added those records and i can ping and dig it,,.. but after several hours i could not ping/dig it ...

cat /var/named/pl.blucard.com.zone

PHP Code:

$ORIGIN .
$TTL    3600 ; 1 hour
pl.blucard.com    IN      SOA      ns1.pl.blucard.com.    admin.blucard.com. (
                                          2012121102 ; serial
                                          10800      ; refresh (3 hours)
                                          3600       ; retry (1 hour)
                                          604800     ; expire (1 week)
                                         86400      ; minimum (1 day)
                                                  )
                        NS             sys1.blucard.com.
                        NS             ns1.pl.blucard.com.
$ORIGIN pl.blucard.com.
pl.blucard.com      IN         A        123.111.1.1    
test.pl                  IN      A         123.111.1.1
ns1                         IN       A    123.111.1.1 


Do you mean it stopped working after some time?

Originally Posted by kumarat9pm

Do you mean it stopped working after some time?

yes, it stopped working for several hours, then i can ping or dig it again... and i also checked through some dns monitoring site it says that it didnt find any associated dns servers..

DNS servers responded

ERROR: One or more of your nameservers did not respond: The ones that did not respond are: 123.111.1.1

Missing nameservers reported by your nameservers

You should already know that your NS records at your nameservers are missing, so here it is again: ns1.pl.blucard.com.

SOA		SOA record	No valid SOA record came back!
MX		MX Records	Oh well, I did not detect any MX records so you probably don't have any and if you know you should have then they may be missing at your nameservers!
WWW		WWW A Record	ERROR: I could not get any A records for blucard.com! (I only do a cache request, if you recently added a WWW A record, it might not show up here.)

... i tried to check my configs but i find no errors...

please find below debugging..

when try to dig one of your host with following command..

Code:

dig @ns1.pl.blucard.com pl.bluecard.com
I got following reply..
; <<>> DiG 9.8.1-P1 <<>> @ns1.pl.blucard.com pl.bluecard.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

TCPDUMP output..

tcpdump -i wlan0 udp port 53
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on wlan0, link-type EN10MB (Ethernet), capture size 65535 bytes







20:24:21.444585 IP linuxnix.local.53979 > 121.78.127.249.domain: 6002+ A? pl.bluecard.com. (33)
20:24:26.444680 IP linuxnix.local.53979 > 121.78.127.249.domain: 6002+ A? pl.bluecard.com. (33)
20:24:31.444820 IP linuxnix.local.53979 > 121.78.127.249.domain: 6002+ A? pl.bluecard.com. (33)

If you observe your Name server never tried to give me an answer..




Then when I tried to nc command no output at all..

nc -u ns1.pl.blucard.com 53




This means many to me..

1)Check DNS service is running on your machine or not(service bind status) once again. In in your previous post it shows it is running.
2)I checked your machine DNS port is not open

nmap ns1.pl.blucard.com


Starting Nmap 6.00 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2013-01-06 20:41 IST
Nmap scan report for ns1.pl.blucard.com (121.78.127.249)
Host is up (0.32s latency).
Not shown: 995 closed ports
PORT STATE SERVICE
25/tcp open smtp
80/tcp open http
443/tcp open https
3306/tcp open mysql
9102/tcp open jetdirect


Nmap done: 1 IP address (1 host up) scanned in 12.96 seconds


check if you can do anything here.

3) I am assuming that named-checkconf and named-checkzone commands return everything fine..
4)Check if you have your firewall rules if DNS is blocked or not..

And many more..