Need advice on DNS
Darren Poh
darpohsh at hotmail.com
Sat Nov 8 05:17:15 UTC 2003
Barry Margolin <barry.margolin at level3.com> wrote in message news:<bogrpr$23c7$1 at sf1.isc.org>...
> In article <bogpno$217m$1 at sf1.isc.org>,
> Darren Poh <darpohsh at hotmail.com> wrote:
> >I have registered for a domain. Let take it to be 'mydomain.com'. The
Hi Barry,
Thanks for your reply.
>
> Please tell us the real domain. Your description of what you've done is
> not complete, and we can't tell exactly what's going wrong without seeing
> the true registration.
>
The domain name is ipasar.com
> >registrar do not help me to host my new domain. I use the DNS service
> >by DNS-Made-Easy whereby I indicated 2 'A' records.
> >
> >mydomain.com. with the address 111.222.333.444
> >ns0 with the same address
>
> What nameservers did you list when you registered the domain? Just
> DNS-Made-Easy's servers, or their servers and your dedicated server?
I have listed
ns1.dnsmadeeasy.com
ns0.dnsmadeeasy.com
ns2.dnsmadeeasy.com
ns4.dnsmadeeasy.com
ns3.dnsmadeeasy.com
>
> Are DNS-Made-Easy's servers configured as master or slave for your domain?
> If they're slaves, you need to allow their addresses in your
> "allow-transfer" statements.
I setup primary DNS on DNS-Made-Easy. In this case, is there a need to
make any changes to my DNS configuration file?
>
> >I want to run my own DNS (BIND 9 on Redhat 7.3) on my dedicated
> >server. Below is the content of my 'named.conf' file, follow by
> >content of the file 'db.mydomain.com'
> >
> >*********************
> >
> >// Authorized source addresses
> >acl "trusted" {
> > localhost;
> > 111.222.333.444;
> >};
> >
> >// Known fake source addresses shouldn't be replied to
> >acl "bogon" {
> > 0.0.0.0/8;
> > 1.0.0.0/8;
> > 2.0.0.0/8;
> > 192.0.2.0/24;
> > 224.0.0.0/3;
> > 169.254.0.0/16;
> > // Enterprise networks may or may not be bogus
> > 10.0.0.0/8;
> > 172.16.0.0/12;
> > 192.168.0.0/16;
> >};
> >
> >options {
> > directory "/var/named";
> > query-source address * port 953;
> > allow-transfer { none; };
> > allow-query { trusted; };
> > allow-recursion { trusted; };
> > blackhole { bogon; };
> > version "OpenNA Linux";
> >};
> >
> >logging {
> > category lame-servers { null; };
> >};
> >
> >controls {
> > inet 127.0.0.1 allow { localhost; } keys { "mydomain.com"; };
> >};
> >
> >zone "." IN {
> > type hint;
> > file "db.cache";
> >};
> >
> >zone "mydomain.com" IN {
> > type master;
> > file "db.mydomain.com";
> > allow-update { none; };
> > notify no;
> >};
> >
> >zone "0.0.127.in-addr.arpa" IN {
> > type master;
> > file "db.127.0.0";
> > allow-update { none; };
> > notify no;
> >};
> >
> >zone "333.222.111.in-addr.arpa" IN {
> > type master;
> > file "db.111.222.333";
> > allow-update { none; };
> > notify no;
> >};
> >
> >include "/etc/rndc.key";
> >
> >****************
> >
> >$TTL 10800
> >@ IN SOA ns0.mydomain.com. webmaster.mydomain.com. (
> > 2003110600 ; Serial No - yyyymmdd[0-9][0-9]
> > 10800 ; Refresh after 3 hrs
> > 3600 ; Retry after 1 hr
> > 604800 ; Expires after 1 wk
> > 10800 ; Negative caching TTL of 3 hrs
> > )
> >;
> >; Name Server(s)
> >;
> > IN NS ns0.mydomain.com.
> > IN NS ns0.dnsmadeeasy.com.
> > IN A 111.222.333.444
> > IN MX 10 mail.mydomain.com.
> >;
> >; Addresses for the canonical names
> >;
> >localhost IN A 127.0.0.1
> >ns0 IN A 111.222.333.444
> >;
> >; Aliases
> >;
> >www IN CNAME ns0
> >mail IN CNAME ns0
> >ftp IN CNAME ns0
> >
> >*************
> >
> >Remotely, I am able to ping to 'mydomain.com' and also
> >'ns0.mydomain.com'. However, I am not able to ping to
> >'www.mydomain.com'. It seems like the content in my DNS configuration
> >is not been recognised by the 'outsie' world. I am not sure where went
> >wrong. I hope someone can provide me with some advice.
>
> The "allow-query { trusted; };" statement in your named.conf doesn't allow
> the outside world to get information from your server.
Thanks for enlightening me. I have commented out this line.
Sure hope to get this done soon .. =)
More information about the bind-users
mailing list