bind on vps

Sun Feb 13 13:13:48 UTC 2011

On 02/13/11 12:52, Walter Alejandro Iglesias wrote:
> Hello,
> 
> I read bind howto, several tutorials, mailing lists.  After
> two months trying to get this working without success I must
> bother you.
> 
> I am running a Slackware in a vps server, it provides me two
> IPs (I can ask for more if needed).
> 
> I have the domains registered at go daddy.
> 
> It will be a web hosting sever.  I wrote my own web client
> panel and my own bash scripts to automate the upload of new
> client's virtual domains.  That's why I want to run my own dns
> server; I want to be able to update the registers in my own
> machine.

you do know that you should have two SERVERS for your dns?
Giving two different IPs for your box will work. but is a very bad idea.
Even if everything else is on that machine, for some uses (eg. mail)
having no DNS data is worse than having a failed server.

> 
> I am running my name server in the same machine I run my
> domains.  I've read a post in this mailing list where a newbie
> like me explains the same problem.  But the last answer
> mention only about "glue" records and I think I've included
> them correctly(?).  nslookup returns me the expected when I
> run from inside the vps but not when I run it from the
> outside.  

That's probably because you haven't updated NS records at registrar. So
your server is configured correctly. But nobody asks it for information.
How to change it - most probably you have to login to the web panel for
the service, where you've ordered and paid for domain (that would be
godaddy I presume), and find your way there. Somewhere there should be
space for providing names of your nameservers, and IP addresses of them.
You'll need to do this for all your domains, but for rest of them names
will be enough.

> I've defined two zones.  The first to my main domain, I need
> to run a ssl site and I prefer dedicate the first ip to it.
> And a template zone to the rest of virtual domains.

Well, if only this site is SSL-enabled, all others are only HTTP, than
all can coexist on a single IP.

> I've opened port 53 in my firewall.

for TCP, UDP or both?

> 
> 
> Stuff
> -----
> 
> mydomain.com
> virtualdomain.com	(more late I want to be able to add
> 			virtualdomain2.com, virtualdomain3.com, etc.
> 			pointing to the template zone).
> 
> 11.22.33.44 (first ip provided for vps)
> 11.22.33.45 (second ip provided for vps)
>
> /etc/named.conf
> ---------------------------------------------------

[cut]

> // Zones I added 
> zone "mydomain.com" {
> 	type master;
> 	file "mydomain.com.zone";
> };
> zone "virtualdomain.com" {
> 	type master;
> 	file "template.zone";
> };
> zone "33.22.11.in-addr.arpa" {
> 	type master;
> 	file "11.22.33";
> };

This will work only if you are designated nameserver for all 11.22.33/24
block, which I think is false. Otherwise you'll have to tell the one
that is (maybe your ISP, maybe even higher) to make changes.

> 
> 
> Main zone
> ------------------------------------------------------------------------
> ; mydomain.com.zone
> $TTL	86400
> @	IN	SOA	ns1.mydomain.com.	root.mydomain.com. (
> 				2011011902	; Serial
> 				8H		; Refresh
> 				2H		; Retry
> 				4W		; Expire
> 				1D)		; Minimum TTL
> @	IN	NS	ns1.mydomain.com.
> @	IN	NS	ns2.mydomain.com.
> @	IN	A	11.22.33.44
> www	IN	A	11.22.33.44
> ns1	IN	A	11.22.33.44
> ns2	IN	A	11.22.33.45

looks OK

> 
> 
> Template zone
> -------------------------------------------------------------------------
> ; template.zone (second ip)
> $TTL	86400
> @	IN	SOA	ns1.mydomain.com.	root.mydomain.com. (
> 				2011011902	; Serial
> 				8H		; Refresh
> 				2H		; Retry
> 				4W		; Expire
> 				1D)		; Minimum TTL
> @	IN	NS	ns1.mydomain.com.
> @	IN	NS	ns2.mydomain.com.
> @	IN	A	11.22.33.45
> www	IN	A	11.22.33.45

also looks OK.

> 
> 
> Reverse zone
> ------------------------------------------------------------------------
> ; 11.22.33
> $TTL	86400
> @	IN	SOA	ns1.mydomain.com.	root.mydomain.com. (
> 				2011011901	; Serial
> 				8H		; Refresh
> 				2H		; Retry
> 				4W		; Expire
> 				1D)		; Minimum TTL
> @	IN	NS	ns1.mydomain.com.
> @	IN	NS	ns2.mydomain.com.
> 44	IN	PTR	mydomain.com.
> 44	IN	PTR	www.mydomain.com.
> 45	IN	PTR	virtualdomain.com.
> 45	IN	PTR	www.virtualdomain.com.
> 44	IN	PTR	ns1.mydomain.com.
> 45	IN	PTR	ns2.mydomain.com.

First, as stated before, I doubt if anyone will ask your server for that
info. Second - what is the name of 11.22.33.44? Is it mydomain.com?
www.mydomain.com? ns1.mydomain.com? AFAIK there can be only one PTR record.

> 
> ----------- end config files -------------------------
> 
> In case my configuration is OK,
> what must I ask to my vps provider?

Probably nothing. If you can dig/nslookup on your host from external
hosts, then it looks they don't need to do anything.

> what must I do at go daddy?

Make sure your primary domain has correctly configured ns names AND IP
addresses. I'd advice dig ns mydomain.com @a.gtld-servers.net (or any
other name server for your TLD)

> At go daddy I added ns1.mydomain.com and ns2.mydomain.com
> records and associate them to the two ips in its web
> interface.
> 
> At my vps panel I have an option to reverse address domain
> names, could it confuse dns?  Must I use this registers or
> must I leave it blank?  I case it is convenient setup a domain
> name at VPS dns, what can I put there? 

Those are the PTR records. For DNS you probably don't need them For
email you definitely do, for WWW probably not.

Regards,
 Torinthiel