Need Help with BIND9

techlists at techlists at
Mon Jun 14 21:23:34 UTC 2021

Thank You Mr. Haywood!!

On 2021-06-12 05:11, G.W. Haywood via bind-users wrote:
> Hi there,
> On Sat, 12 Jun 2021, techlists at wrote:
> Re: Need Help with BIND9
>> ...
>> The two domains I am working with on my SOHO home server are 1)
>>  and 2)
>> I setup first and configured BIND9 for it on the 
>> same
>> server.
>> To try to troubleshoot I configured on the same box,
>> however it uses Zoneedit for DNS. works as expected.
>> does not work which uses my local BIND9.
>> I've tried everything I can think of.  I've tested the config files, 
>> run
>> dig, and verified port 53 is open.
>> I took the zone file for from my VPS that runs 
>> Plesk
>> and previously hosted  I forgot to change the IP
>> addresses in the zone to my SOHO box and the website on my VPS was
>> accessible.  When I changed the IP addresses in the zone file to my 
>> box the website quit working.
>> I assumed this meant I had an Apache issue and that is when I added
>> to test Apache.  I've checked apache several times...
>> And I just checked it again.....
> Your problem statement is extremely vague and it seems to be telling
> me that you do not understand how the parts you're working with all
> fit together into a functioning whole.  You need to remedy that, or
> you'll be flailing around quite unnecessarily in a fog of technical
> terms and untested and/or broken configurations.  You might also need
> to work on your fault-finding skills, but they might not be the, er,
> root of the issue.

I appreciate your observations.

> Do you have the book "DNS and BIND"?  Old, but still very relevant.

No, however I did find part of that book and I am about 3/4 though 
chapter 4.  I'm learning a lot.

I started with the Ubuntu 20.04lts manual and I thought that would be 

>> ...
>> If you need any additional information let me know.
> There might be loads of it, but for now I think probably your best bet
> is to do some reading.


> The Web client (browser) needs to request its
> configured resolver (*may* be BIND) to supply an IP address which is
> associated with a domain name so it can send HTTP requests (packets)
> to the Web server (*may* be Apache) at that IP address.  To answer the
> queries from the Web client, the resolver needs to make queries of its
> own from a name server which *may* also be BIND - not necessarily the
> same instance.  In its turn, the resolver has to find IP addresses for
> name servers which will answer its queries.  The routes all need to be
> set up so *both* that the clients can talk to all the servers at the
> IP addresses involved in the conversations *and* that the DNS and Web
> servers can reply to the requesting clients.  You can see this happen,
> in nauseating detail if required, with a tool like Wireshark.  It's a
> good way to watch the traffic flowing (or not flowing, as the case may
> be) and I recommend that you spend some quality time doing just that.
> Note that the terms 'server' and 'client' can be misleading.  A server
> can become a client of another server when it needs information which
> it intends to return to a client of its own.  In my little description
> above for example, the resolver acts as a server when it serves an IP
> address to the browser, but as a client when it asks a name server for
> the IP address to serve to the client.  So it's sometimes best to look
> at the level of the individual request to decide what is acting as a
> server, and what is acting as a client.
> I see a nameserver response only for
> $ dig | grep ANSWER
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> $ dig +short
> I wouldn't run a port scan without your permission, but at the moment
> there seems to be no response from to ping and HTTP(S)
> (which might mean that you've switched off the box for the night...:)

Run a scan if you like.  I'd like to hear your feedback.  Currently I am 
using an old laptop as a server so I can learn.  I turn it off at night. 
  It is on right now.

> $ ping
> PING ( 56(84) bytes of data.
> ^C
> --- ping statistics ---
> 8 packets transmitted, 0 received, 100% packet loss, time 159ms
> $ telnet 80
> Trying
> telnet: Unable to connect to remote host: Connection timed out
> $ telnet 443
> Trying
> telnet: Unable to connect to remote host: Connection timed out

The server was probably turned off.

Thank you for your help!!

> --
> 73,
> Ged.
> _______________________________________________
> Please visit to
> unsubscribe from this list
> ISC funds the development of this software with paid support
> subscriptions. Contact us at for more
> information.
> bind-users mailing list
> bind-users at

More information about the bind-users mailing list