Need Help with BIND9

techlists at phpcoderusa.com techlists at phpcoderusa.com
Mon Jun 14 21:23:34 UTC 2021


Thank You Mr. Haywood!!

On 2021-06-12 05:11, G.W. Haywood via bind-users wrote:
> Hi there,
> 
> On Sat, 12 Jun 2021, techlists at phpcoderusa.com wrote:
> 
> Re: Need Help with BIND9
> 
>> ...
>> The two domains I am working with on my SOHO home server are 1)
>> keiththewebguy.com  and 2) phpcodetest.com.
>> 
>> I setup keiththewebguy.com first and configured BIND9 for it on the 
>> same
>> server.
>> 
>> To try to troubleshoot I configured phpcodetest.com on the same box,
>> however it uses Zoneedit for DNS.  phpcodetest.com works as expected.
>> 
>> keiththewebguy.com does not work which uses my local BIND9.
>> 
>> I've tried everything I can think of.  I've tested the config files, 
>> run
>> dig, and verified port 53 is open.
>> 
>> I took the zone file for keiththewebguy.com from my VPS that runs 
>> Plesk
>> and previously hosted keiththewebguy.com.  I forgot to change the IP
>> addresses in the zone to my SOHO box and the website on my VPS was
>> accessible.  When I changed the IP addresses in the zone file to my 
>> SOHO
>> box the website quit working.
>> 
>> I assumed this meant I had an Apache issue and that is when I added
>> phpcodetest.com to test Apache.  I've checked apache several times...
>> And I just checked it again.....
> 
> Your problem statement is extremely vague and it seems to be telling
> me that you do not understand how the parts you're working with all
> fit together into a functioning whole.  You need to remedy that, or
> you'll be flailing around quite unnecessarily in a fog of technical
> terms and untested and/or broken configurations.  You might also need
> to work on your fault-finding skills, but they might not be the, er,
> root of the issue.

I appreciate your observations.

> 
> Do you have the book "DNS and BIND"?  Old, but still very relevant.

No, however I did find part of that book and I am about 3/4 though 
chapter 4.  I'm learning a lot.

https://www.oreilly.com/library/view/dns-and-bind/0596100574/ch04.html

I started with the Ubuntu 20.04lts manual and I thought that would be 
enough.

> 
>> ...
>> If you need any additional information let me know.
> 
> There might be loads of it, but for now I think probably your best bet
> is to do some reading.

Agree.

> The Web client (browser) needs to request its
> configured resolver (*may* be BIND) to supply an IP address which is
> associated with a domain name so it can send HTTP requests (packets)
> to the Web server (*may* be Apache) at that IP address.  To answer the
> queries from the Web client, the resolver needs to make queries of its
> own from a name server which *may* also be BIND - not necessarily the
> same instance.  In its turn, the resolver has to find IP addresses for
> name servers which will answer its queries.  The routes all need to be
> set up so *both* that the clients can talk to all the servers at the
> IP addresses involved in the conversations *and* that the DNS and Web
> servers can reply to the requesting clients.  You can see this happen,
> in nauseating detail if required, with a tool like Wireshark.  It's a
> good way to watch the traffic flowing (or not flowing, as the case may
> be) and I recommend that you spend some quality time doing just that.
> 
> Note that the terms 'server' and 'client' can be misleading.  A server
> can become a client of another server when it needs information which
> it intends to return to a client of its own.  In my little description
> above for example, the resolver acts as a server when it serves an IP
> address to the browser, but as a client when it asks a name server for
> the IP address to serve to the client.  So it's sometimes best to look
> at the level of the individual request to decide what is acting as a
> server, and what is acting as a client.
> 
> I see a nameserver response only for phpcodetest.com:
> 
> $ dig keiththewebguy.com | grep ANSWER
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> $ dig +short phpcodetest.com
> 98.191.108.149
> 
> I wouldn't run a port scan without your permission, but at the moment
> there seems to be no response from 98.191.108.149 to ping and HTTP(S)
> (which might mean that you've switched off the box for the night...:)
> 

Run a scan if you like.  I'd like to hear your feedback.  Currently I am 
using an old laptop as a server so I can learn.  I turn it off at night. 
  It is on right now.


> $ ping 98.191.108.149
> PING 98.191.108.149 (98.191.108.149) 56(84) bytes of data.
> ^C
> --- 98.191.108.149 ping statistics ---
> 8 packets transmitted, 0 received, 100% packet loss, time 159ms
> $ telnet 98.191.108.149 80
> Trying 98.191.108.149...
> telnet: Unable to connect to remote host: Connection timed out
> $ telnet 98.191.108.149 443
> Trying 98.191.108.149...
> telnet: Unable to connect to remote host: Connection timed out

The server was probably turned off.

Thank you for your help!!

> 
> HTH
> 
> --
> 
> 73,
> Ged.
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
> 
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
> 
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users


More information about the bind-users mailing list