Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 12
I am trying to setup a DNS server to resolve domain names on the internet, a nameserver, I host a few websites and at the moment I'm paying someone else ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2007
    Posts
    21

    reverse DNS


    I am trying to setup a DNS server to resolve domain names on the internet, a nameserver, I host a few websites and at the moment I'm paying someone else to host my DNS, I want to now do it myself on my server (running apache2, and vsftp on it already)

    I am using SUSE, and BIND9 for the DNS, I have set everything up already but when I perform a DNS ticket update, they keep emailing me to say that the DNS is not delegated properly, and the following errors:

    The Nameserver at 1.2.3.4 (server1.mydomain.co.za ??) does not appear
    to have a reverse DNS entry. This means that this nameserver does not
    comply with 'co.za' registration policies and can not currently be used.


    Syntax/Cross-Checking provided info for Nameserver at 6a: server1.mydomain.co.za @ 1.2.3.4
    IPv4: 1.2.3.4 ==> [WARN: No PTR records!]
    FQDN: server1.mydomain.co.za ==> [WARN: No A records!]


    I have tried to test the DNS from my side and I dont get these errors, I can also go into my browser on the server and type in mydomain.co.za and it resolves to my server, but it doesnt work from any other machines on the internet, even machines in my LAN.

    Thanks
    Pat

  2. #2
    Just Joined!
    Join Date
    Feb 2008
    Posts
    1
    Have you created a PTR entry?

  3. #3
    Just Joined!
    Join Date
    May 2007
    Posts
    21

    PTR entry

    This is what I did, I'm not sure if I missed something, firstly I setup the xone sections in named as follows:

    zone "mydomain.co.za " {
    type master;
    file "zone/mydomain.co.za.zone";
    };

    zone "4.3.2.in-addr.arpa" in {
    type master;
    file "zone/4.3.2.zone";
    };


    then in my zone files I did the following:

    $TTL 3D
    mydomain.co.za. IN SOA server1.mydomain.co.za. root.mydomain.co.za. (
    42 ; serial (d. adams)
    2D ; refresh
    4H ; retry
    6W ; expiry
    1W ) ; minimum
    server1 IN A 1.2.3.4
    server2 IN A 1.2.3.4
    @ IN NS server1.mydomain.co.za.
    @ IN MX 10 server1.mydomain.co.za.
    ftp IN CNAME server1
    mail IN CNAME server1
    www IN CNAME server1


    $TTL 3D
    @ IN SOA server1.mydomain.co.za. root.mydomain.co.za. (
    42 ; serial (d. adams)
    8H ; refresh
    2H ; retry
    4W ; expiry
    1D ) ; minimum
    IN NS server1.mydomain.co.za.
    IN NS server2.mydomain.co.za.
    server1 IN A 1.2.3.4
    server2 IN A 1.2.3.5
    66 IN PTR server1.mydomain.co.za.
    67 IN PTR server2.mydomain.co.za.


    then I stared named, I get no errors in the messages log file, everything appears to work when tested and accessed on the server, but I keep being sent the previously mentioned error emails.

  4. #4
    Linux Engineer rcgreen's Avatar
    Join Date
    May 2006
    Location
    the hills
    Posts
    1,134
    Do you have a fixed IP address? If not, when people on the net
    try to do a reverse lookup on your server, they will not get
    your domain name, but that of your ISP. As a result, most people
    will regard your name server as bogus.

  5. #5
    Just Joined!
    Join Date
    May 2007
    Posts
    21

    Fixed IP

    Yes I do have a fixed IP, and I have tested it with vsftp and httpd, using the IP in the browser address bar, that side of things works.

    Any other suggestions

  6. #6
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,672

    Yes I do have a fixed IP, and I have tested it with vsftp and httpd, using the IP in the browser address bar, that side of things works.
    By fixed I believe the other poster is referring to a Static Address, one that is not assigned via DHCP. What you did proves nothing as every IP Address on the internet you can plug into the browser and if there is a http server at that address it will connect.

    Check with the ISP and ensure that they have delegated your IP Addresses to your server. If they have not done this then you will have to get them to host your reverse records for you. If they do not allow you to run your own server then they will not host or forward reverse requests to you.

    Only options i see then are either buy a business class connection that allows you to do what you want to or move your servers off to a site where they will allow you to host your own or they host them for you.

    Also I would suggest that you check your zones and configuration with

    named-checkconfig
    named-checkzone


    It seems there are a lot of how-to's out there and none of then seem to tell you to check your work. MAN them to see how to use them.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  7. #7
    Just Joined!
    Join Date
    May 2007
    Posts
    21
    I do have a business connection with fixed/static IP addresses, my machine does not connect to a DHCP server to get an address, I can restart everything at my place and it will still work on the same Static IP address.

    Even though I do have static IP's, could there still be a problem on the ISP side of things?

    Thanks for the tip on the zone checker, I will use that and see what happens

  8. #8
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,672
    First sorry for the late reply.

    If you ISP is not forwarding you the reverse lookups for you IP Addresses then you need to ask them if they can do this and/or have then host your reverse lookups for you.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  9. #9
    Just Joined!
    Join Date
    May 2007
    Posts
    21
    Hi Robert

    No worries about the delay, I get slightly overwhelmed at times too.

    Is there anyway to test whether my ISP is forwarding the reverse lookups for my IP address? The ISP helpdesk is not very clued up and I have often been on the phone for several hours at a time trying to get through to somebody who knows how to help (I'm not joking about the several hours either) before I take that route I would like to check it myself if thats possible.

    Thanks
    Pat

  10. #10
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,672
    I wold do a dig on the reverse lookup using their DNS server like this

    Code:
    DIG -x @<ISP> <IP>
    Replace <ISP> with your ISP DNS Server
    Replace <IP> with your IP Address

    And see what that gives you. If it gives you something other then what you expect then you would be safe in saying that they do not forward reverse lookups for your IP.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •