binding ip address to hostname
Solution 1
The steps they provide effectively set up caching name service:
zone "." {
type hint;
file "root.hints";
};
Serve DNS for the 192.168.1.0/24 and 127.0.0.0/8 netblock reverse DNS zones:
zone "0.0.127.in-addr.arpa" {
type master;
file "pz/127.0.0";
allow-update { none; };
};
and
zone "1.168.192.in-addr.arpa" {
type master;
file "pz/192.168.1";
allow-update { none; };
};
These are both wrapped in views so that only hosts from those two netblocks can resolve the DNS. It also hides the version of bind from remote queries:
zone "." {
type hint;
file "/dev/null";
};
You can provide the same by adding:
127.0.0.1 localhost
192.168.1.1 localhost
to /etc/hosts
and removing/stopping any exisiting BIND services. Provided that they allow DNS queries out (which they will have to if they want to allow DNS recursion from the root hints zone, to provide a caching name server), then you can use an external DNS provider (such as Google) with:
echo "nameserver 8.8.8.8" > /etc/resolv.conf
This should also be sufficient for apache to be to determine its hostname and save you the long winded process of creating a bind name server.
[EDIT] The OP has made these changes and still has issues. I suspect this is not related to the original issue, so will ask some additional questions.
If dig <domain-name>. @8.8.8.8
is giving the correct details then your External DNS is correct, and it most likely is internal ip config / routing / firewalls.
Does the output of ifconfig
show interfaces with more than just 127.0.0.1 and 192.168.1.1? If it is just these, then something outside of your host NATs your address to your external IP, and MAY also decide what you are allowed in terms of open ports. If global-ip
is your external IP address and appears in this list, then you may have to edit the Apache configuration to listen on that address as opposed to 192.168.1.x.
Do you have something like iptables
installed? What does iptables -nvL INPUT
show? (this has to be run as root, or via sudo
). IPTables may be blocking incoming/outgoing requests.
[EDIT 2] The OP was interested in how DNS works.
A user on youtube has provided a basic DNS 101 video. which stands out as illustrative and straight forward enough to get the basics of DNS.
If you really want to understand DNS thoroughly the O'Reilly "Grashopper" book DNS and Bind 5th Edition is an excellent resource and also will teach you how to use in in conjuction with BIND.
Solution 2
Many domain registrars provide basic DNS services. If they do, then you just need to add an A
record in their control panel. This does not require configuring your own DNS server, of which bind
is one. Unless you are willing to spend the time learning how to prevent your DNS server from being an open relay, I would recommend using the registrar's service. It also saves you the effort of finding someone to provide your backup DNS server(s).
It is common to configure the IP address for the domain, and for one or more sub-domains. If I was registering a web-server for example.com
, I would create an A
for the example.com.
and www.example.com.
. The form may not require the domain to be entered.
If you are planning to run a email server, there are additional records types which should be created such as MX
, TXT
, and SPF
. SPF records are often created as both TXT
and SPF
types, as older software will look for a TXT
record. You should also get your IP address supplier to setup the PTR record to match the A
record for your mail server.
For non email domains you may want to create a TXT
record reading "v=spf1 -all". If possible, create an SPF record with the same content.
If you do decide to use bind
, look for information on setting up a split server. Also review information on how to prevent serving recursive requests on the Internet.
Related videos on Youtube
cix.yong
Updated on September 18, 2022Comments
-
cix.yong over 1 year
I just registered a domain name and paid for hosting with CentOS and I found that I had to do the binding myself following the lengthy steps http://www.linux-sxs.org/internet_serving/bind9.html
I was wondering, is there an easier way to do this binding? I thought by configuring the dns name in Apache should be enough, is that wrong?
Any feedbacks appreciated.
-
cix.yong over 10 yearsthanks but no joy.
/etc/hosts
already has entry for127.0.0.1
andglobal-ip
maps todomain name
. so, I just runecho "nameserver 8.8.8.8" > /etc/resolv.conf
and reboot the server and web server. The domain name still unreachable, in addition I can not dowget
or any internet connection to retrieve external resources. Trieddig <domain-name>. @8.8.8.8
, too, and it works fine. Not sure where I did wrong. -
Drav Sloan over 10 yearsThis sounds more like a NAT/firewall/routing issue than a DNS issue. What I've pointed out will replicate was described in that bind guide. I'll update my answer to include some more additional questions.
-
cix.yong over 10 yearsHi again. I just use
global-ip
(no 192.168.1.x) soifconfig
only shows127.0.0.1
(in lo) and theglobal-ip
in (venet0:0). For this testing, I have shutdowniptables
(wget works now). I have configuredApache Tomcat
to useglobal-ip
(default port 8080). I can see the web page onhttp://<global-ip>:8080/
from browser but not onhttp://<domain-name>:8080/
. Redoing it, I tried withdomain-name
instead ofglobal-ip
but get the same result. -
Drav Sloan over 10 yearsDoes
host domain-name
return the same IP asglobal-ip
? Because it sounds like there is a difference in the two. I'd also advice adding rules to allow wget traffic and access to your tomcat rather than disabling iptables all together. -
cix.yong over 10 years
Host <domain-name> not found: 2(SERVFAIL)
thanks anyway, since I have not much time left I guess I will have to go with @BillThor solution -
Drav Sloan over 10 yearsWhich means the NS for <domain-name> is not being served. Do you get anything back from
host -t soa <domain-name>
orhost -t ns <domain-name>
? The records from NS tell you what DNS server should be serving the DNS (is the same as the global-ip?) -
cix.yong over 10 yearsthe
echo
command you gave earlier wiped out the default ns provided by the hosting company. If I do both the above commands I getHost <domain-name> not found: 2(SERVFAIL)
. However, if I put back their ns (so now I have their ns & Google's), I still get SERVFAIL forsoa
but forns
I get 2 records<domain-name> name <the-company-ns-server>.
-
Drav Sloan over 10 yearsWhich means they have put NS (nameserver) records in place for your domain. They point the zone to
<the-company-ns-server>
, however those servers do not serve the DNS for your zone (and hence the servfail on the SOA - Start Of Authority). You will have to solve this issue to get your domains DNS working on the internet at large. @BillThor's solution (provided your provider allows DNS management) should allow you to create an A record that will make<domain-name>
resolve. -
cix.yong over 10 yearsThanks, @Drav Sloan. That would be the approach I will pursue. I wonder why they give me the long instructions to setup bind9
-
Drav Sloan over 10 yearsWhois and the .com nameservers point to namservers at mochahost.com for your domain. However on querying those nameservers they return no DNS (soa/ns) and so the DNS does not work. OpenDNS does serve this zone, but you will have to update whois or get mochahost.com to serve some NS records to point to openDNS to get that to work. As to your other question, installing your own bind (and pointing whois and or NS) to your bind means you can then change your DNS records without having to rely on third party tools/service provider portals.
-
cix.yong over 10 yearssorry, I have to delete the earlier comment, inadvertently revealing unexpected information
-
cix.yong over 10 yearsAlso, you have been so helpful. Thanks a lot. I need to find some reading material to better understand this DNS, domain name, etc. Meantime, I go with Control Panel. I have to upgrade my plan to get that as my current one does not support it.