binding ip address to hostname

dns hostname bind centos apache-httpd

9,303

Solution 1

The steps they provide effectively set up caching name service:

zone "." {
    type hint;
    file "root.hints";
};

Serve DNS for the 192.168.1.0/24 and 127.0.0.0/8 netblock reverse DNS zones:

zone "0.0.127.in-addr.arpa" {
    type master;
    file "pz/127.0.0";
    allow-update { none; };
};

and

zone "1.168.192.in-addr.arpa" {
    type master;
    file "pz/192.168.1";
    allow-update { none; };
};

These are both wrapped in views so that only hosts from those two netblocks can resolve the DNS. It also hides the version of bind from remote queries:

zone "." {
    type hint;
    file "/dev/null";
};

You can provide the same by adding:

 127.0.0.1 localhost
 192.168.1.1 localhost

to /etc/hosts and removing/stopping any exisiting BIND services. Provided that they allow DNS queries out (which they will have to if they want to allow DNS recursion from the root hints zone, to provide a caching name server), then you can use an external DNS provider (such as Google) with:

 echo "nameserver 8.8.8.8" > /etc/resolv.conf

This should also be sufficient for apache to be to determine its hostname and save you the long winded process of creating a bind name server.

[EDIT] The OP has made these changes and still has issues. I suspect this is not related to the original issue, so will ask some additional questions.

If dig <domain-name>. @8.8.8.8 is giving the correct details then your External DNS is correct, and it most likely is internal ip config / routing / firewalls.

Does the output of ifconfig show interfaces with more than just 127.0.0.1 and 192.168.1.1? If it is just these, then something outside of your host NATs your address to your external IP, and MAY also decide what you are allowed in terms of open ports. If global-ip is your external IP address and appears in this list, then you may have to edit the Apache configuration to listen on that address as opposed to 192.168.1.x.

Do you have something like iptables installed? What does iptables -nvL INPUT show? (this has to be run as root, or via sudo). IPTables may be blocking incoming/outgoing requests.

[EDIT 2] The OP was interested in how DNS works.

A user on youtube has provided a basic DNS 101 video. which stands out as illustrative and straight forward enough to get the basics of DNS.

If you really want to understand DNS thoroughly the O'Reilly "Grashopper" book DNS and Bind 5th Edition is an excellent resource and also will teach you how to use in in conjuction with BIND.

Solution 2

Many domain registrars provide basic DNS services. If they do, then you just need to add an A record in their control panel. This does not require configuring your own DNS server, of which bind is one. Unless you are willing to spend the time learning how to prevent your DNS server from being an open relay, I would recommend using the registrar's service. It also saves you the effort of finding someone to provide your backup DNS server(s).

It is common to configure the IP address for the domain, and for one or more sub-domains. If I was registering a web-server for example.com, I would create an A for the example.com. and www.example.com.. The form may not require the domain to be entered.

If you are planning to run a email server, there are additional records types which should be created such as MX, TXT, and SPF. SPF records are often created as both TXT and SPF types, as older software will look for a TXT record. You should also get your IP address supplier to setup the PTR record to match the A record for your mail server.

For non email domains you may want to create a TXT record reading "v=spf1 -all". If possible, create an SPF record with the same content.

If you do decide to use bind, look for information on setting up a split server. Also review information on how to prevent serving recursive requests on the Internet.

9,303

cix.yong

Updated on September 18, 2022

Comments

cix.yong over 1 year

I just registered a domain name and paid for hosting with CentOS and I found that I had to do the binding myself following the lengthy steps http://www.linux-sxs.org/internet_serving/bind9.html

I was wondering, is there an easier way to do this binding? I thought by configuring the dns name in Apache should be enough, is that wrong?

Any feedbacks appreciated.
cix.yong over 10 years

thanks but no joy. /etc/hosts already has entry for 127.0.0.1 and global-ip maps to domain name. so, I just run echo "nameserver 8.8.8.8" > /etc/resolv.conf and reboot the server and web server. The domain name still unreachable, in addition I can not do wget or any internet connection to retrieve external resources. Tried dig <domain-name>. @8.8.8.8, too, and it works fine. Not sure where I did wrong.
Drav Sloan over 10 years

This sounds more like a NAT/firewall/routing issue than a DNS issue. What I've pointed out will replicate was described in that bind guide. I'll update my answer to include some more additional questions.
cix.yong over 10 years

Hi again. I just use global-ip (no 192.168.1.x) so ifconfig only shows 127.0.0.1 (in lo) and the global-ip in (venet0:0). For this testing, I have shutdown iptables (wget works now). I have configured Apache Tomcat to use global-ip (default port 8080). I can see the web page on http://<global-ip>:8080/ from browser but not on http://<domain-name>:8080/. Redoing it, I tried with domain-name instead of global-ip but get the same result.
Drav Sloan over 10 years

Does host domain-name return the same IP as global-ip? Because it sounds like there is a difference in the two. I'd also advice adding rules to allow wget traffic and access to your tomcat rather than disabling iptables all together.
cix.yong over 10 years

Host <domain-name> not found: 2(SERVFAIL) thanks anyway, since I have not much time left I guess I will have to go with @BillThor solution
Drav Sloan over 10 years

Which means the NS for <domain-name> is not being served. Do you get anything back from host -t soa <domain-name> or host -t ns <domain-name>? The records from NS tell you what DNS server should be serving the DNS (is the same as the global-ip?)
cix.yong over 10 years

the echo command you gave earlier wiped out the default ns provided by the hosting company. If I do both the above commands I get Host <domain-name> not found: 2(SERVFAIL). However, if I put back their ns (so now I have their ns & Google's), I still get SERVFAIL for soa but for ns I get 2 records <domain-name> name <the-company-ns-server>.
Drav Sloan over 10 years

Which means they have put NS (nameserver) records in place for your domain. They point the zone to <the-company-ns-server>, however those servers do not serve the DNS for your zone (and hence the servfail on the SOA - Start Of Authority). You will have to solve this issue to get your domains DNS working on the internet at large. @BillThor's solution (provided your provider allows DNS management) should allow you to create an A record that will make <domain-name> resolve.
cix.yong over 10 years

Thanks, @Drav Sloan. That would be the approach I will pursue. I wonder why they give me the long instructions to setup bind9
Drav Sloan over 10 years

Whois and the .com nameservers point to namservers at mochahost.com for your domain. However on querying those nameservers they return no DNS (soa/ns) and so the DNS does not work. OpenDNS does serve this zone, but you will have to update whois or get mochahost.com to serve some NS records to point to openDNS to get that to work. As to your other question, installing your own bind (and pointing whois and or NS) to your bind means you can then change your DNS records without having to rely on third party tools/service provider portals.
cix.yong over 10 years

sorry, I have to delete the earlier comment, inadvertently revealing unexpected information
cix.yong over 10 years

Also, you have been so helpful. Thanks a lot. I need to find some reading material to better understand this DNS, domain name, etc. Meantime, I go with Control Panel. I have to upgrade my plan to get that as my current one does not support it.