Setting up nameserver - bind [FreeBSD]
Assuming that your question is "how can I get this to work", I think you're missing something fundamental here.
The NS records point (indirectly) to IP addresses of DNS servers which hold the DNS records of that domain. In your case these are [ns1, ns2, ns3, ns4]. So any client which looks up your domain name is expecting to find answers at one of these addresses, however they don't have the answer because you've set up the DNS records for your domain on your own VPS.
This means you need to do one of two things: You either need to have those 4 servers holding your DNS records, or you need to change the NS records to point to your VPS.
Assuming that those nameservers have been provided by your VPS provider, you usually get provided with a web frontend so you can add and modify records. In this case, you don't need to have BIND running on your VPS at all.
If you want your server's BIND to be the DNS server for your domain then the NS record for the domain must point to your VPS's IP address. Note that you're usually required to have at least two (different) NS records for the domain, so you may require two IP addresses for your VPS.
Related videos on Youtube
Admin
Updated on September 17, 2022Comments
-
Admin over 1 year
First of all sorry for bad English.
I'm a newcomer to FreeBSD, and I'm going to like it. Before I tried FreeBSD, I had a Linux VPS (My ISP set it up for me). I decide to drop it in favor of FreeBSD and installed FreeBSD from scratch on VMWare ESXi 4.0 (My ISP just offers Linux VPS, but they agreed to let me set it up myself).
The problem is I know nothing about setting up DNS and Nameserver. (I'm just a web developer, my knowledge in network-related stuff is zero or less)
I followed this guide to setup bind nameserver: http://www.freebsd.org/doc/handbook/network-dns.html
The Server Spec:
91.194.91.7 ns1.babaei.net 91.194.90.11 ns2.babaei.net 91.194.90.12 ns3.babaei.net 193.200.241.6 ns4.babaei.net 93.104.209.252
My settings in Directi domain panel:
http://forums.freebsd.org/attachment.php?attachmentid=696&d=1264193553
/etc/hosts
::1 localhost localhost.babaei.net 127.0.0.1 localhost localhost.babaei.net 91.194.91.7 3rr0r.babaei.net 3rr0r 91.194.91.7 3rr0r.babaei.net.
/etc/resolv.conf
domain babaei.net search babaei.net nameserver 127.0.0.1 nameserver 91.194.90.11 nameserver 93.104.209.252 nameserver 193.200.241.6 nameserver 91.194.90.12
I edit /etc/rc.conf:
named_enable="YES"
/etc/namedb/named.conf
zone "babaei.net" { type master; file "master/babaei.net"; }; zone "1.168.192.in-addr.arpa" { type slave; file "slave/1.168.192.in-addr.arpa"; masters { 192.168.1.1; }; };
/etc/namedb/master/babaei.net
$TTL 3600 ; 1 hour default TTL babaei.net. IN SOA ns1.babaei.net. root.babaei.net. ( 2010012208 ; Serial 10800 ; Refresh 3600 ; Retry 604800 ; Expire 300 ; Negative Reponse TTL ) ; DNS Servers IN NS ns1.babaei.net. IN NS ns2.babaei.net. IN NS ns3.babaei.net. IN NS ns4.babaei.net. ; MX Records IN MX 10 mx.babaei.net. IN MX 20 mail.babaei.net. IN A 91.194.91.7 ; Machine Names localhost IN A 127.0.0.1 ns1 IN A 91.194.90.11 ns2 IN A 93.104.209.252 ns3 IN A 193.200.241.6 ns4 IN A 91.194.90.12 mx IN A 91.194.91.7 mail IN A 91.194.91.7 ; Aliases www IN CNAME babaei.net.
/etc/namedb/slave/1.168.192.in-addr.arpa
$TTL 3600 1.168.192.in-addr.arpa. IN SOA ns1.babaei.net. root.babaei.net. ( 2010012208 ; Serial 10800 ; Refresh 3600 ; Retry 604800 ; Expire 300 ) ; Negative Reponse TTL IN NS ns1.babaei.net. IN NS ns2.babaei.net. IN NS ns3.babaei.net. IN NS ns4.babaei.net. 1 IN PTR babaei.net. 2 IN PTR ns1.babaei.net. 3 IN PTR ns2.babaei.net. 4 IN PTR ns3.babaei.net. 5 IN PTR ns4.babaei.net. 6 IN PTR mx.babaei.net. 7 IN PTR mail.babaei.net. # named-checkzone babaei.net /etc/namedb/master/babaei.net zone babaei.net/IN: loaded serial 2010012208 OK # /etc/rc.d/named reload // or # rndc reload
When I tried this from the VPS itself:
# host -t ns babaei.net babaei.net name server ns4.babaei.net. babaei.net name server ns2.babaei.net. babaei.net name server ns3.babaei.net. babaei.net name server ns1.babaei.net. # dig ns "babaei.net" "@localhost" ; <<>> DiG 9.6.1-P1 <<>> ns babaei.net @localhost ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63012 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 4 ;; QUESTION SECTION: ;babaei.net. IN NS ;; ANSWER SECTION: babaei.net. 3600 IN NS ns2.babaei.net. babaei.net. 3600 IN NS ns1.babaei.net. babaei.net. 3600 IN NS ns3.babaei.net. babaei.net. 3600 IN NS ns4.babaei.net. ;; ADDITIONAL SECTION: ns1.babaei.net. 3600 IN A 91.194.90.11 ns2.babaei.net. 3600 IN A 93.104.209.252 ns3.babaei.net. 3600 IN A 193.200.241.6 ns4.babaei.net. 3600 IN A 91.194.90.12 ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sun Jan 24 01:28:49 2010 ;; MSG SIZE rcvd: 164
I tried this for 7 days, and still I can't browse my website:
http://checkdns.net/quickcheck.aspx?...net&detailed=1 Tried to fetch SOA record for domain, but DNS server ns1.babaei.net [91.194.90.11] returned error code Refused Error fetching SOA from ns2.babaei.net [93.104.209.252]: Connection reset. Probably DNS server is offline. Tried to fetch SOA record for domain, but DNS server ns3.babaei.net [193.200.241.6] returned error code Refused Tried to fetch SOA record for domain, but DNS server ns4.babaei.net [91.194.90.12] returned error code Refused
It's an rock-solid OS and I didn't want to ignore it just because I can't setup DNS in bind or my ISP doesn't support FreeBSD.
And if related this is my /usr/local/etc/lighttpd.conf
$HTTP["host"] =~ "(^|\.)babaei\.net$" { server.document-root = "...../www" server.errorlog = "...../_error.log" accesslog.filename = "...../_access.log" server.error-handler-404 = "/_404.html" }
I also posted similar question here:
http://forums.freebsd.org/showthread.php?t=10593
Thanks in Advance.
#EDIT:
Finally it works:
I just changed everything to VPS IP itself:
ns1 IN A 91.194.91.7 ns2 IN A 91.194.91.7 ns3 IN A 91.194.91.7 ns4 IN A 91.194.91.7
(This happens in domain panel also).
I also needed to change this line in
/etc/namedb/named.conf
// listen-on { 127.0.0.1; }; // Changed to: listen-on { 91.194.91.7; };
or simply it's not working.
I added
/etc/rc.conf
sendmail_enable="YES"
or I'll get:
error connecting to mail server port 25 : connection refused.
I'm still waiting till DNS databases across the NET is updating.
http://checkdns.net/quickcheck.aspx?domain=www.babaei.net&detailed=1
That's a shame!! They told me these IP's are authoritative for my domain, But it's not. I think these are my ISP's DNS Server, since I can browse them by a browser. I really don't know how they can handle this, But I'm happy for now.
-
John Gardeniers over 14 yearsWhat's your question?
-
Admin over 14 yearsI think it's obvious!! it's not working. My domain does not point to my vps.
-
-
Admin over 14 yearsThanks for the answer. I did exactly what you said, but still nothing happening.
-
Admin over 14 yearsWell that's exactly what's confused me!! Yes I have an VPS with different IP than nameservers. and my VPS isn't one of them. (And as I said I know nothing about dns and nameserver). The funny thing is when you enter these IP's in the browser, it seems these IPs are in used somewhere else: 91.194.90.11 91.194.90.12 193.200.241.6 93.104.209.252 I'm sorry Your answer is not seems clear to me. As I understood: 1. I must setup DNS server, and NS server 2. I must be slave zone of My ISP's DNS Server (They must be master zone) I'll be appreciated if you can correct me.
-
bortzmeyer over 14 yearsThe explanation by hmallett is the right one. None of the four listed name servers is authoritative for babaei.net I assume that you simply forgot to configure them. Who manages these four boxes. He or she has to do something, it won't appear automagically.
-
bortzmeyer over 14 yearsWrong explanation (the A record is already there, the problem is a problem of delegation, not data).
-
Admin over 14 yearstnx for the answer. My ISP manages these IPs and they said these IP's are free and I can use them. I already paid them for these IPs. Excuse me but how can you check these IPs that they are authoritative or not?
-
Admin about 14 yearsThank you all guys, with your help I've found the answer. I edited the original question and described what I've found. tnx again!!