2

I have followed multiple online tutorials on setting this up, it is BIND9 on a debian server.

It is the only server I have, so it is acting as both ns1, ns1, and the server they domain name should point to itself.

It all appears to be working and when I dig the domain name from the server itself I get (what seems to me) the correct output:

; <<>> DiG 9.7.3 <<>> theonetekkit.com.au ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18593 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION: ;theonetekkit.com.au. IN A

;; ANSWER SECTION: theonetekkit.com.au. 3000 IN A 103.4.17.189

;; AUTHORITY SECTION: theonetekkit.com.au. 3000 IN NS ns1.theonetekkit.com.au. theonetekkit.com.au. 3000 IN NS ns2.theonetekkit.com.au.

;; ADDITIONAL SECTION: ns1.theonetekkit.com.au. 3000 IN A 103.4.17.189 ns2.theonetekkit.com.au. 3000 IN A 103.4.17.189

;; Query time: 15 msec ;; SERVER: 103.4.17.189#53(103.4.17.189) ;; WHEN: Wed Nov 7 02:12:58 2012 ;; MSG SIZE rcvd: 121

When I dig it from another server / computer, however, I am getting a problem:

; <<>> DiG 9.7.3 <<>> theonetekkit.com.au ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 56637 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION: ;theonetekkit.com.au. IN A

;; Query time: 22 msec ;; SERVER: 103.4.16.166#53(103.4.16.166) ;; WHEN: Wed Nov 7 02:12:40 2012 ;; MSG SIZE rcvd: 37

I have given it more than enough time for the records to be refreshed since setting up the DNS server, so I don't know what would be causing this.

Any ideas?

Thanks

Improve this question

2 Answers 2

Reset to default
0

Your bind setup is correct.

However, you have to update domain registration record with your new NS server.

Right now the whois record still shows followings as your NS

ns2.my-dns-zone.com
ns1.my-dns-zone.com
ns3.my-dns-zone.com
Improve this answer
3
  • Thankyou, I thought this would be the case, and I contacted the registrar to get them to correct it and they told me they thought it was a problem with my DNS... I will get back in contact with them and see if we can't sort it out...
    – Nick Duffell
    Commented Nov 7, 2012 at 5:30
  • I try dig @103.4.17.189 theonetekkit.com.au and your dns works. One possible problem is both ns1 and ns2 have the same ip. Their domain registration front end maybe rejecting the update. Maybe they need to do a manual override.
    – John Siu
    Commented Nov 7, 2012 at 5:39
  • Yes, you should get basically the same as in the original post. I just found a spot on the website I could change this, I contacted them before to change it because I couldn't find it and they said they did... Guess not, so I just need to wait for the change to go through and it should work. It doesn't look like the front end is having problems with the IP being the same. Thanks again!
    – Nick Duffell
    Commented Nov 7, 2012 at 5:57
0

Look at the last line - after Query time:. In your first example dig is querying the name server 103.4.17.189 and in the second example it's querying 103.4.16.166. Each query is going to a different name server!

I take it that you want the former (103.4.17.189) to be your actual nameserver. In which case, for some reason, dig is being directed to satisfy the DNS request at the wrong server.

So you need to modify the DNS for the parent zone. In this case the parent zone for theonetekkit.com.au is com.au - this zone is controlled by AUDA but the good news is that your registrar will provide you the ability to modify, at minimum, the NS entries for your domain name there. Point them to your DNS servers.

According to various RFCs, you are supposed to have two DNS servers for any domain name in the global domain system, and these are supposed to have different IP addresses and be in different topological locations (to put it simply, different ISPs). The extent to which your registrar will let you bend these rules may vary - registrars as a general rule usually enforce that there are at least two differently named nameservers.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .