problem in configuring dns

skym4n

New member
Joined
Aug 1, 2020
Messages
29
Location
Brazil
Honestly I don't understand why it is so difficult to configure DirectAdmin.

I've done all the dns configuration inside the panel and also in my domain, but it doesn't work.

I don't know if it has to, but I had the following problem.

[root@servidor etc]# nmap -p 53 192.99.47.145

Starting Nmap 6.40 ( http://nmap.org ) at 2020-08-01 10:37 -03
Nmap scan report for servidor.radionainternet.com (192.99.47.145)
Host is up (0.000090s latency).
PORT STATE SERVICE
53/tcp closed domain


but I entered the named settings, put my ip in listen and it was resolved, see

[root@servidor etc]# nmap -p 53 192.99.47.145

Starting Nmap 6.40 ( http://nmap.org ) at 2020-08-01 10:51 -03
Nmap scan report for servidor.radionainternet.com (192.99.47.145)
Host is up (0.00010s latency).
PORT STATE SERVICE
53/tcp open domain

is there any other type of block? because I can't configure it for anything ... I've read several tutorials but it doesn't work.
------


wanted to know what am i doing wrong? honestly i never had this kind of problem with the cPanel or CWP panel.

It is already the second time that I try to use directadmin and give up in the settings part.

can someone help me to know where i am going wrong? I believe it shouldn't be that hard.
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,722
Well my suggestion as always is to know how to do everything via command line before trying to use ANY control panel. That way when something goes wrong, and it will with ANY control panel, you will know how to find a resolution.

The domain radionainternet.com points to ns1.radionainternet.com and ns2.radionainternet.com Are these registered nameservers?
There are no A records for them.

I queried the nameserver directly and it does answer with an empty result so there is no block. You simply have not added the domain yet.
 

skym4n

New member
Joined
Aug 1, 2020
Messages
29
Location
Brazil
my child name servers seettins in domain.
APONTAMENtos_ip_dominio.png
domain radionainternet.com created
conta_criada.png
dns settings in domain dns zone
dns_radionainternet.com.png

DNS records seeting in hostiname zone
dns_servidorradionainternet.png
bind open
resutlado_bind.png


I believe that I don't need to do anything besides these right settings?
Is there anything else missing? I already looked at the settings via ssh and they are also correct.
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,722
Code:
grep radionainternet.com /etc/named.conf
cat /var/named/radionainternet.com.db
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,722
The first lines of /etc/named.conf should be this:

Code:
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html

options {
        allow-transfer { none; };
        //listen-on port 53 { 127.0.0.1; };
        //listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        recursing-file  "/var/named/data/named.recursing";
        secroots-file   "/var/named/data/named.secroots";
        //allow-query     { localhost; };

        /*
         - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
         - If you are building a RECURSIVE (caching) DNS server, you need to enable
           recursion.
         - If your recursive DNS server has a public IP address, you MUST enable access
           control to limit queries to your legitimate users. Failing to do so will
           cause your server to become part of large scale DNS amplification
           attacks. Implementing BCP38 within your network would greatly
           reduce such attack surface
        */
        //recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";

        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,722
Let's narrow down the messages a little:

Code:
grep radionainternet.com /var/log/messages | grep -v query
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,722
resolv.conf doesn't really have anything to do with this. But mine is simply:

Code:
nameserver 8.8.8.8
nameserver 8.8.4.4
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,722
You have allow-query set to only respond to queries from this server. Nobody else can ask it for information. Why did you change the defaults?
 

skym4n

New member
Joined
Aug 1, 2020
Messages
29
Location
Brazil
@floyd I didn't make any changes.
By default or the named was already with these settings, I just added my ip, because I thought this was the problem.

It seems that the automatic installation of directadmin has a problem with the standard configuration of the bind.
 
Top