Sorry to bring this up again, but I did some reading here: http://www.tldp.org/HOWTO/DNS-HOWTO-3.html and did the tests mentioned on the page, that resulted in this:
; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.4 <<>> -x 127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46671 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 3 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;1.0.0.127.in-addr.arpa. IN PTR ;; ANSWER SECTION: 1.0.0.127.in-addr.arpa. 86400 IN PTR localhost. ;; AUTHORITY SECTION: 127.in-addr.arpa. 86400 IN NS localhost. ;; ADDITIONAL SECTION: localhost. 604800 IN A 127.0.0.1 localhost. 604800 IN AAAA ::1 ;; Query time: 0 msec ;; SERVER: 116.93.119.119#53(116.93.119.119) ;; WHEN: Sun Oct 02 11:38:46 CDT 2016 ;; MSG SIZE rcvd: 132
And this ";; SERVER: 116.93.119.119#53(116.93.119.119)" is my Public IP not used (I thought) according to Virtualmin...
[root@ns1 ~]# dig pat.uio.no ; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.4 <<>> pat.uio.no ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26462 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;pat.uio.no. IN A ;; ANSWER SECTION: pat.uio.no. 21599 IN A 129.240.6.150 ;; AUTHORITY SECTION: . 207 IN NS j.root-servers.net. . 207 IN NS l.root-servers.net. . 207 IN NS k.root-servers.net. . 207 IN NS i.root-servers.net. . 207 IN NS a.root-servers.net. . 207 IN NS f.root-servers.net. . 207 IN NS c.root-servers.net. . 207 IN NS h.root-servers.net. . 207 IN NS e.root-servers.net. . 207 IN NS b.root-servers.net. . 207 IN NS g.root-servers.net. . 207 IN NS m.root-servers.net. . 207 IN NS d.root-servers.net. ;; Query time: 375 msec ;; SERVER: 116.93.119.119#53(116.93.119.119) ;; WHEN: Sun Oct 02 11:39:49 CDT 2016 ;; MSG SIZE rcvd: 266
Now that site says If I get the above responses it's working as a Nameserver....
And Out of curiosity I did my IP for my server (Forum) and got this:
; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.4 <<>> -x 116.93.120.121 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2944 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 7, ADDITIONAL: 8 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;121.120.93.116.in-addr.arpa. IN PTR ;; ANSWER SECTION: 121.120.93.116.in-addr.arpa. 2285 IN PTR ns1.android-x86.net. ;; AUTHORITY SECTION: 116.in-addr.arpa. 48360 IN NS tinnie.arin.net. 116.in-addr.arpa. 48360 IN NS apnic1.dnsnode.net. 116.in-addr.arpa. 48360 IN NS ns3.apnic.net. 116.in-addr.arpa. 48360 IN NS ns1.apnic.net. 116.in-addr.arpa. 48360 IN NS apnic.authdns.ripe.net. 116.in-addr.arpa. 48360 IN NS ns4.apnic.net. 116.in-addr.arpa. 48360 IN NS ns2.lacnic.net. ;; ADDITIONAL SECTION: ns1.apnic.net. 519 IN A 202.12.29.25 ns2.lacnic.net. 1135 IN A 200.3.13.11 ns3.apnic.net. 106 IN A 202.12.28.131 ns4.apnic.net. 695 IN A 202.12.31.140 apnic.authdns.ripe.net. 367 IN A 193.0.9.9 apnic1.dnsnode.net. 1480 IN A 194.146.106.106 tinnie.arin.net. 37209 IN A 199.212.0.53 ;; Query time: 0 msec ;; SERVER: 116.93.119.119#53(116.93.119.119) ;; WHEN: Sun Oct 02 11:45:08 CDT 2016 ;; MSG SIZE rcvd: 374
Now my question is, Is this the correct (current) way to test the Nameserver, and if not can someone tell me the commands I can use on the server to test it?
The reason I'm asking, and I've been thinking this since I started trying to get the Nameserver working, Is I believe my registrar is "BSing" me telling me it's not working, and need to know before I get on them about it...
Thanks, Mike
Ok I have an Update to this, I found 2 Really useful websites, I setup DNSSEC, and all is well there here are the 2 Sites for anyone else:
http://network-tools.com/ http://dnsviz.net/
NOW, According to Network-Tools my Forum "android-x86.net" IS Authoritative!!!! And "ns1.android-x86.net" isn't, I'm assuming this means that my actual forum address is the "Nameserver"?!??!
SO if it is, how do I switch it to NS1?? I feel like I'm getting close to getting this working, finally!!
Mike
New Question On This.
My Domain Name Is Coming up for Renewal Next month, For One I plan On switching to NameCheap as I've heard good things...
My Question is Now, Should I change my domain Name to "NS1.DOMAINNAME.NET" or should I leave it as "DOMAINNAME.NET"
The reason I'm asking is, from what I've read, I "SHOULD": be able to use and "A" Record for My NS "NS1." but it's not working that way in CentOs 7, It sesolves to my forum "NS1.Domainname.net", and when I had Ubuntu 16.X Installed it actually resolved to the Apache "It Works Page" Not the Forum Directly...
So What I want to know, Does anyone know what the Simplest way for me to get this working would be??
I've Read, Do the "NS1" at the Registrar, Then Have my DNS records in Virtualmin Point to the Actual Forum, I.E. "www.domainname.net"
Would this information be correct?? Right Now I'm just looking for the Simplest way to get this done...
Thanks For any info.
Mike
To be honest i have hard time to understand your post. Can you post the content of your "/etc/named.conf" and "/var/named/domain.zone" (or "domain.hosts") files. If you want edit your domain and IP but i would like to see this files as i suspect there is some miss-configuration in your Bind.
- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.
Ok Here you go, Thanks for the fast response!!
The **** Are either Edited for public viewing, or a comment as I'm in the middle of getting "DESSEC" Up and running....
NAMED.CONF
ANDROID-X86.NET.HOSTS
I haven't changed these files since clean install of Centos 7 Server (minimal), and Clean Install of Virtualmin, about a month ago, The **** Are from today working on getting DESSEC=*DNSSEC Up and Running....
Thanks,
Mike
And to Clarify a Little.....
My OS (Server?) Is named NS1.ANDROID-X86.NET, My Domain (In The Registrar) is "android-x86.net", I have Virtualmin Set for NS1.ANDROID_X86.NET as the HOST, and the Virtual Server is "android-x86.net"
Dunno If that is confusing, but, really, everything I've read says, the Server (Operating System) should be NS1.DOMAINNAME.NET and virtualmin installs fineas that being a FQDN....
Not trying to act as if you don't know, trying t clarify my own stupidity.... LOL
Mike
Is this a mistake "www.android-x86.net"?
- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.
Is this a mistake "www.android-x86.net" or did you use this to mask your domain?
- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.
No, it's actually "android-x86.net" as it seems everywhere I've tried to append the "www" it get's omitted, even at the registrar, I have the "CNAME" set for "www".
Really not sure, It just is that way....Even a ways back, google analytics suggested moving away from the "www", So not sure, In everything I do related to associating the Domain with things I do both....
Now in my Registrar I have:
ns1.android-x86.net pointed to the new IP, Which in Virtualmin I added "ns1.android-x86.net" and the NEW IP to Bind...And My HOSTS and HOSTNAME Files (Minimally), I didn't go Nuts with edits...
Now I was reading yesterday, Would I possible need to make a "Master" server "ns1.android-x86.net" and make my Domain a Slave (It's set to Master Now, By Virtualmin Install)??
From what I read that would be for an NS1 - Master and NS2 for the slave....
Really I just want to be able to ADD NS1 to the nameserver at the registrar and it accept it, Really not sure WHY it's not, I've checked internally, And short of Doing everything Advised in the 3rd link above, I'm not sure what else to do inside virtualmin, From reading the DOCS on it, It seems it should be a simple process for Virtualmin...
Mike
Are those the correct files you needed??
If you need anymore info let me know.... I just really need to know what I need to point to from the Registrar to have Virtualmin Handle MY OWN DNS Requests....
The server is Called ns1.android-x86.net....
The Served Pages are at http://android-x86.net/
So the simple question is, do I register ns1.android-x86.net at the registrar, then have the DNS records forward to the actual pages to be served???
The problem seems to be, that Virtualmin IS NOT handling ANY DNS tasks, As When I try to add it to the Nameservers list at my Registrar it says it doesn't exist...
I believe I have Virtualmin setup correctly, I've done what has been advised, and I've read across many different sites looking for an answer...
I will say, ALOT of them are "Setups" from the Beginning, I.E. Installing the files and configuring them, Which I'm really wary of as, I want to keep Virtualmin in control of things, and I really don't want to break anything...
Thanks,
Mkke
I have an Update to this.
With All the time spread over months of trying to get this to work, I believe I was confusing setting up a single IP DNS Nameserver.
I now have one IP for the HOST (NS1.ANDROID-X86.NET) and one IP for the Virtual Server (HTTP://ANDROID-X86.NET)
The IP for NS1.ANDROID-X86.NET Resolves through the "A" Record at My Registrar, My Registrar STILL Says that NS1.ANDROID-X86.NET IS NOT A NAMESERVER... When I enter the Address (OR IP) in the Address Bar I get:
Index of /
[ICO] Name Last modified Size Description
This Is My HOSTS FIle
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 NEW.IP.0.0 ns1.anddroid-x86.net ns1
This Is Local HOSTSNAME:
ns1
changed from NS1.ANDROID-X86.NET
This is my RESOLV.CONF
I added the ENS4 - New IP, In Network Config. I added the IP's In Bind
Not sure what else to do, I checked with INTERNIC and It's not resolving, But I assume as long as my Registrar Isn't allowing me to add it to nameserver that it won't resolve....
I used these 2 Links and read alot on the last Link, But it killed my connection on server reboot....
https://www.virtualmin.com/node/18463 https://www.virtualmin.com/documentation/dns/faq
https://www.unixmen.com/setting-dns-server-centos-7/
Is there a way to just check the proper settings locally, Like not through "dig" as that reports the same dnsowl, which is my registrar nameservers....
Hope this clarifies a little the problems I'm having...
Mike
Edited:Copy/Paste Mangled in the display
Hey Mike,
I'm only dropping in on this, and haven't had a chance to read through this whole thing, but I wrote up the steps for spinning up a domain from nothing a while back on our blog here: http://inthebox.webmin.com/dns-for-web-hosting-glue-records
It sounds like the glue records are the remaining problem, maybe?
Edit: Also note that most of those steps are automated by Virtualmin; you wouldn't need to do most of the local BIND stuff, but the stuff at the registrar has to happen for your domains to work.
--
Check out the forum guidelines!
Hey, Okay I went through the BLOG, and Everything on the Local End Reports Correct:
And the Results:
And I will say that NameSilo (Registrar) DOESN'T allow an IP for the Nameserver, I have to use "ns1.android-x86.net".... Also They say support just adding the nameserver, I just noticed the "applicable registry" in the error statement...
Which I thought WAS the "A" Record I was supposed to add for ns1.android-x86.net IN A {NS1 IP ADDRESS} in my Registrar DNS Records..(NameSilo), BUT when I add the "A" record, Typing "ns1.android-x86.net" in the Address bar, Gives me the "Index" of the site (Blank, But says Index, File, File Type) and I still get the Nameserver error from them...
REALLY Started to think it's them, not me.... I contacted my Server provider today to TRIPLE CHeck TCP/UDP 53 was open and it is.
And thanks everyone for taking the time to help me out with this!!!
Mike
Sorry to Re-Post I'm being moderated and can't edit, lol, But I forgot the last 2 checks on the list....
[root@ns1 ~]# host -t ns android-x86.net android-x86.net name server ns1.android-x86.net.
[root@ns1 ~]# host android-x86.net ns1.android-x86.net Using domain server: Name: ns1.android-x86.net Address: {CORRECT NS1 IP}#53 Aliases:
android-x86.net has address {CORRECT DOMAIN IP} android-x86.net mail is handled by 5 mail.android-x86.net. [root@ns1 ~]#
All As it seems it should be....
Mike
Also Anything posted before Wed, 01/04/2017 - 10:56 on this thread is Dead info.... I just came back here as I didn't want to clutter the forums.....
mIKE
Ok all, I got it.....
It's bad when you have a not so savy linux user as myself, and worse when the services you pay for don't know what they're doing......TILL
You hit the right REP! I registered the name server, and added it to the NameServer List, Replaced the NS1.DNSOWL.COM, With NS!.ANDROID-X86.NET, And it work with the Registrar, Told them I was going to be leaving, Still Might after a year of fighting with this, and multiple emails to them...
I'm NOT gonna say solved right now, as I went in and Removed hosts "::1" as I think that was IP6 and my server doesn't support it, and one of the test commands came back with that as the IP, So I removed it and The IP went to localhost, I also changed the RESOLV.CONF to My NS1 IP, and Not localhost as it was set for...
I have a snap shot of the server and can restore no problem, BUT now that it's registered and done, I'll Play Around more, Unless ADVISED OTHERWISE HERE!!! LoL!!!!
But it says 1-48 Hours to Propagate, And as long as the forum keeps running I'll let it go.... And do the tests....
Thanks everyone I'll report back on this!
Mike
Well Good Start....
Los Angeles CA, United States
ns1.android-x86.net
Dallas TX, United States
ns1.android-x86.net
Mountain View CA, United States
ns1.dnsowl.com ns2.dnsowl.com ns3.dnsowl.com
iNTERNIC
Domain Name: ANDROID-X86.NET Registrar: ********, LLC Sponsoring Registrar IANA ID: ***** Whois Server: whois.********.com Referral URL: http://www.*********.com Name Server: NS1.ANDROID-X86.NET Name Server: NS2.DNSOWL.COM *** Guess I Already Posted this...... Name Server: NS3.DNSOWL.COM Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Updated Date: 08-jan-2017 Creation Date: 27-feb-2015 Expiration Date: 27-feb-2017
Guess Gonna have to Invest in a 3rd IP, To get rid of DNSOWL (Registrar) totally, but Gonna leave as a BackUp....
Any Advice Now that I have it working, I'm Only serving my One Domain..... But if I can Get Away from Anything to do with the "Registrar" I'd like to.
Mike
You only need two IP addresses for DNS service redundancy (ideally they'd be on two different servers on two different networks, but if all of your services are on one system, anyway, having redundancy is not so important).
Registrars are a necessary evil; you'll have to get comfortable dealing with glue records, if you want to manage DNS records (or if you want to let Virtualmin do it for you). If you want to handle DNS through the registrar (most allow you to host your DNS records on their name servers for free), that won't require glue records. But, good registrars make it pretty easy...I just poked around the namecheap interface today and see they have changed it a bunch...so my old blog post doesn't really match their UI, anymore, though the principles will always be the same. But, if it makes you feel any better about it, once you understand how DNS works, it becomes pretty easy to get the basics going. Even though I only do it every six months or so and forget all the specifics in the meantime, I am usually able to do it in a few minutes.
Also, there's a truism about problems with any networked service (web, mail, whatever): It's always DNS. Even if you think it isn't DNS, it's probably DNS. (Not because DNS is unreliable, but because it is complex and people often get it wrong.)
--
Check out the forum guidelines!
Lol, Ya I agree! Basically the reason I want to manage them is, well, one for the learning experience, and two, The service really doesn't provide everything needed for today settings, I mean, Ya, you can get by just fine with them, But Coming from "A FREE HOST", What I started with in the VERY Beginning, To where I Am Today, I've learned, that, If "I" have the control "I" can fix it when needed, NOT, A Trouble Ticket, Not a REP who knows less then me, and that's REAL BAD!! LOL
And Ya I'm sure If I paid more, I'd get what I want, But as it stands, I'm hoping to upgrade to the Virtualmin Pro, Not that I need PRO, But, The Creators of this piece of programming well deserve more then my $6 a Month, After I've learned the interface a little, and got over the "SHELL SHOCK" of C-Panel and a Paid host, I love it!!
And learning the proper use of back-ups, and when to do it, and all that, Example: I STILL haven't rebooted the server, LOL, And I've found that's the END all BE ALL of a working system, I know I don't need to, But that's my test on a working server, I still have the Snapshot before I started all this.. AND I might restore it, just to see if I needed to make the changes I did....
So as It stands now, the Propagation Is Bouncing ALL OVER THE PLACE, yesterday before bed My Nameserver Propagated to about 7 of 20 Checks, now it's on 2 of 20, Just gonna leave it be for a couple days, see how it settles out and report back here...
Then On to DNSSEC, And a couple other things...
Question tho, Would it be Better (Although I'd assume Pretty Useless in the long run) to have a second NS (NS2) that basically just points to the same IP, I'd much rather have NS1/NS2 For my Name servers, and say the registrars NS3 as A Fallback...
And as I said, as of right now the propagation is jumping around, so I've got a couple days to sit back and wait on it before doing anything else....
And again let me thank all of you for your input, I wouldn't have gotten this done without the help/links, That finally got my head rapped around what I needed to get done!!!
Mike
OK one last Update and One Last Question (For Now 8-) )
Ok, I did the server reboot, all went fine, and actually pages coming up faster then before....
I used a Global Propagation Checker for the NS (Multiple Location Check), and Internic has it exactly as I want it, So I'm just going to leave that be, As It seems correct...
Can one of you check this, My RESOLV.CONF and Verify I'm not on any other NS then my own, I mean, Not on the Global Internet, To serve other Sites....
This Part:
I only want to serve my forum pages..... I Believe it's right, I just want to verify.. Thanks
Thanks, I think, That'd handle this for now, I'll check back later (Couple Days) to put in a final word on this but as of now it all looks good....
Mike
You need to be more specific about allowing recursion.
Something like:
acl "trustednets" {
localhost;
127.0.0.1;
192.168.1.0/24;
};
options {
allow-recursion { trustednets; };
recursion yes;
...other options here...
};
--
Check out the forum guidelines!
Ok on the 192.168.1.0/24, I actually know what the 0/24 Means Blocking IPs In HTACCESS, But should I use that for my Single Name Server IP?? I'm Guessing here, it's just to span the IP?? Or should I use it as you posted, and Put my NS server IP In?? Sorry, I AM Learning LOL
And I Get the Allow-recursion , Makes Sense!
Mike
And actually isn't:
1.1.1.0/8 1.1.0.0/016 1.0.0.0/32 1.1.1.1.0//64
N/M I forgot the span for the IP's, Oldtimers sucks guys, I'll get back in the morning, Seems Clearer with a good cup of coffee.. 8-)
Or am I wrong again?? Really don't like to Expound my stupid'ness,
Ok, I messed up, I thought I had purchased the IP, But apparently not, As The Server Reboot Changed the IP, I've fixed that, But since I had to Redo Everything, I decided to go Back to the Pre-Namserver Settings Image and redo everything with the New IP, And Less Edits...
Would "allow-query" work the same as your post?? Or both or just what you said above??
Thanks, Mike
UPDATE:
Ok Done again, and propagating, With ALOT less edits to the files, just what was advised on your blog, Feel better about it that way...
I didn't add the above "acl" stuff, as I was thinking the:
allow-query { localhost; 116.NS1 IP ADDRESS;}; type master; file "/var/named/android-x86.net.hosts"; also-notify { 116.NS1 IP ADDRESS; }; allow-transfer { 127.0.0.1; localnets; }; notify yes; };
If you still advise adding it I will, I didn't realize that that IP range you have is local....
Mike