BIND9 on Ubuntu 20.04lts

techlists at phpcoderusa.com techlists at phpcoderusa.com
Tue Jun 8 17:22:58 MST 2021 


On 2021-06-07 15:34, Michael Butash wrote:
> It sounds like bind doesn't like or is loading your zone file for
> keiththewebguy.com [1], you should be able to nslookup/host/dig
> pointing at the local server first to make sure it works, and then see
> it externally from anywhere outside via the same.  Next is to make
> sure you point your registrar's glue records to point over to your
> server with proper name server and soa records.  They need to know how
> to phone home via the glue's to find where to reference the domain
> from.  Until you can resolve your domain even from the same box, don't
> worry about outside.  Debug bind logs first, plenty of how-to's out
> there to follow.
> 

Got the DNS to work, thanks!!


> Honestly, hosting DNS is far more hassle than worth I found long ago -
> better off using your registrar dns, where I used to use godaddy for
> DNS, and now google.  I'm not too proud to let them have an easy
> button ui for me these days.  Also, DNS can be highly abused to
> generate a lot of traffic at times, so as much as even cox might say
> "unlimited", it's all fun and games until you run over their
> perception of "expected use", which you never know, particularly with
> bind vulnerabilities.  Lots of small udp packets cause issues for
> firewalls and routers (particularly soho hardware kit), best to leave
> this sort of thing to a real isp imho.  I've seen folks self-host dns
> as an experiment and get massive bills for doing so over the years
> several times.
> 

I'm 100% with you.  Appreciate your feedback.

I checked with Cox and there would never be any additional changes since 
I'm on a commercial account.  I do have a limited in bandwidth so 
anything over my bandwidth will be denied.

I'm doing this to learn.  I have a friend that owns a data center and I 
suspect his DNS machines have a user interface and it is all point, 
click, type in a value or string... etc.

I would never do anything like this for a production website.

In a day or two I will be moving onto setting up and configuring Postfix 
and Dovecot.

Thank You For Your Feedback!!

Keith


> -mb
> 
> On Mon, Jun 7, 2021 at 12:38 PM Keith Smith via PLUG-discuss
> <plug-discuss at lists.phxlinux.org> wrote:
> 
>> Hi,
>> 
>> I need some help with Bind.
>> 
>> I have a Cox Business account that allows me to run servers with no
>> blocked ports.
>> 
>> I have an old laptop configure running BIND 9 and Apache.
>> 
>> I can see the default Apache page if I enter my IP into a browser.
>> So
>> Apache seems to be working.
>> 
>> My domain is KeithTheWebGuy.com.
>> My public IP is 98.191.108.149
>> I've port forwarded both 80 and 53.
>> I have a VPS that was serving KeithTheWebGuy.com and so I took the
>> zone
>> file from there and modified it with my public IP.
>> Apache is configured for KeithTheWebGuy.com so I think.
>> 
>> When I try to go to KeithTheWebGuy.com I get a message the site
>> cannot
>> be reached.
>> 
>> I'm thinking I have a BIND issue.
>> 
>> If I issue dig keiththewebguy.com [1] at the command line I get:
>> 
>> --
>> ; <<>> DiG 9.16.1-Ubuntu <<>> keiththewebguy.com [1]
>> ;; global options: +cmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 16506
>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
>> 
>> ;; OPT PSEUDOSECTION:
>> ; EDNS: version: 0, flags:; udp: 65494
>> ;; QUESTION SECTION:
>> ;keiththewebguy.com [1].            IN      A
>> 
>> ;; Query time: 32 msec
>> ;; SERVER: 127.0.0.53#53(127.0.0.53)
>> ;; WHEN: Mon Jun 07 19:30:59 UTC 2021
>> ;; MSG SIZE  rcvd: 47
>> --
>> 
>> No IP is returned.
>> 
>> If I "dig google.com [2]"  An IP is returned.
>> 
>> ; <<>> DiG 9.16.1-Ubuntu <<>> google.com [2]
>> ;; global options: +cmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56676
>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
>> 
>> ;; OPT PSEUDOSECTION:
>> ; EDNS: version: 0, flags:; udp: 65494
>> ;; QUESTION SECTION:
>> ;google.com [2].                    IN      A
>> 
>> ;; ANSWER SECTION:
>> google.com [2].             63      IN      A       172.217.11.174
>> 
>> ;; Query time: 8 msec
>> ;; SERVER: 127.0.0.53#53(127.0.0.53)
>> ;; WHEN: Mon Jun 07 19:32:12 UTC 2021
>> ;; MSG SIZE  rcvd: 55
>> 
>> - - - -
>> 
>> Any help much appreciated.
>> 
>> Keith
>> 
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
> 
> 
> Links:
> ------
> [1] http://keiththewebguy.com
> [2] http://google.com

More information about the PLUG-discuss mailing list