DNS server not functioning correctly
- by Shamit Shrestha
I have setup a DNS server which isnt working properly. My domain is accswift.com which has glued to two name servers ns1.accswift.com and ns2.accswift.com for the same IP address - 203.78.164.18.
On domain end everything should be fine. Please check -http://www.intodns.com/accswift.com
I am sure its the problem with the linux server. Can anyone help me find where the problem is for me? Below is the settings that I have in the server.
======================
DIG
[root@accswift ~]# dig accswift.com
; << DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 << accswift.com
;; global options: +cmd
;; Got answer:
;; -HEADER<<- opcode: QUERY, status: NOERROR, id: 11275
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;accswift.com. IN A
;; ANSWER SECTION:
accswift.com. 38400 IN A 203.78.164.18
;; AUTHORITY SECTION:
accswift.com. 38400 IN NS ns1.accswift.com.
accswift.com. 38400 IN NS ns2.accswift.com.
;; ADDITIONAL SECTION:
ns1.accswift.com. 38400 IN A 203.78.164.18
ns2.accswift.com. 38400 IN A 203.78.164.18
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Nov 6 20:12:16 2013
;; MSG SIZE rcvd: 114
==============
IP Tables settings
vi /etc/sysconfig/iptables
*filter
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A FORWARD -o eth0 -j LOG --log-level 7 --log-prefix BANDWIDTH_OUT:
-A FORWARD -i eth0 -j LOG --log-level 7 --log-prefix BANDWIDTH_IN:
-A OUTPUT -o eth0 -j LOG --log-level 7 --log-prefix BANDWIDTH_OUT:
-A INPUT -i eth0 -j LOG --log-level 7 --log-prefix BANDWIDTH_IN:
-A INPUT -p udp -m udp --sport 53 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
COMMIT
Completed on Fri Sep 20 04:20:33 2013
Generated by webmin
*mangle
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
Completed
Generated by webmin
*nat
:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
====DNS settings
vi /var/named/accswift.com.host
$ttl 38400
@ IN SOA ns1.accswift.com. root.ns1.accswift.com. (
1382936091
10800
3600
604800
38400 )
@ IN NS ns1.accswift.com.
@ IN NS ns2.accswift.com.
accswift.com. IN A 203.78.164.18
accswift.com. IN NS ns1.accswift.com.
www.accswift.com. IN A 203.78.164.18
ftp.accswift.com. IN A 203.78.164.18
m.accswift.com. IN A 203.78.164.18
ns1 IN A 203.78.164.18
ns2 IN A 203.78.164.18
localhost.accswift.com. IN A 127.0.0.1
webmail.accswift.com. IN A 203.78.164.18
admin.accswift.com. IN A 203.78.164.18
mail.accswift.com. IN A 203.78.164.18
accswift.com. IN MX 5 mail.accswift.com.
====Named.conf
vi /etc/named.conf
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
allow-recursion { localhost; 192.168.2.0/24; };
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
forward first;
forwarders {192.168.1.1;};
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
zone "accswift.com" {
type master;
file "/var/named/accswift.com.hosts";
allow-transfer {
127.0.0.1;
localnets;
208.73.211.69;
};
};
zone "ns1.accswift.com" {
type master;
file "/var/named/ns1.accswift.com.hosts";
};
====================================
Can anybody find any flaw in this? I am still unable to reach accswift.com from any other ISP. But it is browsable from the same network though.
Thanks in advance.
