i'm trying to deploy a web app on a VPS server. The app build with Django and currently trying to serve files with Apache2. I'm having trouble with DNS setup(bind9). The company i use does not help me with this.
Could you help me to solve this issue that i have dealt with 3 days ?
OS:
Distributor ID: Ubuntu
Description: Ubuntu 16.04.7 LTS
Release: 16.04
Codename: xenial_
nslookup example.com
;; Got SERVFAIL reply from 8.8.8.8, trying next server
Server: 8.8.4.4
Address: 8.8.4.4#53
** server can't find example.com : SERVFAIL_
nslookup example.com 185.106.209.113
Server: 185.106.209.113
Address: 185.106.209.113#53
Name:
Address: 185.106.209.113When i go to address, i can see Apache2 default page. If i type throws me DNS_PROBE_FINISHED_NXDOMAIN error.
|-- [-rwxr-xr-x bind ] bind.keys
|-- [-rwxr-xr-x bind ] db.0
|-- [-rwxr-xr-x bind ] db.127
|-- [-rwxr-xr-x bind ] db.255
|-- [-rwxr-xr-x bind ] db.empty
|-- [-rwxr-xr-x bind ] db.local
|-- [-rwxr-xr-x bind ] db.root
|-- [-rwxr-xr-x bind ] named.conf
|-- [-rwxr-xr-x bind ] named.conf.default-zones
|-- [-rwxr-xr-x bind ] named.conf.local
|-- [-rwxr-xr-x bind ] named.conf.local.back
|-- [-rwxr-xr-x bind ] named.conf.options
|-- [-rwxr-xr-x bind ] rndc.key
|-- [drwxr-sr-x bind ] zones
| |-- [-rwxr-xr-x bind ] db.185.106
| `-- [-rwxr-xr-x bind ] db.example.com
`-- [-rwxr-xr-x bind ] zones.rfc1918named.conf.options:
acl "trusted" { 185.106.209.113;
};
options { directory "/var/cache/bind"; // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. forwarders { 185.106.209.113; }; dnssec-validation auto; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; };
};named.conf.local:
//include "/etc/bind/zones.rfc1918";
zone "example.com" { type master; file "/etc/bind/zones/db.example.com"; allow-transfer { 185.106.209.113; }; also-notify { 185.106.209.113; };
};
zone "209.106.185.in-addr.arpa" { type master; file "/etc/bind/zones/db.185.106"; allow-transfer { 185.106.209.113; }; also-notify {185.106.209.113; };
};db.example.com:
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA ns1.example.com. root.example.com. ( 3 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL
; NS records
@ IN NS ns1.example.com.
@ IN NS ns2.example.com.
@ IN A 185.106.209.113
; A records
ns1.example.com. IN A 185.106.209.113
ns2.example.com. IN A 185.106.209.113db.185.106
;
; BIND reverse data file for local loopback interface
;
$TTL 604800
@ IN SOA ns1.example.com. root.example.com. ( 3 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL
; name servers - NS records IN NS ns1.example.com. IN NS ns2.example.com.
; PTR Records
113.209 IN PTR ns1.example.com. ; 185.106.209.113
113.209 IN PTR ns2.example.com. ; 185.106.209.113and firewall status:
To Action From
-- ------ ----
22 ALLOW Anywhere
80/tcp ALLOW Anywhere
Apache Full ALLOW Anywhere
8000 ALLOW Anywhere
53 ALLOW Anywhere
22 (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
Apache Full (v6) ALLOW Anywhere (v6)
8000 (v6) ALLOW Anywhere (v6)
53 (v6) ALLOW Anywhere (v6) 1 1 Answer
So go by these steps it worked for me and I'm sure it will work for you.
1.Set your hostname equal to one of your ServerNames like:
server.example.com
2.configure the interfaces in /etc/network/ like:
iface ens3 inet static
address 192.168.1.10
netmask 255.255.255.0don't forget to restart 'networking'.
now let's config the bind. You don't need to edit all of the dbs just do it like bellow:
open /etc/bind/named.conf.local add this at the end of the file:
zone "example.com" IN {
type master;
file "/etc/bind/forward.example.com;
};
zone "1.168.192.in-addr.arpa" IN {
#1.168.192 is the reverse of 192.168.1 wit out the last part "10"
type maste;
file "/etc/bind/reverse.example.com";
}now in /etc/bind
cp db.local forward.example.comnow edit forward.example.com
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA server.example.com root.server.example.com. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL
;
@ IN NS server.example.com.
@ IN A xxx.xxx.xxx.xxx #your public static ip adress if you-
server IN A xxx.xxx.xxx.xxx #did you portforwards in NAT if you -
host IN A xxx.xxx.xxx.xxx #didn't import the static private ip-
client IN A xxx.xxx.xxx.xxx #address.
www IN A xxx.xxx.xxx.xxx
@ IN NS ns1.example.com.
@ IN A xxx.xxx.xxx.xxx
ns1 IN A xxx.xxx.xxx.xxx
@ IN MX 10 admin.example.com.
@ IN A xxx.xxx.xxx.xxx
admin IN A xxx.xxx.xxx.xxx
#this config contains email server configure too.now in the same directory cp forward.example.com reverse.example.com
now edit reverse zone like bellow:
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA server.example.com root.server.example.com. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL
;
@ IN NS server.example.com.
@ IN PTR exapmle.com.
server IN A xxx.xxx.xxx.xxx
host IN A xxx.xxx.xxx.xxx
client IN A xxx.xxx.xxx.xxx
www IN A xxx.xxx.xxx.xxx
10 IN PTR server.exapmle.com.
11 IN PTR client.exapmle.com.
@ IN NS ns1.exapmle.com.
ns1 IN A xxx.xxx.xxx.xxx
10 IN PTR ns1.exapmle.com.
@ IN MX 10 admin.exapmle.com.
admin IN A xxx.xxx.xxx.xxx
10 IN PTR admin.exapmle.com.
#the ten in above of hashtag is the end number of your ip 192.168.1.(10)
or xxx.xxx.xxx.(xxx)forward and reverse zones are configured now. naw follow the command:
sudo named-checkconf -z /etc/bind/named.conf
sudo named-checkconf -z /etc/bind/named.conf.local
sudo named-checkzone forward /etc/bind/forward.example.com
sudo named-checkzone reverse /etc/bind/reverse.example.comthe outputs should show that the zones are loaded and there is no error.
now restart bind. if there was an error just use journalctl -xe and see the details more times it just a typo and mistakes like that.
now do these:
sudo chown -R bind:bind /etc/bind
sudo chmod -R 755 /etc/bind
sudo systemctl restart bind9
sudo systemctl enable bind9
ufw allow bind9
ufw allow 53
ufw allow 53/tcp
ufw allow 53/udpgo to /etc/network/interfaces again add this in the end of file:
dns-search example.com
dns-nameserver 192.168.1.10after that restart networking with sudo systemctl restart networking
nano this file now: /etc/resolv.conf
add these at the end of the file:
nameserver 192.168.1.10
search example.comrestart the networking restart the NetworkManager
now ping/nslookup/dig ns.example.com or server.example.com
NOW It's WORKING
3