So, the IT department decided to change a bunch of domain names and it broke a bunch of stuff in my lab network. I have a suse linux dns server (which I didn't setup and don't know much about). I was wondering if there was a way I could make it manually resolve ip addresses to the old domain names.
Simply modifying the software in my lab to point to the new domain names wont work (because there are other labs at other sites that will still be using the old domain names).
here are some relevant quotes from this tutorial:
Examples Corporation has been assigned the network 192.0.2.0/24 and internally we are using 10.0.0.0/24.
Let's start serving the external names and IPs, we edit /etc/bind/named.conf.local4 and add:
zone "example.com" {
type master;
file "/etc/bind/db.example.com";
};
and then we create /etc/bind/db.example.com with the following contents:
; example.com
$TTL 604800
# IN SOA ns1.example.com. root.example.com. (
2006020201 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800); Negative Cache TTL
;
# IN NS ns1
IN MX 10 mail
IN A 192.0.2.1
ns1 IN A 192.0.2.1
mail IN A 192.0.2.128 ; We have our mail server somewhere else.
www IN A 192.0.2.1
client1 IN A 192.0.2.201 ; We connect to client1 very often.
So what you want to do is replace "example.com" with whatever domain your programs access, replace "192.0.2.whatever" with your destination ip and remove the "ns1", "mail", "www", "clien1" lines and replace it with
*.yourdomain.com. IN A your.ip.address.255
Related
Ok, so here i have one box
Windows Host (Debian Linux 8 VM - Oracle) -Set up. A Live Working Machine, DNS apache php...etc..
IP is **A.A.A.A**
second machine, fresh install, second vm, php apache all running. DNS is not.
IP is **A.A.A.B**
The External IPV40. ISP Router.
IP is **X.X.X.X**
So the Goal is simple:
On thisdomain.com it has a localIP of **A.A.A.A**
but on the Second Server it has the IP **A.A.A.B**
IP A.A.A.A Serves the domain and the website for www.thisdomain.com and thisdomain.com.`
I wish to have ls.thisdomain.comserve IP **A.A.A.B**
TheDNSRecords `are like so:
$TTL 38400
thisdomain.com. IN SOA ls.thisdomain.com. webmaster.thisdomain.com. (
5 ; Serial
1d ; Refresh
60m ; Retry
7d ; Expire
6h ) ; Negative Cache TTL
; ### this is the forward zone of IP 2 A.A.A.B (ls.thisdomain.com)
thisdomain.com. IN A X.X.X.X
thisdomain.com. IN NS ls.thisdomain.com.
ls.thisdomain.com. IN A X.X.X.X
ls.thisdomain.com. IN A A.A.A.B
;
www IN CNAME thisdomain.com.
;
on the main server that serves domain IP 2 = **A.A.A.A**:
$TTL 38400
thisdomain.com. IN SOA ns1.thisdomain.com. webmaster.thisdomain.com. (
5 ; Serial
1d ; Refresh
60m ; Retry
7d ; Expire
6h ) ; Negative Cache TTL
;
thisdomain.com. IN A X.X.X.X
ns1.thisdomain.com. IN A X.X.X.X
ns2.thisdomain.com. IN A X.X.X.X
ls.thisdomain.com. IN A X.X.X.X
thisdomain.com. IN NS ls.thisdomain.com.
ls.thisdomain.com. IN A A.A.A.B
thisdomain.com. IN NS ns1.thisdomain.com.
thisdomain.com. IN NS ns2.thisdomain.com.
;
www IN CNAME thisdomain.com.
;
and whats this issue? well, it seems that even though i
think there good to go, the ls.
Subdomain still only shows the first servers
Apache website **A.A.A.A**
instead of the second servers
**A.A.A.B** Apache Website.
What i want is it to be like this
ls.thisdomain.com
hits
public ip X.X.X.X
then searches
NS1 on
IP A.A.A.A
then send user to webpage on server
LS which is A.A.A.B.
How would one Achieve this to be so that it does happen?
Well, there are several apparent errors above. First, the whole idea of having two different zones for the same name is meaningless because it requires an unnecessary level of DNS recursion - you should serve a single consolidated DNS zone, and if you need two servers for redundancy, then make one of them master and the other one slave (a verbatim copy of the master).
Second, the second zone lists adds two additional NS records compared to the first zone, but all of those in turn point to the same IP address. This is also meaningless.
Third, the name ls.thisdomain.com is defined as a round-robin DNS entry, meaning 50% of the clients will resolve it to X.X.X.X, while another 50% will resolve it to A.A.A.B. Each of those clients will then cache that result for 38400 seconds and then repeat the query, after which point they again have a 50:50 chance of getting either result.
It's unclear from the question whether A.A.A.* is perhaps a private IP network. If the intent is to allow external users to access A.A.A.B which is in a private network, then DNS is simply not the solution. DNS is a Layer 7 protocol which doesn't care which kind of IPs its results will contain, but the external users can't route via Layer 3 to external private networks. HTTP traffic can only arrive at the public X.X.X.X IP, typically at port 80, and then the router can pass it on (NAT it) to an HTTP server. This HTTP server in turn can pass the results on to two separate virtual hosts or even two separate machines (proxying).
Hopefully someone can help clarify this.
I have a domain ie example.com registered with Go Daddy. I host the website with TSOHost so in my domain configuration, I have set the following NS records.
Nameserver 1: ns1.tsohost.co.uk
Nameserver 2: ns2.tsohost.co.uk
I am now able to serve the website both www and non www from this hosting package. I simply have an A record for example.com and a CNAME for www.example.com to point to example.com (this is being configured in the cpanel Advanced DNS Zone Editor). So now we have the website showing as expected and required.
I would also like to setup a kind of DDNS service using a different server entirely, (this will hold DNS records that I will create on the fly using a Radius database).
So I want to use the subdomain ddns.example.com for this DDNS service, ie bob.ddns.example.com for Bob (so that when I ping bob.ddn.example.com, I can alter the IP to 8.8.8. say). In Cpanel I have an A record for ddns.example.com and an A record for *.ddns.example.com to point to my server that will manage this, for example 85.214.214.214.
I have installed Bind on the server (currently using a digital ocean server for this, to which I have added ddns.exmaple.com as an A record to the droplet and *.ddns.example.com also), I have created a zone for ddns.example.com, within this I have set the ns record as the digital ocean details.
I have then added the following to my file /var/named/ddns.example.com.hosts
$ttl 38400
ddns.example.com. IN SOA ns1.digitalocean.com. jon#example.com. (
1414575123
10800
3600
604800
38400 )
ddns.example.com. IN NS ns1.digitalocean.com.
bob.ddns.example.com. IN A 8.8.8.8
When I ping bob.ddns.example.com on the server with bind installed I get 8.8.8.8, but when pinging for anywhere else I get the bind server IP.
Can I ask if what I am doing is possible ie, going from godaddy to tso, to another server and if so what NS records should I specify for bind? or is there something in the named config I need to change, I have set the following options in named.conf in an attempt to solve this issue.
listen-on port 53 { any; };
listen-on-v6 port 53 { any; };
allow-query { any; };
recursion yes;
I am aware that recursion may leave me open to DOS attacks and I intend to turn this to no eventually, but for the moment during testing I have left this to yes.
Any help or information would be greatly appreciated, I have been trying different variations of zone files etc without success, I am really though unsure as to if I am going in the right direction.
Hopefully I have made sense, but any further info I can provide, please let me know.
My first question would be - Are you sure you've updated the Registrar with this server as the DNS nameserver for this domain?
Use nslookup to find out:
# nslookup
> set querytype=NS
> server 4.2.2.1 (a DNS server on the Internet)
> ddns.example.com. (a closing dot helps avoid lookups using preferred search domains.)
and confirm that the Internet knows who to communicate with, and that your NS host is authoritative for the domain.
Next would be - Do you have any other nameservers up to "answer" for that subdomain, causing other problems?
BTW - glad to hear you fixed this issue!
I have dedicated Ubuntu LAMP-server with Bind9, Webmin and Mail server.
My IP:
12.345.678.900
My host: (domain is pointed to this as 1. nameserver)
ns999999.ip-12-345-678.eu
My domain:
www.examp.le
My second nameserver:
ns.nameserver.com
I have successfully set master (Forward zone) record to Bind like that:
examp.le. IN SOA ns999999.ip-12-345-678.eu. webmaster.examp.le. (
1394802155
10800
3600
604800
38400 )
examp.le. IN NS ns999999.ip-12-345-678.eu.
examp.le. IN MX 10 mail.examp.le.
examp.le. IN NS ns.nameserver.com.
examp.le. IN A 12.345.678.900
*.examp.le. IN A 12.345.678.900
That zone is working and when I put examp.le to my browser it works.
I have mail server running in the same server in host mail.examp.le. I have had some problems with sending and receiving mail and I think that one reason is the PTR-record. I mean I don't have any PTR-records. Also some public DNS-tests say: "THERE ARE NO PTR RECORDS FOR YOUR MAIL SERVER 'mail.examp.le' IN 'ns999999.ip-12-345-678.eu'"
My problem is that I don't know how to set those PTR records for mail.examp.le. I have tried to google many hours and so on but I can't set it.
Thank you very much for your help.
First of all: A PTR record is most often set by your ISP. Probably nothing you can set yourself. It a record under your IP number not your domain name. Contact your ISP and ask them to set up the PTR record.
You should also look up SPF records and DKIM. If you are experiencing that sent mails end up in the trash can!
Some good reading on the subject: http://www.allaboutspam.com
Some other reading on PTR records: http://www.itworld.com/networking/362601/how-setup-reverse-dns-and-ptr-records
EDIT
The PTR record should point to the domain name sending the mail. for example: if you are sending mail from admin#example.com the PTR record should point to example.com
For DigitalOcean you would need to set the droplet name the same as the domain name and the PTR will be configured automatically
Reverse DNS (PTR) records are automatically created based on the name that you give your droplet in the Control Panel. If you want to rename a droplet, go to its page in the Control Panel, click directly on the existing Droplet name, and enter a new name there.
There are two things to keep in mind. That new name has to be a fully-qualified domain name - that means that "example.com" will generate a valid PTR record, but a name like "my-ubuntu-droplet" will not generate a PTR record. Also, if you're using IPv6 on your droplet, a PTR record will only be generated for the first IPv6 address assigned to the droplet, not all 16 IPv6 addresses which are available to the droplet.
There's tutorials galore out there, but I'm having a hard time getting BIND to provide local network DNS lookup.
Aims:
Requests can be made from anywhere on the local network. (I haven't included any listen on statements, so this should be covered - I think!)
*.demo requests should go to 192.168.0.64
Anything else should be forwarded to google's 8.8.8.8 and 8.8.4.4
Here's my config:
# /etc/named.conf
options {
directory "/var/named";
# Hide version string for security
version "not currently available";
# Forward all unknown DNS queries to the Google Public DNS. (Does it?)
forwarders { 8.8.8.8; 8.8.4.4; };
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
zone "demo." IN {
type master;
file "zone.demo";
};
And the zone file:
; /var/named/zone.demo
$ORIGIN demo.
$TTL 1D
# IN SOA demo. hostmaster (
201312041 ; serial
8H ; refresh
4H ; retry
4W ; expire
1D ) ; minimum
*. IN A 192.168.0.64
I then run named-checkconf (no output) and named -f (which blocks - all looks well!)
To check that the server is doing what I expect, I run dig:
$ dig #127.0.0.1 A test.demo
; <<>> DiG 9.8.3-P1 <<>> #127.0.0.1 test.demo
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
Any ideas as to what I'm doing wrong here?
First thing you'll need is an NS record:
# IN NS ns.demo.
This needs an associated A record as it is essentially a CNAME which in this case would be in your zone. So you'll need:
ns.demo. IN A <Your DNS server IP here>
Then, as you're wildcard has a dot at the end you are specifying one 'level' of DNS record (e.g. com, net, or demo) and not including your zone's origin. You need to either ditch the dot:
* IN A 192.168.0.64
or do:
*.demo. IN A 192.168.0.64
This is because the final dot in a bind zone file denotes the end of the field. If you don't put the dot on the end of the field then bind will add the origin. This does not apply to IP addresses.
As for the forwarding, that should work, but you'll probably want to have multiple nameservers set up on your clients, in case this one is down for any reason, etc. In this case you won't need the forwarding.
If you want to secure the server to only respond to clients on the local network you can use the allow-query statement to limit it to certain IP ranges. But if your server is not accessible on the internet you should be fine. One thing to check is that the server isn't listening on the loopback interface, meaning that you will only be able to reach it from the machine named is running on and not other machines on your network.
Hope this helps. Let me know if anything isn't clear.
I hope you'll forgive me for thinking that configuring a DNS server would be easy. It turns out it is quite hard... especially if you never did it before.
To recap a little, I previously asked if someone could recommend a personal DNS server for Windows XP for use in a development project.
My basic wish is to host a DNS server that represents the following lookup table:
Address | IP
------------------+--------------
*.devdomain1.dev | 192.168.10.2
*.devdomain2.dev | 192.168.10.2
Do you know how to setup this in BIND 9? Or maybe there is an easier solution that I've overlooked. I know I could add the individual subdomains in my HOSTS file but since we have a lot of subdomains which has to be maintained on several dev machines I would rather have a simple wildcard setup.
A zone file like this should suffice (on my system this would be in /etc/bind/zones/devdomain2.dev.hosts)
devdomain2.dev. IN SOA localhost. johannesh.devdomain2.dev. (
1102522753
10800
3600
604800
38400
)
devdomain2.dev. IN NS localhost.
*.devdomain2.dev. IN A 192.168.10.2
Then my /etc/bind/named.conf.local would reference this as follows
zone "devdomain2.dev" {
type master;
file "/etc/bind/zones/devdomain2.dev.hosts";
};
(Note you could adapt this just wildcard .dev domain entirely, or set up another zone for devdomain1)
How far have you got?
You could just create a zone for .dev and use a wildcard record