0

I have installed DNS server and network manager on my remote server as by following this instruction: https://www.linuxtechi.com/setup-bind-server-centos-8-rhel-8/ as below:

var/named/fwd.sssss.com.db:

$TTL 86400
@   IN  SOA     ns1.sssss.com. root.sssss.com. (
                                              1490        ;Serial
                                              3600        ;Refresh
                                              1800        ;Retry
                                              604800      ;Expire
                                              86400       ;Minimum TTL
)

;Name Server Information
@       IN  NS      ns1.sssss.com.
@       IN  NS      ns2.sssss.com.



;IP address of Name Server
ns1       IN  A       94.130.98.33
ns2       IN  A       94.130.98.33
sssss.com.       IN  MX   10    mail.sssss.com.

;A - Record HostName To Ip Address
sssss.com.     IN  A       94.130.98.33
www             IN  A       94.130.98.33
mail            IN  A       94.130.98.33
@               IN  A       94.130.98.33

;CNAME record
ftp     IN CNAME        www.sssss.com.

var/named/sssss.com.rev:

$TTL 86400
@   IN  SOA     ns1.sssss.com. root.sssss.com. (
                                       1490        ;Serial
                                       3600        ;Refresh
                                       1800        ;Retry
                                       604800      ;Expire
                                       86400       ;Minimum TTL
)

;Name Server Information
@       IN  NS          ns1.sssss.com.
@       IN  NS          ns2.sssss.com.
ns1     IN  A           94.130.98.33
ns2     IN  A           94.130.98.33


;Reverse lookup for Name Server
33      IN  PTR         ns1.sssss.com.
33      IN  PTR         ns2.sssss.com.
33.98.130.94.in-addr.arpa    IN  PTR         ns1.sssss.com.
33.98.130.94.in-addr.arpa    IN  PTR         ns2.sssss.com.

;PTR Record IP address to HostName
33      IN  PTR         www.sssss.com.
33      IN  PTR         sssss.com.
33      IN  PTR         mail.sssss.com.
33.98.130.94.in-addr.arpa    IN  PTR         www.sssss.com.
33.98.130.94.in-addr.arpa    IN  PTR         sssss.com.
33.98.130.94.in-addr.arpa    IN  PTR         mail.sssss.com.

etc/named.conf:

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
        //listen-on port 53 { 127.0.0.1; };
        //listen-on-v6 port 53 { ::1; };
        listen-on port 53 { 127.0.0.1; 94.130.98.33; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        secroots-file   "/var/named/data/named.secroots";
        recursing-file  "/var/named/data/named.recursing";
        allow-query     { localhost; 94.130.98.33; };

        /*
         - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
         - If you are building a RECURSIVE (caching) DNS server, you need to enable
           recursion.
         - If your recursive DNS server has a public IP address, you MUST enable access
           control to limit queries to your legitimate users. Failing to do so will
           cause your server to become part of large scale DNS amplification
           attacks. Implementing BCP38 within your network would greatly
           reduce such attack surface
        */
        recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;

        managed-keys-directory "/var/named/dynamic";

        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";

        /* https://fedoraproject.org/wiki/Changes/CryptoPolicy */
        include "/etc/crypto-policies/back-ends/bind.config";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};
//forward zone
zone "sssss.com" IN {
        type master;
        file "fwd.sssss.com.db";
        allow-update { none; };
        allow-query  { any; };
};

//backward zone
zone "98.130.94.in-addr.arpa" IN {
        type master;
        file "sssss.com.rev";
        allow-update { none; };
        allow-query  { any; };
};

/etc/sysconfig/network-scripts/ifcfg-enp0s3:

# Generated by parse-kickstart
TYPE="Ethernet"
DEVICE="enp0s3"
UUID="467a30cc-f47a-4c63-a335-f8afab26f559"
ONBOOT="yes"
IPADDR0="94.130.98.33"
BOOTPROTO=dhcp
IPV6INIT="no"
DNS=94.130.98.33

etc/resolv.conf:

# Generated by NetworkManager
search sssss.com
nameserver 94.130.98.33

Nginx works on my server address: 94.130.98.33 but my domain doesn't work!

EDIT: This is the rewult of dig @94.130.98.33 sssss.com any (The real domain name is sssss instead of sssss:

; <<>> DiG 9.11.13-RedHat-9.11.13-5.el8_2 <<>> @94.130.98.33 sssss.com any
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54410
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 4

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: c279563b1d3fe85ccebd7b085f4a20a5d456e6e90441bac5 (good)
;; QUESTION SECTION:
;sssss.com.                    IN      ANY

;; ANSWER SECTION:
sssss.com.             86400   IN      SOA     ns1.sssss.com. root.sssss.com. 1490 3600 1800 604800 86400
sssss.com.             86400   IN      NS      ns2.sssss.com.
sssss.com.             86400   IN      NS      ns1.sssss.com.
sssss.com.             86400   IN      MX      10 mail.sssss.com.
sssss.com.             86400   IN      A       94.130.98.33

;; ADDITIONAL SECTION:
ns1.sssss.com.         86400   IN      A       94.130.98.33
ns2.sssss.com.         86400   IN      A       94.130.98.33
mail.sssss.com.        86400   IN      A       94.130.98.33

;; Query time: 1 msec
;; SERVER: 94.130.98.33#53(94.130.98.33)
;; WHEN: Sat Aug 29 11:32:21 CEST 2020
;; MSG SIZE  rcvd: 229
user3486308
  • 115
  • 6
  • Can you specify what exactly doesn't work. What record for example? Is nslookup working for the record/domain ? – Lorem ipsum Aug 28 '20 at 18:40
  • what is the result of `dig @94.130.98.33 sssss.com any` ? – Petr Chloupek Aug 28 '20 at 20:46
  • Did you find something interesting in the log files `/var/log/syslog` or `messages` ( https://www.thegeekdiary.com/how-to-enable-bind-query-logging-to-find-out-whos-querying-a-name-server/ ) – Déjà vu Aug 28 '20 at 22:41
  • @LukasRäpple: How can I check it? – user3486308 Aug 29 '20 at 09:20
  • @PetrChloupek: I added the result to `EDIT` part of the question. – user3486308 Aug 29 '20 at 09:23
  • You should go back and consider if you need a DNS server in the first place. Managing your own DNS server requires expertise in order so that it is secure and reliable. Most likely you have no need for own DNS server and you should use DNS service provider instead. – Tero Kilkanen Aug 29 '20 at 17:23
  • @TeroKilkanen: My website is written by Angular + NodeJS and running on a VPS, so I found that way to lunch my website up. With the help of '@tetech;, I could find the problem and introduced my VPS IP address to my domain registrant website and problem solved. – user3486308 Aug 30 '20 at 06:10
  • You should remove your DNS server installation now. – Tero Kilkanen Aug 30 '20 at 13:54
  • @TeroKilkanen: How? – user3486308 Aug 30 '20 at 14:42

2 Answers2

1

The question is not easy to understand, as noted in the question comments, but it seems the issue is with DNS resolution on the client.

This is most likely due to one of three reasons.

  1. Nameserver entries at your DNS registrar are wrong.

If your client is using a public DNS resolver (e.g. Google, Cloudflare) they will ultimately check the nameservers specified at your DNS registrar. You must have two set, and they must both point to 94.130.98.33. Note that having two nameserver records to the same IP is bad and should be reconsidered.

  1. Client resolver is not set.

If it is your intention to use a private DNS resolver rather than Google or Cloudflare, then the resolver on your client machine must be set to 94.130.98.33. Show the DNS settings on your client machine which is trying to access the web site.

  1. Record is cached.

It is possible that the above are OK, but the record is cached. On the client, do nslookup ssss.com 94.130.98.33. If this is correct but the browser is going to the wrong place, the record has been cached; either clear the cache or wait for it to expire.

tater
  • 1,445
  • 2
  • 10
  • 12
  • Thanks for answer, but may you check the edit part of the question? – user3486308 Aug 29 '20 at 09:34
  • If your nameserver records are from the same domain, you will need 'glue' records, which must be configured at your domain registrar. It appears these are not configured, which is #1 in the answer. – tater Aug 29 '20 at 09:53
  • How can I find my domain registrar and solve the problem? – user3486308 Aug 29 '20 at 09:56
  • Your domain registrar is whoever you paid to register the domain, maybe tucows.com? – tater Aug 29 '20 at 09:57
  • May you help me on my new problem: https://serverfault.com/questions/1031960/my-website-address-redirects-to-mail-automatically-after-mail-server-installa – user3486308 Aug 29 '20 at 13:06
  • Unfortunately after installing iredmail on my server, it doesn't work again! – user3486308 Sep 01 '20 at 04:52
0

For resolving domain name for ip adress of server to access the application hosted in server domain name has to be mapped with ip address of server by creating A record in local dns server if your server ip address is private and wants to access the application from within LAN network

If your application hosted on server wants to be access from internet with domain name then A record has to be created mapping domain name with public ip address in public DNS or in authoritative DNS of your organization .

Sagar Uragonda
  • 131
  • 4