0

I have two Ubuntu 12.04LTS servers on different locations:

ns1.vidrih.info points to master DNS server with IP 93.103.164.154 and
ns2.vidrih.info points to slave DNS server with IP 46.150.36.23

named.conf.local include for domain is:

zone "vidrih.info" {
        type master;
        file "/var/lib/bind/vidrih.info.hosts";
        allow-update { none; };
        allow-transfer { none; };
};

My zone file is:

$ORIGIN .
$TTL 86400
vidrih.info             IN SOA  ns1.vidrih.info. nejc.vidrih.gmail.com. (
                                2013042201 ; serial
                                3600       ; refrenski
                                1800       ; retry
                                604800     ; expire
                                86400      ; minimum
                                )
    NS    ns1.vidrih.info.
    NS    ns2.vidrih.info.
    A    93.103.164.154

I get an error on http://dnscheck.pingdom.com:

Name server ns1.vidrih.info does not answer queries over TCP or UDP.

syslog looks fine: server named[3871]: zone vidrih.info/IN: loaded serial 2013042201 Port 53 is opened.

What am I doing wrong, what am I missing?

Nejc Vidrih
  • 9
  • 1
  • What address(es) is port 53 bound to, iptables, firewall for your network? If that domain is new, the serial should be YYYYMMDD00. – NickW Mar 24 '14 at 12:11
  • The domain is not new (it is a few years old), server is behind router with firewall, port 53 is forwarded. I dont't think the problem is in the network, becuase untill now server on ns1 location was my only dns server and it worked fine. – Nejc Vidrih Mar 24 '14 at 13:28
  • The serial is used to inform the slave that the zone has been updated, but that isn't your primary problem. What does the `listen:` stanza state in your `named.conf`? – NickW Mar 24 '14 at 13:35
  • Ok, I have fixed the serial. I don't have any listen: in named.conf(.options). – Nejc Vidrih Mar 24 '14 at 13:40
  • Hmmm, what do you get if you type `netstat -pan | grep :53` ? – NickW Mar 24 '14 at 14:20
  • tcp 0 0 192.168.0.150:53 0.0.0.0:* LISTEN 3010/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 3010/named udp 0 0 192.168.0.150:53 0.0.0.0:* 3010/named udp 0 0 127.0.0.1:53 0.0.0.0:* 3010/named – Nejc Vidrih Mar 24 '14 at 15:13
  • That's correct. So, you're forwarding 93.103.164.154 to 192.168.0.150? – NickW Mar 24 '14 at 15:33
  • Yes, I have many other ports forwarded and they work just fine. – Nejc Vidrih Mar 24 '14 at 17:24
  • So, can you post your named.conf? I have a feeling you're not replying to any requests due to the configuration... – NickW Mar 24 '14 at 17:26
  • Here it is http://pastebin.com/cEeGFWDc – Nejc Vidrih Mar 24 '14 at 22:57

1 Answers1

1

The solution is simple, you need to add a line like this to your named.conf

listen-on port 53 { 127.0.0.1; 192.168.0.150; };

As the default setting for bind 9+ is to listen by default only on 127.0.0.1.

NickW
  • 10,263
  • 1
  • 20
  • 27