nta345
By:
nta345

DNS setup question Centos 7

August 18, 2016 1.2k views
DNS

Hi, I just setup Bind on Centos 7 just for the experience of doing it. The instructions for Centos 6 seem to indicate you can have public authoritative name servers but for Centos 7 it seems only VPS is possible. I was wondering why that is? Also, any suggestions on how i could make this public as it'd be a more realistic sandbox?

My domain's neilanuskiewicz.com and I've setup two name servers, ns1 and ns2.

Any suggestions at all on where I should go from here in terms of DNS would be greatly appreciated. It's an interest that I'd like to learn more about.

Thank you.

Neil

2 comments
  • What tutorial is causing this confusion? You can absolutely run authoritative bind nameservers on either CentOS 6 or CentOS 7.

  • I think I've done all the steps but I'm not finding it resolving yet. It could be a propagation error or maybe I messed up somewhere. Any suggestions on best way to trouble shoot? There are no error messages just nothing resolving. I'll try again in maybe an hour.

    As a separate matter, dig gives me a command not found error.. Maybe it's not in a my path. I can use it from my home machine. Dig is a standard tool that comes with centos or no?

3 Answers

OK, I did the steps over and still I can't get anything to resolve. I'm thinking I have an IP address or two in the wrong place and am just not seeing it right now.

I'm pretty sure all the pieces are in place but I'm tired of looking at it so was hoping someone could take a look and point me in the right direction. I'll post whatever config files would help or all of them if that would be helpful, at least the relevant parts. I'll start with the one on ns1.

Here are my Droplets

  • Marmot
    • IPv4: 104.131.131.228
    • Prvt: 10.134.12.131
  • ns1
    • IPv4: 45.55.8.33
    • Prvt: 10.134.27.140
  • ns2
    • IPv4: 45.55.8.46
    • Prvt: 10.134.28.123

Here's my named.conf

acl "trusted" {
        10.134.27.140;    # ns1 - can be set to localhost
        10.134.28.123;    # ns2
        45.55.8.33;  # host1
        45.55.8.46;  # host2
};
options {
        listen-on port 53 { 127.0.0.1; 10.134.27.140; };
#      listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { trusted; };
        allow-transfer { 10.134.28.123; };

Here's my named.conf.local

zone "neilanuskiewicz.com" {
    type master;
    file "/etc/named/zones/db.neilanuskiewicz.com"; # zone file path
    };
zone "134.10.in-addr.arpa" {
    type master;
    file "/etc/named/zones/db.10.134";  # 10.134.0.0/16 subnet
    };

Here's my db.neilanuskiewicz.com

@       IN      SOA    ns1.neilanuskiewicz.com. admin.neilanuskiewicz.com. (
                          3         ; Serial
         604800     ; Refresh
          86400     ; Retry
        2419200     ; Expire
         604800 )   ; Negative Cache TTL

; name servers - NS records
IN      NS      ns1.neilanuskiewicz.com.
IN      NS      ns2.neilanuskiewicz.com.

; name servers - A records
ns1.neilanuskiewicz.com.          IN      A       45.55.8.33
ns2.neilanuskiewicz.com.          IN      A       45.55.8.46

; 10.134.0.0/16 - A records
host1.neilanuskiewicz.com.        IN      A      10.134.27.140
host2.neilanuskiewicz.com.        IN      A      10.134.28.123

Here's my db.10.134

IN     SOA     neilanuskiewicz.com. admin.neilanuskiewicz.com. (
                              3         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
; name servers
      IN      NS      ns1.neilanuskiewicz.com.
      IN      NS      ns2.neilanuskiewicz.com.

; PTR Records
33.8   IN      PTR     ns1.neilanuskiewicz.com.    ; 45.55.8.33
46.8   IN      PTR     ns2.neilanuskiewicz.com.    ; 45.55.8.46
140.27 IN      PTR     host1.neilanuskiewicz.com.  ; 10.134.27.140
123.28 IN      PTR     host2.neilanuskiewicz.com.  ; 10.134.28.123

Actually, I'm beginning to think that ONLY private DNS is possible with the DO Centos 7 setup. Am I right on that? Maybe I need to switch to a diff distro?

I was going to switch the IP's around as obviously you need your name servers to be resolveable from the outside world when I read more carefully and it appears the instructions are saying this is only internal DNS for using in your own VPN? This is sort of a bummer as I really wanted to go through the entire process of setting up and running DNS.

update: I'm going to attempt this using only the public IP addresses and see if that works

Wow, DNS can be frustrating. I realize there are tools and services that make it easier but I wanted to understand how it works. I'm not sure if people really directly setup DNS any more but if it's needed, I"d be happy to write it up for the KB. I'm doing this more to learn DNS than because it's really necessary to set it up manually. I'm not getting any specific error messages, I've not not been able to get the domain to resolve.

Here's part of my named.conf
acl "trusted" {
        45.55.8.33;  # ns1
        45.55.8.46;  # ns2
        104.131.131.228; # marmot public
        10.134.12.131; # marmot private
        10.134.27.140; # ns1 private
        10.134.28.123; # ns2 private
};
options {
        listen-on port 53 { 127.0.0.1; 45.55.8.33; };
#      listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { 127.0.0.1; 45.55.8.0/24; };
        allow-transfer { 45.55.8.33; 45.55.8.46; };
Here's my named.conf.local
zone "neilanuskiewicz.com" {
    type master;
    file "/etc/named/zones/db.neilanuskiewicz.com"; # zone file path
    };
zone "55.45.in-addr.arpa" {
    type master;
    file "/etc/named/zones/db.45.55";  # 45.55.0.0/16 subnet
    };
Here's my db.neilanuskiewicz.com
$TTL    604800
$ORIGIN neilanuskiewicz.com.
@       IN      SOA    neilanuskiewicz.com. hostmaster.neilanuskiewicz.com. (
                  3       ; Serial
             604800     ; Refresh
              86400     ; Retry
            2419200     ; Expire
             604800 )   ; Negative Cache TTL
;
; name servers - NS records
     IN      NS      ns1.neilanuskiewicz.com.
     IN      NS      ns2.neilanuskiewicz.com.

; name servers - A records
ns1.neilanuskiewicz.com.          IN      A       10.128.10.11
ns2.neilanuskiewicz.com.          IN      A       10.128.20.12

; A records
@    IN    A    104.131.131.228
*    IN    A    104.131.131.228

Here's my db.45.55
$TTL 86400
@       IN     SOA    neilanuskiewicz.com. hostmaster.neilanuskiewicz.com. (
                              3         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
; name servers
      IN      NS      ns1.neilanuskiewicz.com.
      IN      NS      ns2.neilanuskiewicz.com.

; PTR Records
33.8   IN      PTR     ns1.neilanuskiewicz.com.
46.8   IN      PTR     ns2.neilanuskiewicz.com.
228.131 IN  PTR neilanuskiewicz.com.

Have another answer? Share your knowledge.