DigitalOcean Kubernetes: new control plane is faster and free, enable HA for 99.95% uptime SLA

Question

DNS setup question Centos 7

Hi, I just setup Bind on Centos 7 just for the experience of doing it. The instructions for Centos 6 seem to indicate you can have public authoritative name servers but for Centos 7 it seems only VPS is possible. I was wondering why that is? Also, any suggestions on how i could make this public as it’d be a more realistic sandbox?

My domain’s neilanuskiewicz.com and I’ve setup two name servers, ns1 and ns2.

Any suggestions at all on where I should go from here in terms of DNS would be greatly appreciated. It’s an interest that I’d like to learn more about.

Thank you.

Neil

Show comments
Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Sign up now

nta345August 19, 2016

Wow, DNS can be frustrating. I realize there are tools and services that make it easier but I wanted to understand how it works. I’m not sure if people really directly setup DNS any more but if it’s needed, I"d be happy to write it up for the KB. I’m doing this more to learn DNS than because it’s really necessary to set it up manually. I’m not getting any specific error messages, I’ve not not been able to get the domain to resolve.

##Here’s part of my named.conf##

acl "trusted" {
        45.55.8.33;  # ns1
        45.55.8.46;  # ns2
        104.131.131.228; # marmot public
        10.134.12.131; # marmot private
        10.134.27.140; # ns1 private
        10.134.28.123; # ns2 private
};
options {
        listen-on port 53 { 127.0.0.1; 45.55.8.33; };
#      listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { 127.0.0.1; 45.55.8.0/24; };
        allow-transfer { 45.55.8.33; 45.55.8.46; };

##Here’s my named.conf.local##

zone "neilanuskiewicz.com" {
    type master;
    file "/etc/named/zones/db.neilanuskiewicz.com"; # zone file path
    };
zone "55.45.in-addr.arpa" {
    type master;
    file "/etc/named/zones/db.45.55";  # 45.55.0.0/16 subnet
    };

##Here’s my db.neilanuskiewicz.com##

$TTL    604800
$ORIGIN neilanuskiewicz.com.
@       IN      SOA    neilanuskiewicz.com. hostmaster.neilanuskiewicz.com. (
                  3       ; Serial
             604800     ; Refresh
              86400     ; Retry
            2419200     ; Expire
             604800 )   ; Negative Cache TTL
;
; name servers - NS records
     IN      NS      ns1.neilanuskiewicz.com.
     IN      NS      ns2.neilanuskiewicz.com.

; name servers - A records
ns1.neilanuskiewicz.com.          IN      A       10.128.10.11
ns2.neilanuskiewicz.com.          IN      A       10.128.20.12

; A records
@    IN    A    104.131.131.228
*    IN    A    104.131.131.228

##Here’s my db.45.55

$TTL 86400
@       IN     SOA    neilanuskiewicz.com. hostmaster.neilanuskiewicz.com. (
                              3         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
; name servers
      IN      NS      ns1.neilanuskiewicz.com.
      IN      NS      ns2.neilanuskiewicz.com.

; PTR Records
33.8   IN      PTR     ns1.neilanuskiewicz.com.
46.8   IN      PTR     ns2.neilanuskiewicz.com.
228.131 IN  PTR neilanuskiewicz.com.
nta345August 18, 2016

Actually, I’m beginning to think that ONLY private DNS is possible with the DO Centos 7 setup. Am I right on that? Maybe I need to switch to a diff distro?

I was going to switch the IP’s around as obviously you need your name servers to be resolveable from the outside world when I read more carefully and it appears the instructions are saying this is only internal DNS for using in your own VPN? This is sort of a bummer as I really wanted to go through the entire process of setting up and running DNS.

update: I’m going to attempt this using only the public IP addresses and see if that works

nta345August 18, 2016

OK, I did the steps over and still I can’t get anything to resolve. I’m thinking I have an IP address or two in the wrong place and am just not seeing it right now.

I’m pretty sure all the pieces are in place but I’m tired of looking at it so was hoping someone could take a look and point me in the right direction. I’ll post whatever config files would help or all of them if that would be helpful, at least the relevant parts. I’ll start with the one on ns1.

Here are my Droplets

  • Marmot
    • IPv4: 104.131.131.228
    • Prvt: 10.134.12.131
  • ns1
    • IPv4: 45.55.8.33
    • Prvt: 10.134.27.140
  • ns2
    • IPv4: 45.55.8.46
    • Prvt: 10.134.28.123

Here’s my named.conf

acl "trusted" {
        10.134.27.140;    # ns1 - can be set to localhost
        10.134.28.123;    # ns2
        45.55.8.33;  # host1
        45.55.8.46;  # host2
};
options {
        listen-on port 53 { 127.0.0.1; 10.134.27.140; };
#      listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { trusted; };
        allow-transfer { 10.134.28.123; };

Here’s my named.conf.local

zone "neilanuskiewicz.com" {
    type master;
    file "/etc/named/zones/db.neilanuskiewicz.com"; # zone file path
    };
zone "134.10.in-addr.arpa" {
    type master;
    file "/etc/named/zones/db.10.134";  # 10.134.0.0/16 subnet
    };

Here’s my db.neilanuskiewicz.com

@       IN      SOA    ns1.neilanuskiewicz.com. admin.neilanuskiewicz.com. (
                          3         ; Serial
         604800     ; Refresh
          86400     ; Retry
        2419200     ; Expire
         604800 )   ; Negative Cache TTL

; name servers - NS records
IN      NS      ns1.neilanuskiewicz.com.
IN      NS      ns2.neilanuskiewicz.com.

; name servers - A records
ns1.neilanuskiewicz.com.          IN      A       45.55.8.33
ns2.neilanuskiewicz.com.          IN      A       45.55.8.46

; 10.134.0.0/16 - A records
host1.neilanuskiewicz.com.        IN      A      10.134.27.140
host2.neilanuskiewicz.com.        IN      A      10.134.28.123

Here’s my db.10.134

IN     SOA     neilanuskiewicz.com. admin.neilanuskiewicz.com. (
                              3         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
; name servers
      IN      NS      ns1.neilanuskiewicz.com.
      IN      NS      ns2.neilanuskiewicz.com.

; PTR Records
33.8   IN      PTR     ns1.neilanuskiewicz.com.    ; 45.55.8.33
46.8   IN      PTR     ns2.neilanuskiewicz.com.    ; 45.55.8.46
140.27 IN      PTR     host1.neilanuskiewicz.com.  ; 10.134.27.140
123.28 IN      PTR     host2.neilanuskiewicz.com.  ; 10.134.28.123

Try DigitalOcean for free

Click below to sign up and get $100 of credit to try our products over 60 days!

Sign up