I installed Froxlor on Raspberry Pi 3 B+ with Ubuntu Mate 16.04 to host a little blog.
PHP, Apache 2.4 etc. almost everything is OK. I can access it with the server's global IP. But something is wrong with the name servers so I can't get my domains work. When I check my domains via intodns.com, it shows me "ERROR: One or more of your nameservers did not respond" error message.
(In domain registration website, I defined ns1.mydomain.org and ns2.mydomain.org with my new server's static IP. IntoDNS shows the same IP in "Domain NS records" section.)
213.159.xxx.xxx -> my old server IP
78.xxx.xxx.xxx -> my new raspi server IP
192.168.1.106 -> raspi's IP in local network
I checked the listening ports and I realized that Bind is not listening my server's IP. Here is the result of netstat:
You can clearly see that in my old server named is listening on port 53 for incoming connections. But in my new server, the listening ports are only local IPs (there's a UDP IPv6 listener :::53 but I don't think it takes care of IPv4 connections which my server has only one IPv4.)
I tried to use different combinations of listen-on command like these
listen-on port 53 { 78.xxx.xxx.xxx; };
listen-on port 53 { *; };
listen-on port 53 { 78.xxx.xxx.xxx; *; };
in /etc/bind/named.conf.options but it didn't change anything.
; <<>> DiG 9.10.3-P4-Ubuntu <<>> @192.168.1.106
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41489
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 514242 IN NS k.root-servers.net.
. 514242 IN NS g.root-servers.net.
. 514242 IN NS m.root-servers.net.
. 514242 IN NS h.root-servers.net.
. 514242 IN NS b.root-servers.net.
. 514242 IN NS d.root-servers.net.
. 514242 IN NS c.root-servers.net.
. 514242 IN NS i.root-servers.net.
. 514242 IN NS l.root-servers.net.
. 514242 IN NS f.root-servers.net.
. 514242 IN NS j.root-servers.net.
. 514242 IN NS e.root-servers.net.
. 514242 IN NS a.root-servers.net.
;; Query time: 1 msec
;; SERVER: 192.168.1.106#53(192.168.1.106)
;; WHEN: Tue Jun 26 21:12:25 +03 2018
;; MSG SIZE rcvd: 239
dig +trace mydomain.org (I run this in another device)
; <<>> DiG 9.10.3-P4-Ubuntu <<>> +trace mydomain.org
;; global options: +cmd
. 29459 IN NS h.root-servers.net.
. 29459 IN NS g.root-servers.net.
. 29459 IN NS a.root-servers.net.
. 29459 IN NS f.root-servers.net.
. 29459 IN NS k.root-servers.net.
. 29459 IN NS c.root-servers.net.
. 29459 IN NS e.root-servers.net.
. 29459 IN NS b.root-servers.net.
. 29459 IN NS l.root-servers.net.
. 29459 IN NS i.root-servers.net.
. 29459 IN NS m.root-servers.net.
. 29459 IN NS d.root-servers.net.
. 29459 IN NS j.root-servers.net.
. 43200 IN RRSIG NS 8 0 518400 20180709170000 20180626160000 39570 . KG5 ... jFg==
;; Received 525 bytes from 127.0.1.1#53(127.0.1.1) in 10 ms
mydomain.org. 8002 IN NS ns2.mydomain.org.
mydomain.org. 8002 IN NS ns1.mydomain.org.
couldn't get address for 'ns2.mydomain.org': failure
couldn't get address for 'ns1.mydomain.org': failure
dig: couldn't get address for 'ns2.mydomain.org': no more
dig +trace mydomain.org (I run this in raspi and yes that's it, almost empty)
; <<>> DiG 9.10.3-P4-Ubuntu <<>> +trace mydomain.org
;; global options: +cmd
;; Received 28 bytes from 78.xxx.xxx.xxx#53(78.xxx.xxx.xxx) in 10 ms
The server is reachable from outside with the public IP so it's not a port-forwarding issue I think. I also checked ports with netcat and it was okay, raspi gets tcp and udp packets from outside. (There is no firewall, no iptables installed in raspi. There was only ufw and I disabled it but nothing changed.)
How can I make named listen on my public IP just like in my old server? Any advice would be appreciated. Thank you!
Question
mofselvi
Hi,
I installed Froxlor on Raspberry Pi 3 B+ with Ubuntu Mate 16.04 to host a little blog.
PHP, Apache 2.4 etc. almost everything is OK. I can access it with the server's global IP. But something is wrong with the name servers so I can't get my domains work. When I check my domains via intodns.com, it shows me "ERROR: One or more of your nameservers did not respond" error message.
(In domain registration website, I defined ns1.mydomain.org and ns2.mydomain.org with my new server's static IP. IntoDNS shows the same IP in "Domain NS records" section.)
213.159.xxx.xxx -> my old server IP
78.xxx.xxx.xxx -> my new raspi server IP
192.168.1.106 -> raspi's IP in local network
I checked the listening ports and I realized that Bind is not listening my server's IP. Here is the result of netstat:
Then I conected to my old server (Ubuntu 14) and listed what's listening on port 53. Here is what I got:
netstat -tulpn | grep 53 tcp 0 0 213.159.xxx.xxx:53 0.0.0.0:* LISTEN 1006/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1006/named tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 1006/named tcp6 0 0 ::1:953 :::* LISTEN 1006/named udp 0 0 213.159.xxx.xxx:53 0.0.0.0:* 1006/named udp 0 0 127.0.0.1:53 0.0.0.0:* 1006/named
You can clearly see that in my old server named is listening on port 53 for incoming connections. But in my new server, the listening ports are only local IPs (there's a UDP IPv6 listener :::53 but I don't think it takes care of IPv4 connections which my server has only one IPv4.)
I tried to use different combinations of listen-on command like these
listen-on port 53 { 78.xxx.xxx.xxx; }; listen-on port 53 { *; }; listen-on port 53 { 78.xxx.xxx.xxx; *; };
in /etc/bind/named.conf.options but it didn't change anything.
Here are some test results
dig @78.xxx.xxx.xxx
; <<>> DiG 9.10.3-P4-Ubuntu <<>> @78.xxx.xxx.xxx ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 42129 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;. IN NS ;; Query time: 7 msec ;; SERVER: 78.xxx.xxx.xxx#53(78.xxx.xxx.xxx) ;; WHEN: Tue Jun 26 21:04:33 +03 2018 ;; MSG SIZE rcvd: 28
dig @192.168.1.106
; <<>> DiG 9.10.3-P4-Ubuntu <<>> @192.168.1.106 ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41489 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;. IN NS ;; ANSWER SECTION: . 514242 IN NS k.root-servers.net. . 514242 IN NS g.root-servers.net. . 514242 IN NS m.root-servers.net. . 514242 IN NS h.root-servers.net. . 514242 IN NS b.root-servers.net. . 514242 IN NS d.root-servers.net. . 514242 IN NS c.root-servers.net. . 514242 IN NS i.root-servers.net. . 514242 IN NS l.root-servers.net. . 514242 IN NS f.root-servers.net. . 514242 IN NS j.root-servers.net. . 514242 IN NS e.root-servers.net. . 514242 IN NS a.root-servers.net. ;; Query time: 1 msec ;; SERVER: 192.168.1.106#53(192.168.1.106) ;; WHEN: Tue Jun 26 21:12:25 +03 2018 ;; MSG SIZE rcvd: 239
dig +trace mydomain.org (I run this in another device)
; <<>> DiG 9.10.3-P4-Ubuntu <<>> +trace mydomain.org ;; global options: +cmd . 29459 IN NS h.root-servers.net. . 29459 IN NS g.root-servers.net. . 29459 IN NS a.root-servers.net. . 29459 IN NS f.root-servers.net. . 29459 IN NS k.root-servers.net. . 29459 IN NS c.root-servers.net. . 29459 IN NS e.root-servers.net. . 29459 IN NS b.root-servers.net. . 29459 IN NS l.root-servers.net. . 29459 IN NS i.root-servers.net. . 29459 IN NS m.root-servers.net. . 29459 IN NS d.root-servers.net. . 29459 IN NS j.root-servers.net. . 43200 IN RRSIG NS 8 0 518400 20180709170000 20180626160000 39570 . KG5 ... jFg== ;; Received 525 bytes from 127.0.1.1#53(127.0.1.1) in 10 ms mydomain.org. 8002 IN NS ns2.mydomain.org. mydomain.org. 8002 IN NS ns1.mydomain.org. couldn't get address for 'ns2.mydomain.org': failure couldn't get address for 'ns1.mydomain.org': failure dig: couldn't get address for 'ns2.mydomain.org': no more
dig +trace mydomain.org (I run this in raspi and yes that's it, almost empty)
; <<>> DiG 9.10.3-P4-Ubuntu <<>> +trace mydomain.org ;; global options: +cmd ;; Received 28 bytes from 78.xxx.xxx.xxx#53(78.xxx.xxx.xxx) in 10 ms
The server is reachable from outside with the public IP so it's not a port-forwarding issue I think. I also checked ports with netcat and it was okay, raspi gets tcp and udp packets from outside. (There is no firewall, no iptables installed in raspi. There was only ufw and I disabled it but nothing changed.)
How can I make named listen on my public IP just like in my old server? Any advice would be appreciated. Thank you!
Link to comment
Share on other sites
0 answers to this question
Recommended Posts
Archived
This topic is now archived and is closed to further replies.