I am soooo confuserated! I have read all posts (yes...ALL) I can find on DNS/named.conf, etc.
When I try to access www.porkjello.com (my domain), I get nothing...I CAN, however, access it via the ip (static ip from isp).

When I try dig porkjello.com I get:
XX.XX.XX.XX is my external static ip

; <<>> DiG 9.2.4 <<>> porkjello.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 41458
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;porkjello.com. IN A

;; Query time: 1 msec
;; SERVER: XX.XX.XX.XX#53(XX.XX.XX.XX)
;; WHEN: Mon Nov 15 11:58:14 2004
;; MSG SIZE rcvd: 31

here is my named.conf:

options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
query-source address * port 53;
};
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "." IN {
type hint;
file "named.ca";
};

zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

zone "porkjello.com" {
type master;
file "db.porkjello.com";
};

include "/etc/rndc.key";

and zone for /var/named/db.porkjello.com

$TTL 86400
@ IN SOA ns1.porkjello.com. admin.porkjello.com. (
2004111501; Serial
10800 ; Refresh after 3hrs
3600 ; Retry after 1 hr
604800 ; Expire in 1 week
86400 ) ; Minimum ttl 1 day

IN NS ns1.porkjello.com.
porkjello.com. IN A XX.XX.XX.XX
www IN CNAME porkjello.com.
ftp IN CNAME porkjello.com.
mail IN A XX.XX.XX.XX
porkjello.com. IN MX 10 mail.porkjello.com.

a snipet of my iptables for port 53
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
...so 53 should be good to go...

my inFernal (yes...I know) (eth1) ip is 192.168.2.1

I am stumped here...any help will be GREATLY appreciated.
Thanks!

You might need to look into:
/etc/resolv.conf

Sorry...That's just off the top of my head and I'm at lunch and don't more time to look into it now.

Good luck.

If you're trying to configure it so that porkjello.com is resolved to your IP address, I thought that was handled by the people that you registered your domain with.

Whoever you got your domain from should have a place on their site where you can register your NS servers. You will most likely need two NS servers. You can use BIND on this pc for the primary NS server, and there are a few providers that offer the service for free that you can use as a secondary NS server..

This is one..

http://www.everydns.net/


You will also need to upate your "db.porkjello.com" file to reflect the changes to something like this..


192.168.0.1 = Fake static IP you got..




$ttl 172800
porkjello.com. IN SOA ns1.porkjello.com. webmaster.porkjello.com. (
1055026205
6H
1H
5D
20M )
porkjello.com. IN A 192.168.0.1
www.porkjello.com. IN A 192.168.0.1
ns1.porkjello.com. IN A 192.168.0.1
mail.porkjello.com. IN A 192.168.0.1
porkjello.com. IN NS ns1.porkjello.com.
porkjello.com. IN NS ns1.everydns.net.
mail.porkjello.com. IN MX 1 porkjello.com.

its great that you have all that in there, but how does the internet know about your domain to IP mapping?

Isn't there a step where you registered your domain name and then tell it what IP is authorative for it?

When i do a name lookup of porkjelly.com, i get nothing because MY dns server knows nothing about YOUR dns server.

That is what i think the problem is.

Loki3 is exactly correct, although your dns server is authoritive for your domain, you dns server is not an authoritive DNS server on the internet so you will not be able to transfer your zone information. The easiest way to get your domain name replicated to authoritive dns servers is to go to www.dyndns.org and use their dns servers for replication. If you decide to use dyndns.org make sure you do a static domain or custom domain not a dynamic dns domain. After you setup your domain and activate it with their servers your info will be out on the public internet within 24-48 hrs, it usually doesnt take that long but thats what they say.

You could also try using their secondary dns service, basically it will allow your dns server to do zone transfers with their dns server. I have used both methods and the custom dns is usually easier because you can administer it from anywhere with an internet connection.

If you need to find out the status of your dns replication you can always go to a public nslookup site (like http://www.infobear.com/nslookup.shtml ) and type your domain name. If it comes up your good, if not then it hasnt finished replicating just keep checking.

Originally posted by Gertrude
http://www.everydns.net/

This is who I use, they're free and it works great.

Thank you all for the swift reply!!!

Well, I had registered porkjello.com with the registar at dyndns.org (althought I have a static ip), and actually, there was never anything asked about an ip to map porkjello.com to...odd???
If I return to the site and log in, I still can't find an area to provide an ip to map porkjello.com to...does this seem right??
I DID, however, go to the link Gertrude provided and put in all my info there...I then went back to dyndns.org and put in ns1.everydns.net and ns2.everydns.net as nameservers.
I assume they will update the records in a few years and maybe it will work then???
Anyway, what should I do now???

Thanks again.

By the way, I think I understand now why there was not an ip asked for when I registered...It seems their DNS service is not free with registration, so I guess I either pay them some more, or use a free service. Hmmmm, let's see...I choose, ummmm...ummmm...FREE!

If your main page is the default Apache page, its working now

Yes, my page is still the default page...however, I can not acces it from any machine on my network for some reason. Unless I just use the ip address, I get www.porkjello.com could not be found.
When I use dig, I still get SERVFAIL: (and an ID #)

Any clues??

Thanks!

Also, sorry to just throw this in as well, do you hapen to know the correct format for enabling a range of ports in iptables?
Example: I want to enable ports 1234 through 5678
Does this look correct?
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 1234:5678 -j ACCEPT

Thanks again!

Please check the "Help posting guidlines" in my sig, then feel free to repost with a better title.

Thank you, Have a nice day.