[svlug] BIND9 on EC2
Scott DuBois
sdubois at linux.com
Sat Nov 29 21:02:04 PST 2014
On 11/28/2014 01:22 AM, Rick Moen wrote:
Please clarify.
Sorry, I tried to convey in words what I'm looking at for my only
options from my host. A can only access nameserver settings; no records.
(See image link)
https://www.domain.com/domaincom/about/press/2009/01_30_2009.bml
> 2. The remainder of your posting suggests you wish this nameserver host to
> do (at minimum) authoritative DNS, for domain sldubois.org and possibly
> other domains, and in fact to be the DNS master for sldubois.org.
Right. It's my first "rodeo" configuring my own DNS and I just want to
make it work. Once it works, then I relax and study it further
considering other possibilities.
I started this whole instruction from the Ubuntu Tutorials website
before finding the DigitalOcean pages and have been following their
instructions since. Instead of trying to divert into "custom"
configuration properties, I felt it best to create my own Master and
Slave on EC2 and I guess a third as well since it it highly recommended.
> Please consider re-posting your question with real data.
named.conf.local:
ubuntu at ip-172-31-2-0:/etc/bind$ cat named.conf.local
//
// Do any local configuration here
//
zone "sldubois.org" {
type master;
file "/etc/bind/db.sldubois.org";
allow-transfer { 54.67.63.64; };
};
zone "14.67.54.in-addr.arpa" {
type master;
file "/etc/bind/db.54";
};
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
Master Server:
ubuntu at ip-172-31-2-0:/etc/bind$ cat db.sldubois.org
;
; BIND data file for sldubois.org interface
;
$TTL 604800
@ IN SOA ns1.sldubois.org. sdubois.linux.com. (
2014112901 ; Serial
43200 ; Refresh
900 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
; Name Servers
sldubois.org. IN NS ns1.sldubois.org. ; Master
sldubois.org. IN NS ns2.sldubois.org. ; Slave
; A records for name servers
ns1 IN A 54.67.99.9 ; Master
ns2 IN A 54.67.63.64 ; Slave
; Other A records
@ IN A 54.67.14.140 ; IP for Apache
www IN A 54.67.14.140 ; IP for Apache
Master Reverse:
ubuntu at ip-172-31-2-0:/etc/bind$ cat db.54
;
; BIND reverse data file for sldubois.org interface
;
$TTL 604800
@ IN SOA ns1.sldubois.org. sdubois.linux.com. (
2014112901 ; Serial
43200 ; Refresh
900 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
; Name servers
IN NS ns1.sldubois.org. ; Master
IN NS ns2.sldubois.org. ; Slave
; PTR records
9 IN PTR ns1.sldubois.org. ; Master
64 IN PTR ns2.sldubois.org. ; Slave
140 IN PTR www.sldubois.org. ; Apache
Slave:
ubuntu at ip-172-31-21-66:/etc/bind$ cat named.conf.local
//
// Do any local configuration here
//
zone "sldubois.org" {
type slave;
file "db.sldubois.org";
masters { 54.67.99.9; };
};
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
>
> Step #2 is the step that makes the two nameservers _authoritative_ -- that
> causes public traffic to be directed to them. It is important that your DNS
> be correct and verified before you repoint DNS to your authoritative servers
> in that step.
I ran:
sudo named-checkconf
and
sudo named-checkzone
They're ok. EC2 doesn't allow pings or netstat so I'm short on anything
else other than dig.
>
> And, as mentioned, you really ought to have at least three, not just two.
>
If I also make the third myself would I just duplicate what I did for
ns2 and add ns3 to the master files?
> So, as usual, the registrar has used nameservers to point your domain to a
> 'parking' page.
Well, I only picked up my domain from them with no hosting as my intent
was to just use the domain for work like I'm doing now.
--
Scott DuBois BSIT
President EBLUG
Freenode: Roguehorse
More information about the svlug
mailing list