[babyirishboy]

I hope someone can help me with this problem since I have spent too much time and cannot figure out what I am doing wrong.

I have registered a domain called ferdionwebdesign.com (through godaddy) and I am trying to set up my name servers for it. Right now, I have set up my 2 name servers as ns1.ferdionwebdesign.com (my computer) and I am using xname.org as my second server (ns0.xname.org).

Here is the problem: I cannot connect to my site using my domain name (ferdionwebdesign.com) yet I can connect to it using my external IP address from my internal network behind a router. I used DNSstuff to check if my name servers are working and this is what I am getting the following fails/warns using the dns tool:

INFO NS records at parent servers Your NS records at the parent servers are:
ns1.ferdionwebdesign.com. [70.67.128.96] [TTL=172800] [CA]
ns1.xname.org. [87.98.164.164 (NO GLUE)] [FR]
[These were obtained from i.gtld-servers.net]

WARN Glue at parent nameservers WARNING. The parent servers (I checked with i.gtld-servers.net.) are not providing glue for all your nameservers. This means that they are supplying the NS records (host.example.com), but not supplying the A records (192.0.2.53), which can cause slightly slower connections, and may cause incompatibilities with some non-RFC-compliant programs. This is perfectly acceptable behavior per the RFCs. This will usually occur if your DNS servers are not in the same TLD as your domain (for example, a DNS server of "ns1.example.org" for the domain "example.com"). In this case, you can speed up the connections slightly by having NS records that are in the same TLD as your domain.

NS INFO NS records at your nameservers Your NS records at your nameservers are:
[None of your nameservers returned your NS records; they could be down or unreachable, or could all be lame nameservers]

WARN All nameservers report identical NS records WARNING: At least one of your nameservers did not return your NS records (it reported 0 answers). This could be because of a referral, if you have a lame nameserver (which would need to be fixed).

70.67.128.96 returns 0 answers (may be a referral)
87.98.164.164 returns 0 answers (may be a referral)

FAIL Lame nameservers ERROR: You have one or more lame nameservers. These are nameservers that do NOT answer authoritatively for your domain. This is bad; for example, these nameservers may never get updated. The following nameservers are lame:
70.67.128.96
87.98.164.164

FAIL Missing nameservers 2 ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are:
ns1.ferdionwebdesign.com.
ns1.xname.org.

WARN Nameservers on separate class C's WARNING: We cannot test to see if your nameservers are all on the same Class C (technically, /24) range, because the root servers are not sending glue. We plan to add such a test later, but today you will have to manually check to make sure that they are on separate Class C ranges. Your nameservers should be at geographically dispersed locations. You should not have all of your nameservers at the same location. RFC2182 3.1 goes into more detail about secondary nameserver location.

WARN Single Point of Failure WARNING: Although you have at least 2 NS records, they may both point to the same server (one of our two tests shows them being the same, the other could not complete the test), which would result in a single point of failure. You are required to have at least 2 nameservers per RFC 1035 section 2.2.

SOA FAIL SOA Record No valid SOA record came back:
is not ferdionwebdesign.com.

I also did a trace route on both my nameserver and external IP and each time it seems to abort after reaching a certain host (dx1bb-g15.no.shawcable.net). This seems strange because this seems to be a hostname from my internet provider (Shaw Cable). Each tool I have used either times out or abort after this computer is reached.

When I use a ping tool from the Internet, it times out for each packet (http://webtools.live...com/nt_ping.php); it doesn't matter if I try to ping my IP address or nameserver.

I have been trying and am hoping that someone can help me. Please let me know if you need more info and I will give it to you.

[Advertisements]

I figured something out that I think is the reason why it won't contact my dns ns1.ferdionwebdesign.com. When I type in "nmap -sT -O localhost" it lists the following:
(The 1651 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
80/tcp open http
111/tcp open rpcbind
199/tcp open smux
631/tcp open ipp
783/tcp open hp-alarm-mgr
6000/tcp open X11

So, from this, i am correct to assume that my dns is not answering because port 53 is not open?

I have tried everything to open port 53 and here is my part of my named.conf file (the options section):
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
forwarders {
64.59.160.13;
64.59.160.15;
};
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
notify-source * port 53;
transfer-source * port 53;
query-source address * port 53;
listen-on { 127.0.0.1; };
listen-on { 192.168.1.104; };
allow-query { 127.0.0.1; 192.168.1.104; all; };
};

I have also port-forwarding to port 53 to the local ip address of the computer running named. How do you open port 53? Shouldn't it automatically open when you start named?

[babyirishboy]

I figured something out that I think is the reason why it won't contact my dns ns1.ferdionwebdesign.com. When I type in "nmap -sT -O localhost" it lists the following:
(The 1651 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
80/tcp open http
111/tcp open rpcbind
199/tcp open smux
631/tcp open ipp
783/tcp open hp-alarm-mgr
6000/tcp open X11

So, from this, i am correct to assume that my dns is not answering because port 53 is not open?

I have tried everything to open port 53 and here is my part of my named.conf file (the options section):
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
forwarders {
64.59.160.13;
64.59.160.15;
};
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
notify-source * port 53;
transfer-source * port 53;
query-source address * port 53;
listen-on { 127.0.0.1; };
listen-on { 192.168.1.104; };
allow-query { 127.0.0.1; 192.168.1.104; all; };
};

I have also port-forwarding to port 53 to the local ip address of the computer running named. How do you open port 53? Shouldn't it automatically open when you start named?