0

I know this is a general question but I tried a lot of solutions without any success.
What I want to do is to create a custom nameserver like ns1.example.com/ns2.example.com
I tried bind9 but I always get "Nameserver is not authoritative for example.com"
I did multiple configurations and the same error I even tried with CWP7.

zone "example.com" {
    type master;
    file "/etc/bind/db.example.com";
};

zone "159.223.120.in-addr.arpa" {
    type master;
    file "/etc/bind/db.159";
};

the db.example.com

$TTL    604800
@       IN      SOA     localhost. root.localhost. (
                            300         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@       IN      NS      ns1.example.com.
@       IN      NS      ns2.example.com.
@       IN      A       xxx.xxx.xxx.xxx
@       IN      AAAA    ::1
ns1     IN      A       xxx.xxx.xxx.xxx
ns2     IN      A       xxx.xxx.xxx.xxx

Is there a link or something that would be helpful?

lhbib hbart
  • 31

1 Answers1

1

Your SOA record is wrong. This is why BIND refuses it.

Its data should be: SOA nameserver email serial refresh retry expire negative

nameserver must be one of authoritative nameservers for the zone, that is, ns1.example.com or ns2.example.com, the one which could accept the dynamic updates. If DNS AXFR/IXFR is used to distribute the zone data (e.g. BIND master/slave), master is specified in that field. If you configure update forwarding on the slave, it doesn't matter which one you speficy there. If the replication is carried out via some other mechanism (AD DS database replication in case Microsoft DNS server, backend replication in case PowerDNS native zones, and so on), or if the dynamic updates are not used for the zone, the choice could be completely arbitrary.

email is administrative contact email address where @ is replaced with ., e.g. dnsadmin@example.com becomes dnsadmin.example.com.

Others are numbers, yours are good enough. Parethesis are the way to split a single record into several lines, just a syntactical element; you could have written all record fields in one line without them.

The valid SOA record as it could appear in the zone file might look like this:

@       IN      SOA     ns1.example.com. dnsadmin.example.com. (
                            300         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
example.com. IN NS ns1.example.com.
ns1.example.com. IN A xxx.xxx.xxx.xxx

(I included also the in-zone nameserver definition, so the sample above is in fact a complete correct minimal zone file in case the nameserver name belongs to a zone itself.)

Also, I think you don't really want to have the record

example.com. IN AAAA ::1

This is "ipv6 localhost" address. Why would you want to specify a correct working public IPv4 address and localhost IPv6? The dual-stack users which have their systems to prefer IPv6 if it is available will not be able to use your web site. If you don't have IPv6, just remove this record. If you do have it, configure a correct IPv6 address instead of ::1.

Nikita Kipriyanov
  • 15,624