Cluster DNS

Hello,

I've setup a new cluster DNS server and everything it's up and running ok, but i have this error in intoDNS.

http://www.intodns.com/revista-spy.ro

I tryed recursive no; in /etc/named.conf but without success.

What am I doing wrong?

Status: 
Active

Comments

Well, there's two issues I see in there; it mentions the recursive queries issue (which just means that outside clients can perform DNS lookups), and another issue with the server "ns3.revista-spy.ro".

I'd suggest starting with ns3.revista-spy.ro, as that'll cause intermittent DNS failures.

Is BIND running on that server? And is there any sort of firewall that may be preventing access?

BIND is running

netstat -lnp | grep 53 tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 8796/dnsmasq tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 20682/named tcp 0 0 :::53 :::* LISTEN 8796/dnsmasq udp 0 0 127.0.0.1:53 0.0.0.0:* 20682/named udp 0 0 0.0.0.0:53 0.0.0.0:* 8796/dnsmasq udp 0 0 :::53 :::* 8796/dnsmasq unix 2 [ ACC ] STREAM LISTENING 14531 1767/master private/proxymap unix 2 [ ACC ] STREAM LISTENING 14535 1767/master private/proxywrite unix 2 [ ACC ] STREAM LISTENING 14539 1767/master private/smtp

Firewall is opened on port 53 according to http://www.yougetsignal.com/tools/open-ports/ I opened both protocols UDP and TCP.

Thank you for your reply!

Hmm, it looks like it's dnsmasq that's listening on UDP port 53 of ns3, rather than BIND. Is that intentional?

As I test all of your nameservers, it's only ns3 that allows recursion... if you're trying to use dnsmasq, rather than BIND, you may need to disable recursion in dnsmasq.

Oh, I forgot to mention that in spite of what intodns.com says, I do seem to be able to see your DNS service running on ns3, so it's just the recursion issue remaining.

I was getting intermitent DNS failures so i dropped it.

I had no intention of running dnsmask on 53. I just wanted a clustered DNS server on that server.