# How to config Bind ?



## cleroy61 (Jan 16, 2011)

Hello everybody,
I rent a dedicated server (http://www.digicube.fr) ; The install FreeBSD is automatic ;

I want to install a FreeBSD Apache22, MySql, PHP, phpMyAdmin, WordPress and an e-commerce as oscommerce and sendmail from a DigiCube. I will only install and configure Apache Bind I want to display only "It works!" In the browser, but that does not work by configuring Apache and Bind with Address:

http://www.takinium.com 

and delete
http://digi00635.digicube.fr

IP address is 95.130.12.68

My domain name I want to convert is:
http://www.takinium.com I bought Gandi where I did the redirect to http. I went to the administration of the domain by clicking on takinium, I went down the link page on the modification of DNS zones by adding this:


```
@ 3600 IN A 95.130.12.68
ftp 3600 IN A 95.130.12.68
www 3600 IN A 95.130.12.68
```

Then I added a zone of type A, with the www address 95.130.12.68, I do not know if I did?






I changed the hostname in the file */etc/rc.conf :*


```
hostname="digi00635.digicube.fr"
```
by:

```
hostname="production-tak.takinium.com"
```

DigiCube dns and their ip:
*ns1.digicube.fr = 95.130.8.8*
*ns2.digicube.fr = 195.254.130.121*

*digi00635#portsnap fetch extract*

my install apache22 :
*digi00635#cd /usr/ports/www/apache22*
*digi00635#make config*
*digi00635#make install clean*
*digi00635#rehash*
*digi00635#ee /usr/local/etc/apache22/httpd.conf*



```
ServerAdmin webmaster@takinium.com
ServerName www.takinium.com:80
Include etc/apache22/extra/httpd-default.conf
```
*digi00635#ee /usr/local/etc/apache22/extra/httpd-default.conf*


```
...
ServerTokens Prod
...
ServerSignature Off
...
HostnameLookups Off
```
*digi00635#echo 'apache22_enable="YES"' >> /etc/rc.conf*
*digi00635#echo 'apache22ssl_enable="YES"' >> /etc/rc.conf*
*digi00635#echo 'accf_http_ready="YES"' >> /etc/rc.conf && kldload accf_http*

*digi00635#ee /etc/rc.conf*


```
### activer Apache22 - ajoutÃ© par Ch Leroy â€“ 06/01/2010 ###
apache22_flags="-DSSL" # Active le support de SSL
apache22_http_accept_enable=''YES''
named_enable="YES"
```
*digi00635#apachectl configtest*
Syntax Ok
*digi00635#/usr/local/etc/rc.d/apache22 restart*

*digi00635#telnet localhost 80*
GET / HTTP/1.0
HTTP/1.1 200 OK
....
<html><body><h1>It works!</h1></body></html>Connection closed by

*digi00635#reboot*

After the reboot, the previous commands no longer work for cons, I still have:

*digi00635#host digi00635.digicube.fr*
digi00635.digicube.fr has address 95.130.12.68
*digi00635#host http://www.takinium.com*
http://www.takinium.com has address 95.130.12.68
*production-tak# host digi00635.digicube.fr*
digi00635.digicube.fr has address 95.130.12.68

*production-tak# ee /etc/namedb/named.conf*


```
zone "takinium.com" {
        type master;
        file "/etc/namedb/master/takinium.com.db";
};

zone "takinium.com" {
        type slave;
        file "/etc/namedb/slave/takinium.com.db";
};
```

edit file *ee /etc/namedb/master/takinium.com.db*


```
;  durÃ©e dans le cache DNS - valeur par defaut 10800
$TTL 3600        ; 1 hour

;  takinium.com. peut Ãªtre remplace par @ si plusieurs domaines
;  IN reprÃ©sente les donnees internet pour DIG, NSLOOKUP, HOST
;  SOA, Start Of Authority avec le nom de la machine
takinium.com.    IN      SOA      production-tak.takinium.com.

;  l adresse mail de la personne de cette zone
;  le premier point est sensÃ© reprÃ©sentÃ© l @
;  premiÃ¨re modification Serial : 2006051501
webmaster.production-tak.takinium.com. (
                                2006051501      ; Serial
                                3600            ; Refresh
                                900             ; Retry
                                604800          ; Expire
                                86400           ; Minimum TTL
; Serveurs DNS
                IN      NS      ns1.digicube.fr.
                IN      NS      ns2.digicube.fr.

; Enregistrements MX
                IN      MX 10   mx.example.org.
                IN      MX 20   mail.example.org.

                IN      A       192.168.1.1

; Noms de machine
localhost       IN      A       127.0.0.1
;ns1             IN      A       192.168.1.2
;ns2             IN      A       192.168.1.3
;mx              IN      A       192.168.1.4
;mail            IN      A       192.168.1.5

; Alias
www             IN      CNAME   @
```

By cons, by modifying the following file (resolv.conf), these lines

```
domain takinium.com
nameserver 95.130.8.8
```

they disappear immediately after a command *reboot*

*production-tak#ee /etc/resolv.conf*


```
nameserver 95.130.12.1
```

Can anyone help me? 
Even knowing the book FreeBSD 7.0, the complete guide, I can not configure and display "it works"

I thank you
Christophe


----------



## SirDice (Jan 17, 2011)

Take note that changing a domain entry on the internet can take a while to 'propagate' to the rest of the internet. This can take up to a day or so.

Also note that if you use DHCP your /etc/resolv.conf will get overwritten by dhclient(8). This can be prevented by creating a /etc/dhclient-enter-hooks containing:

```
add_new_resolv_conf() {
	# We don't want /etc/resolv.conf changed
	# So this is an empty function
	return 0
}
```


----------



## quintessence (Jan 17, 2011)

Hello, 

In the global whois database authoritative NS for you domain is not 95.130.12.68, so there is no need to setup BIND on your server. gandi.net NS correctly returns your IP address when you ask it for www A record, or only generic A record (which you did setup through the control panel your provider provided you).

I didn't get why do you need setting up BIND on your server?

Setting up master and slave entry on 1 DNS server for the same domain:


```
zone "takinium.com" {
        type master;
        file "/etc/namedb/master/takinium.com.db";
};

zone "takinium.com" {
        type slave;
        file "/etc/namedb/slave/takinium.com.db";
};
```
is not so correct (but this is the other topic). 
It will be valid/visible for the global internet only if in the global whois database are listed your NS records as authoritative (but they aren't). Also it will be visible if listed authoritative NSes for the domain delegate to your DNS management of the zone, i.e master/slave configuration - your NS is master, gandi's NS are setup as slave, in your config you have to setup their IPes to be allowed to transfer the zone. 

What about 80 port, it does not seem to be opened for the global internet:

```
telnet takinium.com 80
Trying 95.130.12.68...
telnet: connect to address 95.130.12.68: Connection refused
telnet: Unable to connect to remote host
```


----------



## cleroy61 (Jan 17, 2011)

SirDice & quintessence, I thank you for having responded

in the *production-tak#*ee /etc/rc.conf file :


```
ifconfig_re0="DHCP"
```

I added 95.130.12.1 :
*production-tak#*ee /etc/namedb/named.conf


```
Listen-on { 127.0.0.1;
            95.130.12.1;
};
```

in the *production-tak#*"ee /etc/resolv.conf file :


```
nameserver 95.130.12.1
```



> I didn't get why do you need setting up BIND on your server?


Because I don't understand what i'm doing and how I'm going to do it, even writing in french/english articles or in the complete Guide of FreeBSD 7.0 writing in french


----------



## SirDice (Jan 17, 2011)

If you don't know what you're doing then you most likely don't need BIND. People that need it will know.


----------



## quintessence (Jan 17, 2011)

Hello, 

You don't need BIND, the setup in your control panel is enough to point yourdomain.com and www.yourdomain.com to your IP address ( .68 ).

Are you looking for for some automated way to pointing the IP correct IP address of generic A/www and(or) other records on your domain because your network setup is DHCP and your IP address is changing?

What is 95.130.12.1? DNS server which your server receives through DHCP?
You cannot specify IP address which is not on your network interface in listen-on. If you want your DNS server to listen on all your IP addresses on all your network interfaces you can specify it by setting in named.conf:

```
listen-on { any; };
```

Still conection refused from outside to your IP address on TCP port 80, please check your firewall settings (it has nothing related to BIND in this case). 

Also be sure your web server is listening on TCP 80 port:

```
sockstat -l4P tcp | grep 80
```


----------



## cleroy61 (Jan 17, 2011)

SirDice & quintessence, I thank you again for having responded

I followed the Chapter 14 on DNS of FreeBSD 7.0, the complete Guide.

I started a new apache22 installation (over fifty, maybe plus) and I noticed that changing the hostname in the /etc/rc.conf file, it didn't work again! With this below, it works!


```
hostname="digi00635.digicube.fr"
```

With this below, it doesn't work!


```
hostname="production-tak.takinium.com"
```

I don't understand this because in the console's picture, I changed digi00635 by production-tak and in the /etc/rc.conf file , there was no change.

I changed in the /etc/rc.conf file:

```
ifconfig_re0="DHCP"
```
to

```
ifconfig_re0="inet 95.130.12.68 netmask 255.255.255.0"
```

It was the reason that erased the line 
	
	



```
domain takinium.com
```
 in /etc/resolv.conf file 

95.130.12.1 in the /etc/resolv.conf file, I think, it's a gateway between the dns digicube ns1.digicube.fr (95.130.8.8) & ns2.digicube.fr (195.254.130.121)

[CMD=""]/usr/bin/sockstat -4 | grep :80[/CMD]

```
www      httpd      24731 3  tcp4 6 *:80                  *:*
 www      httpd      24731 5  tcp4   95.130.12.68:80       *:*
 www      httpd      24730 3  tcp4 6 *:80                  *:*
 www      httpd      24730 5  tcp4   95.130.12.68:80       *:*
 www      httpd      24729 3  tcp4 6 *:80                  *:*
 www      httpd      24729 5  tcp4   95.130.12.68:80       *:*
 www      httpd      24728 3  tcp4 6 *:80                  *:*
 www      httpd      24728 5  tcp4   95.130.12.68:80       *:*
 www      httpd      24727 3  tcp4 6 *:80                  *:*
 www      httpd      24727 5  tcp4   95.130.12.68:80       *:*
 www      httpd      24726 3  tcp4 6 *:80                  *:*
 www      httpd      24726 5  tcp4   95.130.12.68:80       *:*
 www      httpd      24725 3  tcp4 6 *:80                  *:*
 www      httpd      24725 5  tcp4   95.130.12.68:80       *:*
 root     httpd      24724 3  tcp4 6 *:80                  *:*
 root     httpd      24724 5  tcp4   95.130.12.68:80       *:*
```

I rebooted several times to verify.


```
telnet localhost 80
GET / HTTP/1.0
HTTP/1.1 200 OK
Date: Mon, 17 Jan 2011 20:49:57 GMT
Server: Apache
Last-Modified: Sat, 20 Nov 2004 20:16:24 GMT
ETag: "8a079-2c-3e9564c23b600"
Accept-Ranges: bytes
Content-Length: 44
Connection: close
Content-Type: text/html

<html><body><h1>It works!</h1></body></html>Connection closed by foreign host.
```

I think my problem is solved and I thank you for your help and your attention

Christophe


----------



## quintessence (Jan 17, 2011)

Hello,



> ```
> hostname="production-tak.takinium.com"
> ```
> 
> I don't understand this because in the console's picture, I changed digi00635 by production-tak and in the /etc/rc.conf file , there was no change.



There is no A record pointing production-tak to your IP address. You have to add it/create it through the control panel of your provider like you setup www and ftp.


```
; <<>> DiG 9.6.-ESV-R3 <<>> @a.dns.gandi.net production-tak.takinium.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59796
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;production-tak.takinium.com.   IN      A

;; AUTHORITY SECTION:
takinium.com.           10800   IN      SOA     a.dns.gandi.net. hostmaster.gandi.net. 1292589729 10800 3600 604800 10800
```


```
; <<>> DiG 9.6.-ESV-R3 <<>> @b.dns.gandi.net production-tak.takinium.com
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40521
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;production-tak.takinium.com.   IN      A

;; AUTHORITY SECTION:
takinium.com.           10800   IN      SOA     a.dns.gandi.net. hostmaster.gandi.net. 1292589729 10800 3600 604800 10800
```


```
; <<>> DiG 9.6.-ESV-R3 <<>> @c.dns.gandi.net production-tak.takinium.com
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8936
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;production-tak.takinium.com.   IN      A

;; AUTHORITY SECTION:
takinium.com.           10800   IN      SOA     a.dns.gandi.net. hostmaster.gandi.net. 1292589729 10800 3600 604800 10800
```

After you create it you will receive answer from the authoritative NS like for www:


```
; <<>> DiG 9.6.-ESV-R3 <<>> @c.dns.gandi.net www.takinium.com
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58324
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;www.takinium.com.              IN      A

;; ANSWER SECTION:
www.takinium.com.       3600    IN      A       95.130.12.68

;; AUTHORITY SECTION:
takinium.com.           10800   IN      NS      a.dns.gandi.net.
takinium.com.           10800   IN      NS      c.dns.gandi.net.
takinium.com.           10800   IN      NS      b.dns.gandi.net.
```
.


----------



## cleroy61 (Jan 18, 2011)

I did not answer because I was tired.

I thank you for your help

Christophe


----------

