CODEWITHSUNDEEP
linuxazureubuntudnsbind9
robliv
robliv

Reputation: 1541

Ubuntu Bind9 DNS not available over internet

I am trying to set up a basic public DNS server in Azure using Ubuntu and Bind9.

I want it to be accessible over the internet and forward all requests to Cloudflare or Google except one custom zone.

I have two problems currently:

  1. I can get it to work on the local network, setting up a client on the same subnet and doing nslookup to public sites the forwarding works perfectly, but when pointing internet client to the DNS server it times out.
  2. The custom zones don't work, even on the local network. I try to set up not existing domain to point to an IP and set up the separate zone file, but nothing happens. Even on the dns server itself I can't get it to work.

I don't think issue 1 is a firewall issue, for testing I have allowed all ports and IPs to be open and also opened port 53 on the DNS server firewall. I think both issues are related to the Bind9 configuration and I have little understanding of it. Perhaps you guys can help out.

Here's the config files:

/etc/bind/named.conf.local:

zone "fakehostname.com" {
        type master;
        file "/etc/bind/zone.fakehostname.com";
};

/etc/bind/named.conf.options:

options {
  directory "/var/cache/bind";

  forwarders {
    1.1.1.1; // Cloudflare
    8.8.8.8; // Google
  };

  allow-query { any; };

  dnssec-validation auto;

  auth-nxdomain no;
  listen-on-v6 { any; };

  recursion yes;
  querylog yes;
  version "not available";
};

/etc/bind/zone.fakehostname.com:

$TTL    604800
@       IN      SOA     fakehostname.com. admin.fakehostname.com. (
                              2         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
@       IN      NS      localhost.
@       IN      A       10.10.10.10
mail    IN      A       10.10.10.10
@       IN      MX      10 mail.fakehostname.com.
@       IN      TXT     "hello"

Upvotes: 0

Views: 912

Answers (1)

robliv
robliv

Reputation: 1541

Sorry this was a mistake, the config was correct and issue was in Azure NSG firewall config. I thought I had allowed all ports for testing but UDP 53 was not open. After opening it everything works.

Upvotes: 0

Related Questions