Also, why are those NS records using a different domain? Those should be like “ns1.uk.ms”.
when i had done nslookup on uk.ms i got them
You need to configure your domain registrar to not use its own nameservers, and instead use yours.
its mandatory because in my domain there are no ns servers
why this error:-
registration-server | Jun 15 10:33:49 Could not retrieve security status update for ‘4.1.6-3.Debian’ on ‘auth-4.1.6-3.Debian.security-status.secpoll.powerdns.com.’, RCODE = Non-Existent domain
but there name servers are resolved our subdomain then what is the issue
Don’t worry about that error, it’s just an issue with Debian’s packaging of PowerDNS.
Look at the difference in output here, and you can see why you need to configure your NS records properly. The registration server needs to be able to handle resolution for the entire domain, including for the ns* subdomains.
$ dig +short NS mozilla-iot.org
ns2.mozilla-iot.org.
ns1.mozilla-iot.org.
$ dig +short NS uk.ms
ns4.afraid.org.
ns2.afraid.org.
ns3.afraid.org.
ns1.afraid.org.
$ dig ANY api.mozilla-iot.org
; <<>> DiG 9.10.6 <<>> ANY api.mozilla-iot.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31873
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;api.mozilla-iot.org. IN ANY
;; ANSWER SECTION:
api.mozilla-iot.org. 35 IN A 52.25.215.5
api.mozilla-iot.org. 35 IN NS ns2.mozilla-iot.org.
api.mozilla-iot.org. 35 IN NS ns1.mozilla-iot.org.
api.mozilla-iot.org. 35 IN SOA ns1.mozilla-iot.org. dns-admin.mozilla-iot.org. 2018082801 900 900 1209600 60
api.mozilla-iot.org. 35 IN MX 10 inbound-smtp.us-west-2.amazonaws.com.
api.mozilla-iot.org. 35 IN CAA 0 issue "letsencrypt.org"
;; ADDITIONAL SECTION:
ns1.mozilla-iot.org. 35 IN A 52.25.215.5
ns2.mozilla-iot.org. 35 IN A 18.197.113.199
;; Query time: 379 msec
;; SERVER: 192.168.86.1#53(192.168.86.1)
;; WHEN: Mon Jun 15 10:38:15 AKDT 2020
;; MSG SIZE rcvd: 480
$ dig ANY api.uk.ms
; <<>> DiG 9.10.6 <<>> ANY api.uk.ms
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOTIMP, id: 60501
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;api.uk.ms. IN ANY
;; Query time: 352 msec
;; SERVER: 192.168.86.1#53(192.168.86.1)
;; WHEN: Mon Jun 15 10:38:25 AKDT 2020
;; MSG SIZE rcvd: 38
i tried with one ns server still it is showing that error :was no route.
any problem with aws
Yes, the problem is still that your domain is set up with 4 NS records at the registrar level.
ohh that’s great thanks.
now i got it i have configure name server
I am confused i had setup dns server in different machine with bind and how to access that registration server with api.something.xxx.
I create the api.something.xxx as origin domain in zone configuration.
You don’t need to do any of that. The registration server itself serves the DNS records for the whole domain.
I tried accessing it using http://127.0.0.1:81 getting below error:-
Error:- https://pastebin.com/T5kLLB9m
config.otml:- https://pastebin.com/ng6GtvwS
other-config :- https://pastebin.com/Mh1vidZb
Assuming your domain is still uk.ms
…
config.toml
:
-
domain
should be:domain = "uk.ms"
-
ns_records
should be:ns_records = [ [ "ns1.uk.ms", "<IP address of your server>" ], ]
-
soa_record
should be:soa_record = "ns1.uk.ms hostmaster.uk.ms 1592378223 7200 3600 604800 300"
- The
geoip
sections should look like this:[pdns.geoip] default = "<IP address of your server>" [pdns.geoip.continent] # nothing else in this section
pagekite.conf
:
-
authdomain
should be:--authdomain=uk.ms
docker-compose.yml
:
- Why are you binding the DNS ports to 543 locally? Those need to be on 53, and should be open to the world (so that DNS resolution actually works).
Additionally:
- Externally, you need to open ports 53 (TCP), 53 (UDP), 443 (TCP), and 8443 (TCP) to the world.
still getting same error.
help me i have to deploy it for company
Your NS records are still not correct:
$ dig +short NS mozilla-iot.org
ns1.mozilla-iot.org.
ns2.mozilla-iot.org.
$ dig +short NS uk.ms
ns1.afraid.org.
ns4.afraid.org.
ns2.afraid.org.
ns3.afraid.org.
Where to create these records??. As you told i made changes in config.otml.
I am using adpar.us domain
$ dig +short NS adpar.us
ns2dqx.name.com.
ns4bty.name.com.
ns3dgj.name.com.
ns1fkl.name.com.
As I’ve told you multiple times, you need to change your domain registrar’s settings to not use its own name servers, but to instead use yours.
It will not create any problem right if i remove default name servers from there.
api.adpar.us should point our server.(A record)
ns1.adpar.us should point our server.(NS name server for that domain)