-2

So, I'm at my wits end here. I've been dealing with this issue off an on for months, and about a week this time around.

I have been using Fatcow as a Nameserver for some time, it started off as hosting; now all domains are parked and are hosted on site. Now, the only thing they host are the nameservers and email, both of which I'm working at getting off of.

I have a DNS on site that's been working; let me clarify, a 2008 R2 server. I have gone through both A-Name records and CNAME Records to get the DNS to be recognized by Fatcow and Name.com; with no avail on either. Both name.com and Fatcow give me an error when attempting to update the Nameservers. My firewall does have both TCP and UDP 53 forwarded.

The two things I can think of are: I'm not doing something right or; AT&T U-verse has port 53 blocked, which is why I'm here. To get a fresh set of eyes.

With all the information, my question is: What am I missing? Based on everything I have done, have I missed something? I've searched and searched and find multiple questions regarding the general issue, but nothing specifically meets what I'm here asking now.

Nathan Stotts
  • 21
  • 2
  • Where's your second nameserver? – Michael Hampton Dec 07 '16 at 21:40
  • It's in the cloud...no; I'm in the process of building it. My architecture isn't necessarily best practice, but with the budget I have, I'm doing the best I can. Eventually I'm going to have a total of three nameservers up and running. – Nathan Stotts Dec 07 '16 at 21:42
  • 2
    For a small site DNS requires a budget of approximately zero. For instance Namecheap will give you [free DNS service](https://www.namecheap.com/domains/freedns.aspx) even if you don't host your domains with them. If you aren't already at least somewhat experienced with DNS, it's probably best to host it elsewhere until you learn enough to do it yourself -- and by that time you probably won't want to! – Michael Hampton Dec 07 '16 at 21:46
  • Use `dig` from a system elsewhere on the net to see what your NS record is returning. Once that works you can check A and AAAA records in your domain. – stark Dec 07 '16 at 21:52
  • @MichaelHampton; I am fairly experienced with DNS, it just didn't hit me until earlier that AT&T might have port 53 closed. But for the sake of due diligence I figured I'd ask prior to chasing my tail. When I began this about three or so years ago, I was on a Win-Server 2003, and had to put the project on the back-burner due to security reasons. So, since I have 2008 R2, I want to get this project off my task list. – Nathan Stotts Dec 07 '16 at 22:07
  • I strongly encourage you to follow Michael's advice and not self-host. It's a very bad idea to cut corners with internet facing auth DNS, and budget is not a good excuse given the risks involved and cheap/free alternatives. Some of the consequences are covered by [Why is geo-redundant DNS necessary for small sites?](http://serverfault.com/questions/710108/why-is-geo-redundant-dns-necessary-for-small-sites). – Andrew B Dec 08 '16 at 04:26

1 Answers1

0

Use http://websistent.com/tools/open-port-check-tool/ to see if 53 is open or not.

FACTORY909
  • 91
  • 5
  • While this did answer a few questions for me; I didn't know this existed so thank you. It's weird...25 is open but 53 isn't...stupid AT&T. I will modify or repost a question once 53 is open. Or if anyone wants to take the time, have I done everything needed once 53 is open? – Nathan Stotts Dec 07 '16 at 21:44