18:07 - Thursday, 24 April 2014

SOA Domain Records Cannot Be Retrieved

I’m still having trouble setting up my nameservers. DNS check says the following about my nameserver address:

Checking SOA records for domain. Domain server is not answering to UDP requests on port 53. Possible problems: A firewall is blocking port 53, server is down, server is not running software for handling dns requests.

I’ve run netstat -anp and found out that named is listening on tcp port 53, and it has udp port 53 on all IPs listed among active connections, though I’m unsure if that also means the port is actually active.

This problem is now solved. Everything was configured correctly, the problem was in zone files which didn’t have appropriate permissions, so named couldn’t read them.

I found what was wrong.
The zone files had read permissions set only for root, so named couldn’t open them.

From here, I get answers from your servers for the two .arpa zones, but SERVFAIL for the .si domain. Hence it’s clearly not an IP stack or firewall problem.

Your BIND log file should tell you why that particular zone isn’t working. FWIW, I ran your drustvo.zone file against the named-checkzone program and it said there were no errors.