HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   New domains not added to Bind9 DNS (http://www.howtoforge.com/forums/showthread.php?t=50940)

DKLeader 13th January 2011 19:14

New domains not added to Bind9 DNS
 
Hi,

System has been running well untill today.
Runnning all servers on Debian Lenny.
All servers are physical servers.
ISPConfig vers : 3.0.3.2

Problem : When I now add a new dns zone in ISPConfig they are not added to named.conf.local or as a pri.[domain] to /etc/bind. I dont get any errors during the creation of the dns zone.

My dns servers : (they are behind a firewall)
ns1.superweb.dk (92.62.196.66 - 192.168.100.66)
ns2.superweb.dk (92.62.196.67 - 192.168.100.67)
ns3.superweb.dk (92.62.196.77 - 192.168.100.77)
port 53 is opened (TCP and UDP)

ISPConfig is on 92.62.196.69 - 192.168.1.90 (behind another firewall)

What I have tried :
On ns1 :
Code:

netstat -tap
result :
Code:

ns1:/etc/bind# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address          Foreign Address        State      PID/Program name
tcp        0      0 *:tcpmux                *:*                    LISTEN      3426/portsentry
tcp        0      0 *:20034                *:*                    LISTEN      3426/portsentry
tcp        0      0 *:32771                *:*                    LISTEN      3426/portsentry
tcp        0      0 *:32772                *:*                    LISTEN      3426/portsentry
tcp        0      0 *:40421                *:*                    LISTEN      3426/portsentry
tcp        0      0 *:32773                *:*                    LISTEN      3426/portsentry
tcp        0      0 *:32774                *:*                    LISTEN      3426/portsentry
tcp        0      0 *:38311                *:*                    LISTEN      2214/rpc.statd
tcp        0      0 *:8009                  *:*                    LISTEN      3387/jsvc
tcp        0      0 *:31337                *:*                    LISTEN      3426/portsentry
tcp        0      0 *:rsync                *:*                    LISTEN      3087/rsync
tcp        0      0 192.168.100.66:mysql    *:*                    LISTEN      15268/mysqld
tcp        0      0 *:ircd                  *:*                    LISTEN      3426/portsentry
tcp        0      0 *:systat                *:*                    LISTEN      3426/portsentry
tcp        0      0 *:netbios-ssn          *:*                    LISTEN      3129/smbd
tcp        0      0 *:5900                  *:*                    LISTEN      3645/vino-server
tcp        0      0 *:5742                  *:*                    LISTEN      3426/portsentry
tcp        0      0 *:1935                  *:*                    LISTEN      3083/java
tcp        0      0 *:50959                *:*                    LISTEN      3083/java
tcp        0      0 *:9999                  *:*                    LISTEN      3083/java
tcp        0      0 *:finger                *:*                    LISTEN      3426/portsentry
tcp        0      0 *:netstat              *:*                    LISTEN      3426/portsentry
tcp        0      0 *:imap2                *:*                    LISTEN      3168/xinetd
tcp        0      0 *:sunrpc                *:*                    LISTEN      2203/portmap
tcp        0      0 *:54320                *:*                    LISTEN      3426/portsentry
tcp        0      0 *:cisco-sccp            *:*                    LISTEN      3426/portsentry
tcp        0      0 *:www                  *:*                    LISTEN      3407/apache2
tcp        0      0 *:27665                *:*                    LISTEN      3426/portsentry
tcp        0      0 *:8180                  *:*                    LISTEN      3387/jsvc
tcp        0      0 *:ingreslock            *:*                    LISTEN      3426/portsentry
tcp        0      0 192.168.100.66:domain  *:*                    LISTEN      20899/named
tcp        0      0 localhost:domain        *:*                    LISTEN      20899/named
tcp        0      0 *:51413                *:*                    LISTEN      19900/transmission
tcp        0      0 *:ftp                  *:*                    LISTEN      3152/vsftpd
tcp        0      0 *:ssh                  *:*                    LISTEN      2671/sshd
tcp        0      0 *:nntp                  *:*                    LISTEN      3426/portsentry
tcp        0      0 *:5080                  *:*                    LISTEN      3083/java
tcp        0      0 *:omniorb              *:*                    LISTEN      3083/java
tcp        0      0 *:socks                *:*                    LISTEN      3426/portsentry
tcp        0      0 localhost:953          *:*                    LISTEN      20899/named
tcp        0      0 *:12345                *:*                    LISTEN      3426/portsentry
tcp        0      0 *:smtp                  *:*                    LISTEN      3071/master
tcp        0      0 192.168.100.66:21370    *:*                    LISTEN      21775/vsftpd
tcp        0      0 *:12346                *:*                    LISTEN      3426/portsentry
tcp        0      0 *:8443                  *:*                    LISTEN      3083/java
tcp        0      0 *:635                  *:*                    LISTEN      3426/portsentry
tcp        0      0 *:49724                *:*                    LISTEN      3426/portsentry
tcp        0      0 *:uucp                  *:*                    LISTEN      3426/portsentry
tcp        0      0 *:microsoft-ds          *:*                    LISTEN      3129/smbd
tcp    3875      0 192.168.100.66:48537    dedi112.xirvik.co:40623 ESTABLISHED 19900/transmission
tcp        0      9 192.168.100.66:51413    80.71.135.43:35588      ESTABLISHED 19900/transmission
tcp        0      0 192.168.100.66:51413    x1-6-00-26-f2-d4-:52654 ESTABLISHED 19900/transmission
tcp        0  34801 192.168.100.66:51413    77.68.168.104:63441    ESTABLISHED 19900/transmission
tcp        0      0 192.168.100.66:46239    89.184.146:font-service ESTABLISHED 19900/transmission
tcp        0      0 192.168.100.66:51413    217.142.135.200:3955    ESTABLISHED 19900/transmission
^C
ns1:/etc/bind#

My named.conf :
Code:

// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
// include "/etc/bind/named.conf.options";
options {
        directory "/var/cache/bind";
        recursion yes;
        allow-query { "any"; };
        allow-recursion { "any"; };
        allow-transfer { "any"; };
        query-source address * port 53;
        dnssec-enable yes;
        dnssec-validation yes;
        forward first;
        forwarders {
                89.221.173.178;
                89.221.173.182;
                193.163.102.6;
        };

        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };
        listen-on { any; };
};
// # Use with the following in named.conf, adjusting the allow list as needed:
key "rndc-key" {
        algorithm hmac-md5;
        secret "something";
};

controls {
        inet 127.0.0.1 port 953
                allow { 127.0.0.1; } keys { "rndc-key"; };
};

// prime the server with knowledge of the root servers
zone "." {
        type hint;
        file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
        type master;
        file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
        type master;
        file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
        type master;
        file "/etc/bind/db.255";
};
include "/etc/bind/named.conf.local";

Doing a status on bind gives that it is running and no error.
Tried
Code:

named -d9 -g -c /etc/bind/named.conf
and couldnt see any errors in that part.

From syslog :
Code:

Jan 13 16:19:52 ns1 named[20899]: starting BIND 9.6-ESV-R3 -u bind
Jan 13 16:19:52 ns1 named[20899]: built with '--prefix=/usr' '--build=i486-linux-gnu' '--host=i486-linux-gnu' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--$
Jan 13 16:19:52 ns1 named[20899]: adjusted limit on open files from 1024 to 1048576
Jan 13 16:19:52 ns1 named[20899]: found 4 CPUs, using 4 worker threads
Jan 13 16:19:52 ns1 named[20899]: using up to 4096 sockets
Jan 13 16:19:52 ns1 named[20899]: loading configuration from '/etc/bind/named.conf'
Jan 13 16:19:52 ns1 named[20899]: using default UDP/IPv4 port range: [1024, 65535]
Jan 13 16:19:52 ns1 named[20899]: using default UDP/IPv6 port range: [1024, 65535]
Jan 13 16:19:52 ns1 named[20899]: no IPv6 interfaces found
Jan 13 16:19:52 ns1 named[20899]: listening on IPv4 interface lo, 127.0.0.1#53
Jan 13 16:19:52 ns1 named[20899]: listening on IPv4 interface eth0, 192.168.100.66#53
Jan 13 16:19:52 ns1 named[20899]: /etc/bind/named.conf:15: using specific query-source port suppresses port randomization and can be insecure.
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: 254.169.IN-ADDR.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: D.F.IP6.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: 8.E.F.IP6.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: 9.E.F.IP6.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: A.E.F.IP6.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: B.E.F.IP6.ARPA
Jan 13 16:19:52 ns1 named[20899]: command channel listening on 127.0.0.1#953
Jan 13 16:19:52 ns1 named[20899]: zone 0.in-addr.arpa/IN: loaded serial 1
Jan 13 16:19:52 ns1 named[20899]: zone 127.in-addr.arpa/IN: loaded serial 1
Jan 13 16:19:53 ns1 named[20899]: zone 255.in-addr.arpa/IN: loaded serial 1
Jan 13 16:19:53 ns1 named[20899]: zone 24-timerssejlads.dk/IN: loaded serial 2011011102
Jan 13 16:19:53 ns1 named[20899]: zone 24timerssejlads.dk/IN: loaded serial 2010101301
.
.
Jan 13 16:19:53 ns1 named[20899]: zone voice-online.dk/IN: loaded serial 2010100201
Jan 13 16:19:53 ns1 named[20899]: zone xn--caf13-dsa.dk/IN: loaded serial 2010100201
Jan 13 16:19:53 ns1 named[20899]: zone localhost/IN: loaded serial 2
Jan 13 16:19:53 ns1 named[20899]: running
Jan 13 16:19:53 ns1 named[20899]: zone vinterbil.dk/IN: sending notifies (serial 2010101801)
.
.
Jan 13 16:19:53 ns1 named[20899]: zone superweb.dk/IN: sending notifies (serial 2011011101)
Jan 13 16:19:53 ns1 named[20899]: zone la-krydseren.dk/IN: sending notifies (serial 2010101301)
Jan 13 16:19:53 ns1 named[20899]: zone phpmyadmin.superweb.dk/IN: sending notifies (serial 2011011101)
Jan 13 16:20:01 ns1 /USR/SBIN/CRON[20915]: (root) CMD (/usr/local/ispconfig/server/server.sh > /dev/null 2>> /var/log/ispconfig/cron.log)

If anyone got a suggestion to what I could have done to suddenly get this problem I would like to hear it :)

till 13th January 2011 22:27

Check if there are any jobs listed in the jobqueue in the ispconfig monitor.

DKLeader 13th January 2011 22:59

It says :

Code:

2011-01-13 22:57 ns1.superweb.dk Update dns_soa 
2011-01-13 22:56 ns1.superweb.dk Insert dns_rr 
2011-01-13 22:56 ns1.superweb.dk Insert dns_rr 
2011-01-13 22:56 ns1.superweb.dk Insert dns_rr 
2011-01-13 22:56 ns1.superweb.dk Insert dns_rr 
2011-01-13 22:56 ns1.superweb.dk Insert dns_rr 
2011-01-13 22:56 ns1.superweb.dk Insert dns_rr 
2011-01-13 22:56 ns1.superweb.dk Insert dns_rr 
2011-01-13 22:56 ns1.superweb.dk Insert dns_rr 
2011-01-13 22:56 ns1.superweb.dk Insert dns_rr 
2011-01-13 22:56 ns1.superweb.dk Insert dns_soa

and a few others that I have tried to create / delete since I noticed the problem.

till 14th January 2011 11:16

Ok. So your problem is that the jobqueue dont get executed and it is not specific to BIND.

Please enable loglevel debug under system > server config and then run this command as root on the shell and post the output:

/usr/local/ispconfig/server/server.sh

DKLeader 14th January 2011 11:45

If I run it on the web / cp server I get :
Code:

web:~# /usr/local/ispconfig/server/server.sh
14.01.2011-11:41 - DEBUG - Set Lock: /usr/local/ispconfig/server/temp/.ispconfig                                              _lock
14.01.2011-11:41 - DEBUG - No Updated records found, starting only the core.
14.01.2011-11:41 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispcon                                              fig_lock
finished.
web:~#

and on ns1 :
Code:

ns1:/# /usr/local/ispconfig/server/server.sh
/etc/profile: line 25: unmask: command not found

Warning: mysql_connect(): Lost connection to MySQL server at 'reading initial communication packet', system error: 111 in /usr/local/ispconfig/server/lib/classes/db_mysql.inc.php on line 78

Warning: mysql_errno(): supplied argument is not a valid MySQL-Link resource in /usr/local/ispconfig/server/lib/classes/db_mysql.inc.php on line 63

Warning: mysql_error(): supplied argument is not a valid MySQL-Link resource in /usr/local/ispconfig/server/lib/classes/db_mysql.inc.php on line 64

Warning: mysql_connect(): Lost connection to MySQL server at 'reading initial communication packet', system error: 111 in /usr/local/ispconfig/server/lib/classes/db_mysql.inc.php on line 78

Warning: mysql_errno(): supplied argument is not a valid MySQL-Link resource in /usr/local/ispconfig/server/lib/classes/db_mysql.inc.php on line 63

Warning: mysql_error(): supplied argument is not a valid MySQL-Link resource in /usr/local/ispconfig/server/lib/classes/db_mysql.inc.php on line 64
finished.
ns1:/#


till 14th January 2011 11:48

Seems as if your slave server is not able to connect to the master database. As you updated to ispconfig 3.0.3.2, have you choosen to reconfigure master database permissions as you updated the master or the slave?

DKLeader 14th January 2011 11:58

Not that I recall.

DKLeader 14th January 2011 11:59

Just tried on my ns2 server and got :
Code:

ns2:~# /usr/local/ispconfig/server/server.sh

Warning: mysql_connect(): Lost connection to MySQL server at 'reading initial co                                                                                        mmunication packet', system error: 111 in /usr/local/ispconfig/server/lib/classe                                                                                        s/db_mysql.inc.php on line 78

Warning: mysql_errno(): supplied argument is not a valid MySQL-Link resource in                                                                                        /usr/local/ispconfig/server/lib/classes/db_mysql.inc.php on line 63

Warning: mysql_error(): supplied argument is not a valid MySQL-Link resource in                                                                                        /usr/local/ispconfig/server/lib/classes/db_mysql.inc.php on line 64

Warning: mysql_connect(): Lost connection to MySQL server at 'reading initial co                                                                                        mmunication packet', system error: 111 in /usr/local/ispconfig/server/lib/classe                                                                                        s/db_mysql.inc.php on line 78

Warning: mysql_errno(): supplied argument is not a valid MySQL-Link resource in                                                                                        /usr/local/ispconfig/server/lib/classes/db_mysql.inc.php on line 63

Warning: mysql_error(): supplied argument is not a valid MySQL-Link resource in                                                                                        /usr/local/ispconfig/server/lib/classes/db_mysql.inc.php on line 64
finished.
ns2:~#


till 14th January 2011 12:05

Please redo the update on the master server by following these steps:

Code:

cd /tmp
wget http://www.ispconfig.org/downloads/I...-stable.tar.gz
tar xvfz ISPConfig-3-stable.tar.gz
cd ispconfig3_install/install
php -q update.php

Select yes when the updater asks you "Reconfigure Permissions in master database?". Then wait a few minutes and check again the jobqueue in the master if it gets emptied.

DKLeader 14th January 2011 13:00

Tried your suggestion before lunch - have just checked when I got back and it is stlll the same with the jobqueue .

Tried
Code:

/usr/local/ispconfig/server/server.sh
on ns1 and ns2 and I am still getting the same errors.


All times are GMT +2. The time now is 21:52.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.