HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   DNS ISSUES connect failed: 127.0.0.1 # 953: connection refused (http://www.howtoforge.com/forums/showthread.php?t=55914)

BrainyForge 25th January 2012 12:27

DNS ISSUES connect failed: 127.0.0.1 # 953: connection refused
 
DEBIAN 6 - ISPConfig 3.0.4.2 - BIND9-

Hello everyone I am here to bring it to the following problem, after days of failed attempts.
3 Ispconfig3 DNS stopped working, I'm not sure if after updates or not, because the monitor says it all OK.


I tried again to restore in new ISPCONFIG3 Debian6 on VPS with BIND9, works for a while, when you start writing the new areas, it stops working.

I reinstalled a new version of VPS MyDNS, when I recorded the new areas, stopped FunZone, I do not know that connection can be given that does not use BIND9.
Now I am back to the BIND9 version, it worked until I populated areas.
here is the current situation, if you restart

Code:

root@dns2:/etc/bind# /etc/init.d/bind9 restart
Stopping domain name service...: bind9rndc: connect failed: 127.0.0.1#953: connection refused

Code:

root@dns2:~# netstat -tanpu
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address          Foreign Address        State      PID/Program name
tcp        0      0 0.0.0.0:993            0.0.0.0:*              LISTEN      1738/dovecot
tcp        0      0 0.0.0.0:995            0.0.0.0:*              LISTEN      1738/dovecot
tcp        0      0 127.0.0.1:10024        0.0.0.0:*              LISTEN      1358/amavisd (maste
tcp        0      0 127.0.0.1:10025        0.0.0.0:*              LISTEN      1894/master
tcp        0      0 0.0.0.0:3306            0.0.0.0:*              LISTEN      1656/mysqld
tcp        0      0 0.0.0.0:110            0.0.0.0:*              LISTEN      1738/dovecot
tcp        0      0 0.0.0.0:143            0.0.0.0:*              LISTEN      1738/dovecot
tcp        0      0 0.0.0.0:21              0.0.0.0:*              LISTEN      1939/pure-ftpd (SER
tcp        0      0 0.0.0.0:22              0.0.0.0:*              LISTEN      1986/sshd
tcp        0      0 0.0.0.0:25              0.0.0.0:*              LISTEN      1894/master
tcp        0    300 109.xxx.120.167:22      2.xxx.20.134:2828      ESTABLISHED 2322/0
tcp6      0      0 :::8080                :::*                    LISTEN      1379/apache2
tcp6      0      0 :::80                  :::*                    LISTEN      1379/apache2
tcp6      0      0 :::8081                :::*                    LISTEN      1379/apache2
tcp6      0      0 :::21                  :::*                    LISTEN      1939/pure-ftpd (SER
tcp6      0      0 :::22                  :::*                    LISTEN      1986/sshd
tcp6      0      0 :::443                  :::*                    LISTEN      1379/apache2
udp        0      0 109.xxx.120.167:123    0.0.0.0:*                          1756/ntpd
udp        0      0 127.0.0.1:123          0.0.0.0:*                          1756/ntpd
udp        0      0 0.0.0.0:123            0.0.0.0:*                          1756/ntpd
udp6      0      0 fe80::216:3eff:fe20:123 :::*                                1756/ntpd
udp6      0      0 ::1:123                :::*                                1756/ntpd
udp6      0      0 :::123                  :::*                                1756/ntpd

As you can see is not listening on port 53

Research continues nellla display and return to publish, thanks for your attention.

till 25th January 2012 12:50

Please post the BIND error messages from /var/log/syslog that you get after restarting Bind.

BrainyForge 25th January 2012 13:22

Sorry my English translated by google :rolleyes:
Thanks for your log here

Code:

Jan 25 12:50:47 dns2 named[4999]: starting BIND 9.7.3 -u bind
Jan 25 12:50:47 dns2 named[4999]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysco$
Jan 25 12:50:47 dns2 named[4999]: adjusted limit on open files from 1024 to 1048576
Jan 25 12:50:47 dns2 named[4999]: found 1 CPU, using 1 worker thread
Jan 25 12:50:47 dns2 named[4999]: using up to 4096 sockets
Jan 25 12:50:47 dns2 named[4999]: loading configuration from '/etc/bind/named.conf'
Jan 25 12:50:47 dns2 named[4999]: reading built-in trusted keys from file '/etc/bind/bind.keys'
Jan 25 12:50:47 dns2 named[4999]: using default UDP/IPv4 port range: [1024, 65535]
Jan 25 12:50:47 dns2 named[4999]: using default UDP/IPv6 port range: [1024, 65535]
Jan 25 12:50:47 dns2 named[4999]: listening on IPv6 interfaces, port 53
Jan 25 12:50:47 dns2 named[4999]: listening on IPv4 interface lo, 127.0.0.1#53
Jan 25 12:50:47 dns2 named[4999]: listening on IPv4 interface eth0, 109.xxx.120.167#53
Jan 25 12:50:47 dns2 named[4999]: generating session key for dynamic DNS
Jan 25 12:50:47 dns2 named[4999]: set up managed keys zone for view _default, file 'managed-keys.bind'
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 254.169.IN-ADDR.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 2.0.xxx.IN-ADDR.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 113.0.xxx.IN-ADDR.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6$
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6$
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: D.F.IP6.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 8.E.F.IP6.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 9.E.F.IP6.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: A.E.F.IP6.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: B.E.F.IP6.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Jan 25 12:50:47 dns2 named[4999]: command channel listening on 127.0.0.1#953
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 254.xxx.IN-ADDR.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 2.0.xxx.IN-ADDR.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 113.0.xxx.IN-ADDR.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6$
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6$
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: D.F.IP6.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 8.E.F.IP6.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 9.E.F.IP6.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: A.E.F.IP6.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: B.E.F.IP6.ARPA
Jan 25 12:50:47 dns2 named[4999]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Jan 25 12:50:47 dns2 named[4999]: command channel listening on 127.0.0.1#953
Jan 25 12:50:47 dns2 named[4999]: command channel listening on ::1#953
Jan 25 12:50:47 dns2 named[4999]: zone 0.in-addr.arpa/IN: loaded serial 1
Jan 25 12:50:47 dns2 named[4999]: zone 127.in-addr.arpa/IN: loaded serial 1
Jan 25 12:50:47 dns2 named[4999]: zone 255.in-addr.arpa/IN: loaded serial 1
Jan 25 12:50:47 dns2 named[4999]: zone jorche.it/IN: loaded serial 2012012501
Jan 25 12:50:47 dns2 named[4999]: zone verdeoro.it/IN: loaded serial 2012012501
Jan 25 12:50:47 dns2 named[4999]: zone localhost/IN: loaded serial 2
Jan 25 12:50:47 dns2 named[4999]: zone esempio.net/IN: loaded serial 2012012501
Jan 25 12:50:47 dns2 named[4999]: managed-keys-zone ./IN: loading from master file managed-keys.bind failed: file not found
Jan 25 12:50:47 dns2 named[4999]: managed-keys-zone ./IN: loaded serial 0
Jan 25 12:50:47 dns2 named[4999]: running
Jan 25 12:50:47 dns2 named[4999]: zone esempio.net/IN: sending notifies (serial 2012012501)
Jan 25 12:50:47 dns2 named[4999]: zone esempio1.it/IN: sending notifies (serial 2012012501)
Jan 25 12:50:47 dns2 named[4999]: zone esempio2.it/IN: sending notifies (serial 2012012501)

I think they are all useless queries about domains

I did a test with nslookup, the first IP on VPS1 109.223.120.167 hosting the primary DNS

Code:

Server: localhost
Address::: 1 # 53

verdeoro.it
        origin = dns2.esempio.net
        mail addr = admin.esempio4.net
        serial = 2012012501
        refresh = 3600
        retry = 3600
        expire = 604800
        minimum = 86400

Just cash from VPS2 IP 109.xxx.120.176 with a request to the IP VPS1 109.xxx.120.167

Code:

servers 109.xxx.120.167
Default server: 109.xxx.120.167
Address:  109.xxx.120.167# 53
> Set q = SOA
> esempio2.it
;; Connection timed out; no servers Could Be Reached

Test the IP VPS2 109.xxx.120.176

Code:

Default Server: localhost
Address: 127.0.0.1 # 53
> Set q = SOA

> esempio4.net
Server: localhost
Address::: 1 # 53

esempio4.net
        origin = ns1.esempio4.net
        mail addr = isp.esempio4.net
        serial = 2012012301
        refresh = 28800
        retry = 7200
        expire = 604800
        minimum = 86400

Test with a request from VPS1 IP 109.223.120.167 to VPS2 IP 109.223.120.176

Code:

servers 109.xxx.120.176
Default server: 109.xxx.120.176
Address:  109.xxx.120.176# 53
> Set q = SOA
> esempio4.net
;; Connection timed out; no servers Could Be Reached

and as if the external demands are not heard!

both are accessible via putty and HTTPS

and as if I had the balls in the microwave! argruu :(
Thanks for any help;)

BrainyForge 25th January 2012 16:39

doing debugging ispconfig as indicated in the FAQ,
I found this statement, do you mean by remove locks?
excuse the banality but it is the first time that I have this message.
It refers to the file permissions?
As you can see I have all the DNS right and between the various tests that I am carrying out for 24 hours beginning to have a mess!

Code:

root@dns2:/tmp# /usr/local/ispconfig/server/server.sh
25.01.2012-15:13 - DEBUG - Set Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
25.01.2012-15:13 - DEBUG - No Updated records found, starting only the core.
25.01.2012-15:13 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock


BrainyForge 26th January 2012 00:08

The server was not stable, the same tests nslookup give different results, I noticed that by making changes in the records of the areas, are not reflected in the query response in spite of the areas that the file is changed.

Asked localhost responded: server can not find esempio.net: SERVFAIL Address: 127.0.0.1 # 53
repeated the test but has successfully responded address Address::: 1 # 53
As you can evaluate below:


Code:

Server:        localhost
Address:        127.0.0.1#53
> set q=SOA
> esempio.net
;; Got SERVFAIL reply from ::1, trying next server
;; Got SERVFAIL reply from ::1, trying next server
Server:        localhost
Address:        127.0.0.1#53

Code:

> esempio.net
Server:        localhost
Address:        ::1#53

quikon.net
        origin = dns2.esempio.net
        mail addr = admin.esempio.net
        serial = 2012012502
        refresh = 7200
        retry = 540
        expire = 604800
        minimum = 86400

I just asked myself these questions?

Tomorrow another reinstall DNS, and I'll know, Suggested you on, what to install?

Thanks for your attention

BrainyForge 26th January 2012 14:28

Today oddly enough the DNS server that I reinstalled from scratch to work again, except for some areas, I had to re-enter all areas, because if I use the Backup of the database does not work anymore, even if the gate areas and recreate, to I have to rip it to work the process from scratch and then enter the zones.

I can say with some logic that has generated the problem with the update, because I do not know which areas also written correctly on the files of BIND, stop responding, while the second DNS server that I have not reinstalled, still does not work, I noticed that has not completed all the updates, if I repeat the update procedure, the problem arises very own BIND indicating that the reconfiguration has completed.

For those not up to date, I would recommend not to upgrade anything, until this matter is not resolved.

If you can serve the area that I can not run contrary to other abg.yu.it this syntax (example)

I do not know what to do further investigation, if anyone wants to give me directions are very willing to perform the further investigations.

For now move to a different DNS domains.

I thank my readers, though I would have liked to have a confrontation with someone, maybe because of my bad English googloliano or because they are still considered a incopetente, was a solitary walk, I hope to be liked by someone and that I can Help the Holy Spirit.:o


Greetings

falko 26th January 2012 15:26

Quote:

Originally Posted by BrainyForge (Post 272238)
Jan 25 12:50:47 dns2 named[4999]: managed-keys-zone ./IN: loading from master file managed-keys.bind failed: file not found

Try this: http://www.linuxquestions.org/questi...-found-876137/

BrainyForge 26th January 2012 20:51

Falko that the network bless you! :D:)

For the enlightened my mind, here in Italy I would say fuck! fuck!:p
you had before my eyes! have a very own *******!
sorry! hihh:o

Well I read the post .. but I have doubts about coming to tell BIND
carried out the command:
Code:

root@dns2:~# ps -ef | grep named
I got:
Code:

bind    32591    1  0 18:47 ?        00:00:02 /usr/sbin/named -u bind
But where should I put the file?!
in doubt, I tried to do this:
Code:

touch /var/cache/bind/managed-keys.bind
chown root:bind /var/cache/bind/managed-keys.bind

and the error did not occur, but I think the search path where that file is wrong, what do you think?

Meanwhile, the DNS server with the new installation does not indicate the most error, and resolves all areas, at last!

I do not understand why the second server does not want to work at localhost resolves the area, but no answer from outside, the zone transfer does not work, any ideas on how to continue to check?

I attach the log to restart BIND that reports errors for IPV6.
Code:

Jan 26 19:41:58 ns1 named[1072]: received control channel command 'stop -p'
Jan 26 19:41:58 ns1 named[1072]: shutting down: flushing changes
Jan 26 19:41:58 ns1 named[1072]: stopping command channel on 127.0.0.1#953
Jan 26 19:41:58 ns1 named[1072]: stopping command channel on ::1#953
Jan 26 19:41:58 ns1 named[1072]: no longer listening on ::#53
Jan 26 19:41:58 ns1 named[1072]: no longer listening on 127.0.0.1#53
Jan 26 19:41:58 ns1 named[1072]: no longer listening on 109.233.120.176#53
Jan 26 19:41:58 ns1 named[1072]: exiting
Jan 26 19:41:59 ns1 named[15933]: starting BIND 9.7.3 -u bind
Jan 26 19:41:59 ns1 named[15933]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=' 'CPPFLAGS='
Jan 26 19:41:59 ns1 named[15933]: adjusted limit on open files from 1024 to 1048576
Jan 26 19:41:59 ns1 named[15933]: found 1 CPU, using 1 worker thread
Jan 26 19:41:59 ns1 named[15933]: using up to 4096 sockets
Jan 26 19:41:59 ns1 named[15933]: loading configuration from '/etc/bind/named.conf'
Jan 26 19:41:59 ns1 named[15933]: reading built-in trusted keys from file '/etc/bind/bind.keys'
Jan 26 19:41:59 ns1 named[15933]: using default UDP/IPv4 port range: [1024, 65535]
Jan 26 19:41:59 ns1 named[15933]: using default UDP/IPv6 port range: [1024, 65535]
Jan 26 19:41:59 ns1 named[15933]: listening on IPv6 interfaces, port 53
Jan 26 19:41:59 ns1 named[15933]: listening on IPv4 interface lo, 127.0.0.1#53
Jan 26 19:41:59 ns1 named[15933]: listening on IPv4 interface eth0, 109.233.120.176#53
Jan 26 19:41:59 ns1 named[15933]: generating session key for dynamic DNS
Jan 26 19:41:59 ns1 named[15933]: set up managed keys zone for view _default, file 'managed-keys.bind'
Jan 26 19:41:59 ns1 named[15933]: automatic empty zone: 254.169.IN-ADDR.ARPA
Jan 26 19:41:59 ns1 named[15933]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Jan 26 19:41:59 ns1 named[15933]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
Jan 26 19:41:59 ns1 named[15933]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
Jan 26 19:41:59 ns1 named[15933]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Jan 26 19:41:59 ns1 named[15933]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Jan 26 19:41:59 ns1 named[15933]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Jan 26 19:41:59 ns1 named[15933]: automatic empty zone: D.F.IP6.ARPA
Jan 26 19:41:59 ns1 named[15933]: automatic empty zone: 8.E.F.IP6.ARPA
Jan 26 19:41:59 ns1 named[15933]: automatic empty zone: 9.E.F.IP6.ARPA
Jan 26 19:41:59 ns1 named[15933]: automatic empty zone: A.E.F.IP6.ARPA
Jan 26 19:41:59 ns1 named[15933]: automatic empty zone: B.E.F.IP6.ARPA
Jan 26 19:41:59 ns1 named[15933]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Jan 26 19:41:59 ns1 named[15933]: command channel listening on 127.0.0.1#953
Jan 26 19:41:59 ns1 named[15933]: command channel listening on ::1#953
Jan 26 19:41:59 ns1 named[15933]: zone 0.in-addr.arpa/IN: loaded serial 1
Jan 26 19:41:59 ns1 named[15933]: zone 127.in-addr.arpa/IN: loaded serial 1
Jan 26 19:41:59 ns1 named[15933]: zone 255.in-addr.arpa/IN: loaded serial 1
Jan 26 19:41:59 ns1 named[15933]: zone xxxylab.it/IN: loaded serial 2012012601
Jan 26 19:41:59 ns1 named[15933]: zone localhost/IN: loaded serial 2
Jan 26 19:41:59 ns1 named[15933]: zone xxxyforge.net/IN: loaded serial 2012012603
Jan 26 19:41:59 ns1 named[15933]: managed-keys-zone ./IN: loaded serial 0
Jan 26 19:41:59 ns1 named[15933]: running
Jan 26 19:41:59 ns1 named[15933]: zone xxxxorge.net/IN: sending notifies (serial 2012012603)
Jan 26 19:41:59 ns1 named[15933]: zone xxxylab.it/IN: sending notifies (serial 2012012601)
Jan 26 19:41:59 ns1 named[15933]: zone dns2.xxxxx.net/IN: refresh: NODATA response from master 109.233.120.167#53 (source 0.0.0.0#0)

thanks

falko 27th January 2012 12:56

Quote:

Originally Posted by BrainyForge (Post 272438)
I do not understand why the second server does not want to work at localhost resolves the area, but no answer from outside, the zone transfer does not work, any ideas on how to continue to check?

When you created the zone in ISPConfig, did you specify the IP address of the slave in the "Allow zone transfers to these IPs (comma separated list)" field?

BrainyForge 27th January 2012 13:33

He entered the IP address of the secondary server,
I inform you that the same problem is repeated on new installations.


greetings


All times are GMT +2. The time now is 08:04.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.