HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   ISPConfig 3 and secondary dns problems (http://www.howtoforge.com/forums/showthread.php?t=56636)

xzibiz 21st March 2012 20:17

ISPConfig 3 and secondary dns problems
 
Hi

I have an ISPconfig3 server running web, ftp, db, email and dns.
I've tried to follow guides on howto set up an secondary dns, ns2.
I think I've done it correct.

Code:

dig @ns1.domain.net any domain.com

; <<>> DiG 9.7.3 <<>> @ns1.domain.net any domain.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47636
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION:
;domain.com.                    IN      ANY

;; ANSWER SECTION:
domain.com.            3600    IN      A      91.189.XXX.XX
domain.com.            3600    IN      MX      10 mail.domain.com.
domain.com.            3600    IN      NS      ns2.domain.net.
domain.com.            3600    IN      NS      ns1.domain.net.
domain.com.            3600    IN      SOA    ns1.domain.net me.domain.net. 2012032002 7200 540 604800 86400

;; ADDITIONAL SECTION:
mail.domain.com.        3600    IN      A      91.189.XXX.XX

;; Query time: 12 msec
;; SERVER: 81.167.96.220#53(81.167.96.220)
;; WHEN: Wed Mar 21 20:01:24 2012
;; MSG SIZE  rcvd: 176

Code:

dig @ns2.domain.net any domain.com

; <<>> DiG 9.7.3 <<>> @ns2.domain.net any domain.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47636
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION:
;domain.com.                    IN      ANY

;; ANSWER SECTION:
domain.com.            3600    IN      A      91.189.XXX.XX
domain.com.            3600    IN      MX      10 mail.domain.com.
domain.com.            3600    IN      NS      ns2.domain.net.
domain.com.            3600    IN      NS      ns1.domain.net.
domain.com.            3600    IN      SOA    ns1.domain.net me.domain.net. 2012032002 7200 540 604800 86400

;; ADDITIONAL SECTION:
mail.domain.com.        3600    IN      A      91.189.XXX.XX

;; Query time: 12 msec
;; SERVER: 81.167.96.220#53(81.167.96.220)
;; WHEN: Wed Mar 21 20:01:24 2012
;; MSG SIZE  rcvd: 176

So if I'm correct. It should work. Where I bought my domain.com, I've set ns1.domain.net and ns2.domain.net as nameservers.

But if I try to make a new sub-domain with ISPconfig, it goes into the database on both servers. But nothing shows if I run:
Code:

dig @ns1.domain.net any sub.domain.com
; <<>> DiG 9.7.3 <<>> @ns1.domain any sub.domain.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20882
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;sub.domain.com.                IN      ANY

;; AUTHORITY SECTION:
domain.com.            3600    IN      SOA    ns1.domain.net. me.domain.net. 2012032002 7200 540 604800 86400

;; Query time: 1 msec
;; SERVER: 91.189.123.59#53(91.189.123.59)
;; WHEN: Wed Mar 21 20:08:52 2012
;; MSG SIZE  rcvd: 94


till 22nd March 2012 08:52

There is most likely a configuration issue in the dns record that you created in ispconfig. Please take a look into the syslog file in /var/log/, you should fine some named / bind errors there which explains why bind cant load the file.

xzibiz 22nd March 2012 16:22

Code:

grep -i named syslog
Mar 21 06:37:34 web2 named[807]: client 91.189.120.4#32388: query (cache) 'dynamic.vdc.vn.domain.net/A/IN' denied
Mar 21 09:54:35 web2 named[807]: client 91.189.120.4#45565: query (cache) '245.115.119.217.in-addr.arpa.domain.net/A/IN' denied
Mar 21 10:15:43 web2 named[807]: client 12.150.248.35#55340: query (cache) 'ns2.domain.net/AAAA/IN' denied
Mar 21 10:15:43 web2 named[807]: client 12.150.248.35#58280: query (cache) 'ns1.domain.net/AAAA/IN' denied
Mar 21 13:39:01 web2 named[807]: client 91.189.120.4#6426: query (cache) 'web2.bx-networks.net/MX/IN' denied
Mar 21 15:39:12 web2 named[807]: client 91.189.120.4#47172: query (cache) 'dssb00148.lunarbreeze.com.domain.net/A/IN' denied
Mar 21 16:51:01 web2 named[807]: client 81.167.36.3#6741: query (cache) 'isp.domain.net/A/IN' denied

Starting bind.
Code:

Mar 21 17:15:32 web2 named[18287]: starting BIND 9.7.3 -u bind
Mar 21 17:15:32 web2 named[18287]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=' 'CPPFLAGS='
Mar 21 17:15:32 web2 named[18287]: adjusted limit on open files from 1024 to 1048576
Mar 21 17:15:32 web2 named[18287]: found 1 CPU, using 1 worker thread
Mar 21 17:15:32 web2 named[18287]: using up to 4096 sockets
Mar 21 17:15:32 web2 named[18287]: loading configuration from '/etc/bind/named.conf'
Mar 21 17:15:32 web2 named[18287]: reading built-in trusted keys from file '/etc/bind/bind.keys'
Mar 21 17:15:32 web2 named[18287]: using default UDP/IPv4 port range: [1024, 65535]
Mar 21 17:15:32 web2 named[18287]: using default UDP/IPv6 port range: [1024, 65535]
Mar 21 17:15:32 web2 named[18287]: listening on IPv6 interfaces, port 53
Mar 21 17:15:32 web2 named[18287]: listening on IPv4 interface lo, 127.0.0.1#53
Mar 21 17:15:32 web2 named[18287]: listening on IPv4 interface eth0, 10.0.0.2#53
Mar 21 17:15:32 web2 named[18287]: generating session key for dynamic DNS
Mar 21 17:15:32 web2 named[18287]: set up managed keys zone for view _default, file 'managed-keys.bind'
Mar 21 17:15:32 web2 named[18287]: automatic empty zone: 254.169.IN-ADDR.ARPA
Mar 21 17:15:32 web2 named[18287]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Mar 21 17:15:32 web2 named[18287]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
Mar 21 17:15:32 web2 named[18287]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
Mar 21 17:15:32 web2 named[18287]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Mar 21 17:15:32 web2 named[18287]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Mar 21 17:15:32 web2 named[18287]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Mar 21 17:15:32 web2 named[18287]: automatic empty zone: D.F.IP6.ARPA
Mar 21 17:15:32 web2 named[18287]: automatic empty zone: 8.E.F.IP6.ARPA
Mar 21 17:15:32 web2 named[18287]: automatic empty zone: 9.E.F.IP6.ARPA
Mar 21 17:15:32 web2 named[18287]: automatic empty zone: A.E.F.IP6.ARPA
Mar 21 17:15:32 web2 named[18287]: automatic empty zone: B.E.F.IP6.ARPA
Mar 21 17:15:32 web2 named[18287]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Mar 21 17:15:32 web2 named[18287]: command channel listening on 127.0.0.1#953
Mar 21 17:15:32 web2 named[18287]: command channel listening on ::1#953
Mar 21 17:15:32 web2 named[18287]: zone 0.in-addr.arpa/IN: loaded serial 1
Mar 21 17:15:32 web2 named[18287]: zone 127.in-addr.arpa/IN: loaded serial 1
Mar 21 17:15:32 web2 named[18287]: zone 255.in-addr.arpa/IN: loaded serial 1
Mar 21 17:15:32 web2 named[18287]: zone domain.com/IN: loaded serial 2012032002
Mar 21 17:15:32 web2 named[18287]: zone localhost/IN: loaded serial 2
Mar 21 17:15:32 web2 named[18287]: managed-keys-zone ./IN: loading from master file managed-keys.bind failed: file not found
Mar 21 17:15:32 web2 named[18287]: managed-keys-zone ./IN: loaded serial 0
Mar 21 17:15:32 web2 named[18287]: running
Mar 21 17:15:32 web2 named[18287]: zone domain.com/IN: sending notifies (serial 2012032002)
Mar 21 20:29:01 web2 named[18287]: received control channel command 'reload'
Mar 21 20:29:01 web2 named[18287]: loading configuration from '/etc/bind/named.conf'
Mar 21 20:29:01 web2 named[18287]: /etc/bind/named.conf.local:3: undefined ACL 'ns2.domain.net'
Mar 21 20:29:01 web2 named[18287]: reloading configuration failed: failure

I get many like this., not sure what they mean...
Code:

Mar 22 08:00:04 web2 named[18287]: success resolving 'security.debian.org/A' (in 'security.debian.org'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 22 10:36:52 web2 named[18287]: success resolving 'ns3.nic.fr/AAAA' (in 'nic.fr'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 22 10:36:52 web2 named[18287]: success resolving 'sns-pb.isc.org/AAAA' (in 'isc.org'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 22 10:36:52 web2 named[18287]: success resolving 'sns-pb.isc.org/A' (in 'isc.org'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 22 10:36:53 web2 named[18287]: success resolving 'ns.jsinfo.net/AAAA' (in 'jsinfo.net'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 22 10:36:53 web2 named[18287]: success resolving 'ns4.apnic.net/AAAA' (in 'apnic.net'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 22 16:24:25 web2 named[18287]: success resolving 'r.arin.net/A' (in 'arin.net'?) after reducing the advertised EDNS UDP packet size to 512 octets


spazio 17th September 2012 21:03

I followed up the howto here:
http://www.ispconfig.org/news/tutori...ebian-squeeze/

Everything went ok.
Installation,
I can see the second server in the master ispconfig pannel.

But they don't synchronized. The /etc/bind/slave is empty

When the synchronization is supposed to happend? Is it on a cron job?
How can I force ispconfig to synchronize?

Thanks
S

pititis 17th September 2012 22:16

Hello,

I don't see in your queries any A records for your ns1 and ns2 (ADDITIONAL SECTION).

You need define both A records for your name servers.

Cheers

spazio 18th September 2012 02:36

Thanks pititis but I took an old tread so the beginning is not from me.
Regarding the A record. I do have both A record for ns1 and ns2.

Somebody know how ispconfig communicate between server ns1 and ns2?
What are the ports needed to be open?

S

pititis 18th September 2012 07:57

Ok, thanks.

Ports 53 tcp and udp must be open


All times are GMT +2. The time now is 07:30.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.