HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   DNS Issues ISPConfig3 (http://www.howtoforge.com/forums/showthread.php?t=59432)

sharkey 6th November 2012 04:40

DNS Issues ISPConfig3
 
Hi.

It's been more than 72 hours since I set up DNS.
I called my registrar today and they confirmed I have everything set up correctly on their end as far as a glued domain.

Do these settings look right? What other steps can I take?

This is on an unmanaged VPS.

root@XXXX:~# lsb_release -a
Code:

No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 9.10
Release:        9.10
Codename:      karmic

root@XXXX:~# dig allcallz.com

Code:

; <<>> DiG 9.6.1-P2 <<>> allcallz.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29127
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;allcallz.com.                  IN      A

;; ANSWER SECTION:
allcallz.com.          3600    IN      A      65.98.87.214

;; AUTHORITY SECTION:
allcallz.com.          3600    IN      NS      ns2.allcallz.com.
allcallz.com.          3600    IN      NS      ns1.allcallz.com.

;; ADDITIONAL SECTION:
ns1.allcallz.com.      86400  IN      A      65.98.87.214
ns2.allcallz.com.      86400  IN      A      65.98.87.215

;; Query time: 2 msec
;; SERVER: 65.98.87.215#53(65.98.87.215)
;; WHEN: Mon Nov  5 20:18:41 2012
;; MSG SIZE  rcvd: 114

ETA

root@XXXX:~# netstat -tap | grep 'named'
Code:

tcp        0      0 65.98.87.215:domain    *:*                    LISTEN      32606/named
tcp        0      0 XXXX.allcallz.c:domain *:*                    LISTEN      32606/named
tcp        0      0 localhost.locald:domain *:*                    LISTEN      32606/named
tcp        0      0 localhost.localdoma:953 *:*                    LISTEN      32606/named
tcp6      0      0 [::]:domain            [::]:*                  LISTEN      32606/named
tcp6      0      0 localhost:953          [::]:*                  LISTEN      32606/named

root@XXXX:~# netstat -udp
Code:

Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address          Foreign Address        State      PID/Program name

ETA LOG

I cleared the log and rebooted. I wanted to filter out everything that happened while I testing.

root@XXXX:/var/log# grep named /var/log/syslog

Code:

Nov  5 21:57:10 XXXX named[32606]: received control channel command 'stop -p'
Nov  5 21:57:10 XXXX named[32606]: shutting down: flushing changes
Nov  5 21:57:10 XXXX named[32606]: stopping command channel on 127.0.0.1#953
Nov  5 21:57:10 XXXX named[32606]: stopping command channel on ::1#953
Nov  5 21:57:10 XXXX named[32606]: no longer listening on ::#53
Nov  5 21:57:10 XXXX named[32606]: no longer listening on 127.0.0.1#53
Nov  5 21:57:10 XXXX named[32606]: no longer listening on 65.98.87.214#53
Nov  5 21:57:10 XXXX named[32606]: no longer listening on 65.98.87.215#53
Nov  5 21:57:10 XXXX named[32606]: exiting
Nov  5 21:57:45 XXXX named[6142]: starting BIND 9.6.1-P2 -u bind
Nov  5 21:57:45 XXXX named[6142]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2'
Nov  5 21:57:45 XXXX named[6142]: adjusted limit on open files from 1024 to 1048576
Nov  5 21:57:45 XXXX named[6142]: found 8 CPUs, using 8 worker threads
Nov  5 21:57:45 XXXX named[6142]: using up to 4096 sockets
Nov  5 21:57:45 XXXX named[6142]: loading configuration from '/etc/bind/named.conf'
Nov  5 21:57:45 XXXX named[6142]: using default UDP/IPv4 port range: [1024, 65535]
Nov  5 21:57:45 XXXX named[6142]: using default UDP/IPv6 port range: [1024, 65535]
Nov  5 21:57:45 XXXX named[6142]: listening on IPv6 interfaces, port 53
Nov  5 21:57:45 XXXX named[6142]: listening on IPv4 interface lo, 127.0.0.1#53
Nov  5 21:57:45 XXXX named[6142]: listening on IPv4 interface venet0:0, 65.98.87.214#53
Nov  5 21:57:45 XXXX named[6142]: listening on IPv4 interface venet0:1, 65.98.87.215#53
Nov  5 21:57:45 XXXX named[6142]: automatic empty zone: 254.169.IN-ADDR.ARPA
Nov  5 21:57:45 XXXX named[6142]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Nov  5 21:57:45 XXXX named[6142]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Nov  5 21:57:45 XXXX named[6142]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Nov  5 21:57:45 XXXX named[6142]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Nov  5 21:57:45 XXXX named[6142]: automatic empty zone: D.F.IP6.ARPA
Nov  5 21:57:45 XXXX named[6142]: automatic empty zone: 8.E.F.IP6.ARPA
Nov  5 21:57:45 XXXX named[6142]: automatic empty zone: 9.E.F.IP6.ARPA
Nov  5 21:57:45 XXXX named[6142]: automatic empty zone: A.E.F.IP6.ARPA
Nov  5 21:57:45 XXXX named[6142]: automatic empty zone: B.E.F.IP6.ARPA
Nov  5 21:57:45 XXXX named[6142]: command channel listening on 127.0.0.1#953
Nov  5 21:57:45 XXXX named[6142]: command channel listening on ::1#953
Nov  5 21:57:45 XXXX named[6142]: zone 0.in-addr.arpa/IN: loaded serial 1
Nov  5 21:57:45 XXXX named[6142]: zone 127.in-addr.arpa/IN: loaded serial 1
Nov  5 21:57:45 XXXX named[6142]: zone 255.in-addr.arpa/IN: loaded serial 1
Nov  5 21:57:45 XXXX named[6142]: zone allcallz.com/IN: allcallz.com.allcallz.com/MX 'allcallz.com.allcallz.com' has no address records (A or AAAA)
Nov  5 21:57:45 XXXX named[6142]: zone allcallz.com/IN: loaded serial 2012110407
Nov  5 21:57:45 XXXX named[6142]: zone localhost/IN: loaded serial 2
Nov  5 21:57:45 XXXX named[6142]: running
Nov  5 21:57:45 XXXX named[6142]: zone allcallz.com/IN: sending notifies (serial 2012110407)
Nov  5 21:57:47 XXXX named[6142]: network unreachable resolving 'ntp.ubuntu.com/A/IN': 2001:503:231d::2:30#53
Nov  5 21:57:53 XXXX named[6142]: network unreachable resolving 'eur1.akam.net/AAAA/IN': 2001:7fd::1#53
Nov  5 21:57:53 XXXX named[6142]: network unreachable resolving 'usc3.akam.net/A/IN': 2001:500:2f::f#53
Nov  5 21:57:53 XXXX named[6142]: network unreachable resolving 'ns4-64.akam.net/A/IN': 2001:dc3::35#53
Nov  5 21:57:53 XXXX named[6142]: network unreachable resolving 'ns7-67.akam.net/A/IN': 2001:500:3::42#53
Nov  5 21:57:53 XXXX named[6142]: network unreachable resolving 'ns7-67.akam.net/AAAA/IN': 2001:503:c27::2:30#53
Nov  5 21:57:53 XXXX named[6142]: network unreachable resolving 'ns7-66.akam.net/A/IN': 2001:503:ba3e::2:30#53
Nov  5 21:57:53 XXXX named[6142]: network unreachable resolving 'ns4-64.akam.net/AAAA/IN': 2001:503:ba3e::2:30#53
Nov  5 21:57:53 XXXX named[6142]: network unreachable resolving 'ns7-66.akam.net/A/IN': 2001:500:1::803f:235#53
Nov  5 21:57:53 XXXX named[6142]: network unreachable resolving 'usc3.akam.net/A/IN': 2600:1406:1b::64#53
Nov  5 21:58:04 XXXX named[6142]: network unreachable resolving 'current.cvd.clamav.net/TXT/IN': 2001:503:a83e::2:30#53
Nov  5 21:58:05 XXXX named[6142]: network unreachable resolving '49.41.35.71.in-addr.arpa/PTR/IN': 2001:500:87::87#53
Nov  5 21:58:05 XXXX named[6142]: network unreachable resolving 'u.arin.net/A/IN': 2001:500:14:6050:ad::1#53
Nov  5 21:58:05 XXXX named[6142]: network unreachable resolving 'y.arin.net/AAAA/IN': 2001:5a0:10::2#53
Nov  5 21:58:05 XXXX named[6142]: network unreachable resolving 'x.arin.net/AAAA/IN': 2001:500:13::108#53
Nov  5 21:58:05 XXXX named[6142]: network unreachable resolving 't.arin.net/AAAA/IN': 2001:500:31::108#53
Nov  5 21:58:05 XXXX named[6142]: network unreachable resolving 'y.arin.net/A/IN': 2001:500:31::108#53
Nov  5 22:00:06 XXXX named[6142]: network unreachable resolving 'allcallz.com.fulldom.rfc-ignorant.org/A/IN': 2001:500:e::1#53
Nov  5 22:00:06 XXXX named[6142]: network unreachable resolving 'allcallz.com.fulldom.rfc-ignorant.org/A/IN': 2001:500:c::1#53
Nov  5 22:00:06 XXXX named[6142]: network unreachable resolving 'allcallz.com.rhsbl.ahbl.org/A/IN': 2a00:f10:111::1337:1001#53
Nov  5 22:00:06 XXXX named[6142]: network unreachable resolving 'allcallz.com.rhsbl.ahbl.org/A/IN': 2620:64:0:1::6#53
Nov  5 22:00:06 XXXX named[6142]: network unreachable resolving 'allcallz.com.bl.open-whois.org/A/IN': 2607:f208:206::1d#53
Nov  5 22:00:06 XXXX named[6142]: network unreachable resolving 'b.rbl-auth.sr.sonic.net/AAAA/IN': 2607:f0d0:1102:f::2#53
Nov  5 22:00:06 XXXX named[6142]: network unreachable resolving 'b.rbl-auth.sr.sonic.net/AAAA/IN': 2001:48c8:1:1::2#53
Nov  5 22:00:06 XXXX named[6142]: network unreachable resolving 'b.rbl-auth.sr.sonic.net/AAAA/IN': 2001:5a8:0:3::1#53
Nov  5 22:00:06 XXXX named[6142]: lame server resolving 'allcallz.com.fulldom.rfc-ignorant.org' (in 'fulldom.rfc-ignorant.org'?): 127.0.0.1#53
Nov  5 22:00:06 XXXX named[6142]: network unreachable resolving 'ahbl.bl.xs4all.nl/A/IN': 2a00:d78:0:102:193:176:144:5#53
Nov  5 22:00:06 XXXX named[6142]: network unreachable resolving 'ahbl.bl.xs4all.nl/AAAA/IN': 2001:67c:1010:10::53#53
Nov  5 22:00:07 XXXX named[6142]: network unreachable resolving 'ahbl.bl.xs4all.nl/A/IN': 2001:888:0:7::77#53


till 6th November 2012 09:17

Quote:

root@XXXX:~# dig allcallz.com
The output of the dig command is fine and shows that dns records for the domain exist and get delivered by the dns server of the domain.

So what is your exact problem?

sharkey 6th November 2012 09:44

Server not found

till 6th November 2012 10:06

Please run the following command on your dns server:

dig @localhost allcallz.com

sharkey 6th November 2012 10:08

root@XXXX:~# dig @localhost allcallz.com
Code:

; <<>> DiG 9.6.1-P2 <<>> @localhost allcallz.com
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49453
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;allcallz.com.                  IN      A

;; ANSWER SECTION:
allcallz.com.          3600    IN      A      65.98.87.214

;; AUTHORITY SECTION:
allcallz.com.          3600    IN      NS      ns1.allcallz.com.
allcallz.com.          3600    IN      NS      ns2.allcallz.com.

;; ADDITIONAL SECTION:
ns1.allcallz.com.      86400  IN      A      65.98.87.214
ns2.allcallz.com.      86400  IN      A      65.98.87.215

;; Query time: 43 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Nov  6 01:48:53 2012
;; MSG SIZE  rcvd: 114


till 6th November 2012 10:14

Thats ok, so the issie is not in the dns records on your server. Maybe a firewall blocks the dns querys or your bind server is not listening on the external interface.

Please check your firewall and post the output of:

netstat -tap | grep named

and

iptables -L

sharkey 6th November 2012 10:18

root@XXXX:~# netstat -tap | grep named
Code:

tcp        0      0 65.98.87.215:domain    *:*                    LISTEN      25751/named
tcp        0      0 XXXX.allcallz.c:domain *:*                    LISTEN      25751/named
tcp        0      0 localhost.locald:domain *:*                    LISTEN      25751/named
tcp        0      0 localhost.localdoma:953 *:*                    LISTEN      25751/named
tcp6      0      0 [::]:domain            [::]:*                  LISTEN      25751/named
tcp6      0      0 localhost:953          [::]:*                  LISTEN      25751/named

root@XXXX:~# iptables -L
Code:

Chain INPUT (policy ACCEPT)
target    prot opt source              destination
fail2ban-ssh  tcp  --  anywhere            anywhere            FATAL: Could not load /lib/modules/2.6.18-028stab095.1-ent/modules.dep: No such file or directory
FATAL: Could not load /lib/modules/2.6.18-028stab095.1-ent/modules.dep: No such file or directory
multiport dports ssh

Chain FORWARD (policy ACCEPT)
target    prot opt source              destination

Chain OUTPUT (policy ACCEPT)
target    prot opt source              destination

Chain fail2ban-ssh (1 references)
target    prot opt source              destination
RETURN    all  --  anywhere            anywhere


till 6th November 2012 10:25

Thats ok. Is the server located in a datacenter with direct internet access or do you host it at home / in office behind a router? is there a firewall installed in front of the server were the dns port might be closed?

sharkey 6th November 2012 10:30

This is an unmanaged VPS with HostV.

What's strange or sad is I just set up a test server with Linode and within an hour I could access it with the domain name. (Different domain name and they handle nameservers)

I'm pulling out my hair here trying to figure out what's wrong with the HostV one. I thought everything looks good on the server and 1and1 tells I set it up right on their end. (glued domain)

sharkey 6th November 2012 10:31

And I telnet'd into port 53 on the IP.

Seemed fine there.


All times are GMT +2. The time now is 02:02.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.