Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 18th January 2012, 13:48
iszabi iszabi is offline
Junior Member
 
Join Date: Jan 2012
Posts: 6
Thanks: 2
Thanked 0 Times in 0 Posts
Default DNS checking error - NS not authoritative

Hi,

I'm using ispConfig 3.0.4.2 on a VPS server and I created a DNS in IspConfig's admin after I've checked with dig, there is no error:

------------
# dig @1.2.3.4.5 something.org

; <<>> DiG 9.7.0-P1 <<>> @1.2.3.4.5 something.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48627
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;something.org. IN A

;; ANSWER SECTION:
something.org. 86400 IN A 1.2.3.4.5

;; AUTHORITY SECTION:
something.org. 3600 IN NS ns2.something.org.
something.org. 3600 IN NS ns.something.org.

;; ADDITIONAL SECTION:
ns.something.org. 3600 IN A 1.2.3.4.5
ns2.something.org. 40211 IN A 100.200.300.400

;; Query time: 0 msec
;; SERVER: 1.2.3.4.5 #53(1.2.3.4.5 )
;; WHEN: Wed Jan 18 12:59:23 2012
;; MSG SIZE rcvd: 118

-------------

I created slave record, too in other DNS server:

------------
zone "something.org" {
type slave;
masters {1.2.3.4.5 ;};
allow-transfer {none;};
file "/etc/bind/slave/sec.something.org";
};

--------------

but DNS checking is write out an error:

--------
M-PNAU -E- [something.org] NS not authoritative: ns2.something.org
--------------

How can I resolve this problem?

Thank you in advance

iszabi

Last edited by iszabi; 18th January 2012 at 14:48.
Reply With Quote
Sponsored Links
  #2  
Old 18th January 2012, 15:47
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,461
Thanks: 813
Thanked 5,240 Times in 4,108 Posts
Default

ensure that the directory /etc/bind/slave is writable for the users that runs bind (named) and then update the dns record on the master by e.g. changing the ttl.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 18th January 2012, 15:57
iszabi iszabi is offline
Junior Member
 
Join Date: Jan 2012
Posts: 6
Thanks: 2
Thanked 0 Times in 0 Posts
Default /etc/bind/slave chown is

/etc/bind/slave

chown:
----------
user: root
group: bind

chmod: 750
Reply With Quote
  #4  
Old 18th January 2012, 16:44
iszabi iszabi is offline
Junior Member
 
Join Date: Jan 2012
Posts: 6
Thanks: 2
Thanked 0 Times in 0 Posts
Default bind is going well...

# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost.localdo:10024 *:* LISTEN 1009/amavisd (maste
tcp 0 0 localhost.localdo:10025 *:* LISTEN 1650/master
tcp 0 0 *:mysql *:* LISTEN 908/mysqld
tcp 0 0 localhost.localdo:spamd *:* LISTEN 1056/spamd.pid
tcp 0 0 *:43027 *:* LISTEN 828/sshd
tcp 0 0 jotudni.hu:domain *:* LISTEN 2358/named
tcp 0 0 localhost.locald:domain *:* LISTEN 2358/named
tcp 0 0 *:ftp *:* LISTEN 1663/pure-ftpd (SER
tcp 0 0 localhost.localdoma:953 *:* LISTEN 2358/named
tcp 0 0 *:smtp *:* LISTEN 1650/master
tcp 0 0 localhost.localdo:mysql localhost.localdo:57304 ESTABLISHED 908/mysqld
tcp 0 0 localhost.localdo:57289 localhost.localdo:mysql ESTABLISHED 1099/amavisd (ch7-a
tcp 0 0 jotudni.hu:43027 catv-80-98-212-78:20927 ESTABLISHED 1354/sshd: iszabi [
tcp 0 0 localhost.localdo:mysql localhost.localdo:57289 ESTABLISHED 908/mysqld
tcp 0 0 localhost.localdo:57304 localhost.localdo:mysql ESTABLISHED 1100/amavisd (ch7-a
tcp6 0 0 [::]:imaps [::]:* LISTEN 1516/couriertcpd
tcp6 0 0 [::]op3s [::]:* LISTEN 1550/couriertcpd
tcp6 0 0 [::]op3 [::]:* LISTEN 1530/couriertcpd
tcp6 0 0 [::]:imap2 [::]:* LISTEN 1496/couriertcpd
tcp6 0 0 [::]:http-alt [::]:* LISTEN 1756/apache2
tcp6 0 0 [::]:www [::]:* LISTEN 1756/apache2
tcp6 0 0 [::]:tproxy [::]:* LISTEN 1756/apache2
tcp6 0 0 [::]:43027 [::]:* LISTEN 828/sshd
tcp6 0 0 [::]:domain [::]:* LISTEN 2358/named
tcp6 0 0 [::]:ftp [::]:* LISTEN 1663/pure-ftpd (SER
tcp6 0 0 localhost:953 [::]:* LISTEN 2358/named
tcp6 0 0 [::]:smtp [::]:* LISTEN 1650/master
tcp6 0 0 [::]:https [::]:* LISTEN 1756/apache2
tcp6 0 0 localhost:47272 localhost:http-alt TIME_WAIT -
tcp6 0 0 jotudni.hu:www 79-116-67-103.rdsn:4824 TIME_WAIT -
tcp6 0 0 localhost:47270 localhost:http-alt TIME_WAIT -
tcp6 0 0 jotudni.hu:www 79-116-67-103.rdsn:4820 TIME_WAIT -
tcp6 0 0 localhost:47269 localhost:http-alt TIME_WAIT -
tcp6 0 0 localhost:47274 localhost:http-alt TIME_WAIT -
tcp6 0 0 jotudni.hu:www dsl51B64307.:codasrv-se TIME_WAIT -
tcp6 0 0 jotudni.hu:www c-vl2001.osr0-ceg:55685 TIME_WAIT -
tcp6 0 0 jotudni.hu:www dsl51B64307.pool.t:2437 TIME_WAIT -
tcp6 0 0 jotudni.hu:www dsl51B64307.poo:codasrv TIME_WAIT -
tcp6 0 0 jotudni.hu:www dsl51B64307.poo:codasrv TIME_WAIT -
tcp6 0 0 localhost:47271 localhost:http-alt TIME_WAIT -
tcp6 0 0 jotudni.hu:www dsl51B64307.pool.t:2435 TIME_WAIT -
tcp6 0 0 localhost:47273 localhost:http-alt TIME_WAIT -
tcp6 0 0 jotudni.hu:www dsl51B64307.pool.t:2438 TIME_WAIT -
tcp6 0 0 localhost:47268 localhost:http-alt TIME_WAIT -





# iptables -L

Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp dpt:www STRING match "GET /w00tw00t.at.ISC.SANS." ALGO name bm TO 70
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain fail2ban-ssh (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Reply With Quote
  #5  
Old 18th January 2012, 18:31
iszabi iszabi is offline
Junior Member
 
Join Date: Jan 2012
Posts: 6
Thanks: 2
Thanked 0 Times in 0 Posts
Default

# dig @ns2.somebody.org

; <<>> DiG 9.7.0-P1 <<>> @ns2.somebody.org somebody.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 46181
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;somebody.org. IN A

;; Query time: 0 msec
;; SERVER: 79.172.211.98#53(79.172.211.98)
;; WHEN: Wed Jan 18 18:20:46 2012
;; MSG SIZE rcvd: 28


-----------------

on primary dns server /etc/bind/named.conf.local


zone "somebody.org" {
type slave;
masters {1.2.3.4.5;};
allow-transfer {none;};
file "/etc/bind/slave/sec.somebody.hu";
};

BUT /etc/bind/slave/sec.somebody.hu is missing!
__________________
_________
iszabi
Reply With Quote
  #6  
Old 19th January 2012, 15:33
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,727 Times in 2,565 Posts
Default

Do you run master and slave on the same server?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 3rd February 2012, 11:02
iszabi iszabi is offline
Junior Member
 
Join Date: Jan 2012
Posts: 6
Thanks: 2
Thanked 0 Times in 0 Posts
Default NS not authoritative problem's continuation

Quote:
Originally Posted by falko View Post
Do you run master and slave on the same server?
Hi, till and falko!

I have two servers with two master configured ispconfig, beceuse there are
independent hosting platform.

Each one has the zone master files, and the other server has the slave zone file.


Primary zone file:
--------------
$TTL 3600
@ IN SOA ns.domain.tld. webmaster.domain.tld. (
2012011813 ; serial, todays date + todays serial #
7200 ; refresh, seconds
540 ; retry, seconds
604800 ; expire, seconds
86400 ) ; minimum, seconds
;

domain.tld. 3600 A 1.2.3.4.5
domain.tld. 3600 MX 10 mail.domain.tld.
domain.tld. 3600 NS ns.domain.tld.
domain.tld. 3600 NS ns2.domain.tld.
mail 3600 A 1.2.3.4.5
ns 86400 A 1.2.3.4.5
www 3600 A 1.2.3.4.5
----------------

Secondary zone file: /in named.conf.local file/
-----------------

zone "domain.tld" {
type slave;
masters {1.2.3.4.5;};
allow-transfer {none;};
file "/etc/bind/slave/sec.domain.tld";
};

-----------

Technical checking results:
-------------
M-GREET -I- [domain.tld] Domi version 20120103
M-STA -I- [domain.tld] Starting from: 1.2.3.4.5
M-PNAM -I- [domain.tld] NS name: ns.domain.tld
M-PADD -I- [domain.tld] NS addr: 1.2.3.4.5
M-PGET -I- [domain.tld] getting domain from NS 1.2.3.4.5 ...
M-PRZO -I- [domain.tld] cannot download domain from 1.2.3.4.5
M-PARI -W- [domain.tld] NS records inconsistent with parent !!!
M-RERR -W- [domain.tld] SOA parameters don't comply with RIPE
M-NS -I- [domain.tld] A records for DNS servers:
addr of NS ns.domain.tld.: 1.2.3.4.5
addr of NS ns2.domain.tld.: 2.3.4.5.6
M-PNAU -E- [domain.tld] NS not authoritative: ns2.domain.tld
-------------

Primary zone file testing runned well on localhost:
-----------
# dig localhost domain.tld

; <<>> DiG 9.7.0-P1 <<>> localhost domain.tld
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 706
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;localhost. IN A

;; ANSWER SECTION:
localhost. 604800 IN A 127.0.0.1

;; AUTHORITY SECTION:
localhost. 604800 IN NS localhost.

;; ADDITIONAL SECTION:
localhost. 604800 IN AAAA ::1

;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Feb 3 10:49:04 2012
;; MSG SIZE rcvd: 85

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1245
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;domain.tld. IN A

;; ANSWER SECTION:
domain.tld. 3600 IN A 1.2.3.4.5

;; AUTHORITY SECTION:
domain.tld. 3600 IN NS ns.domain.tld.
domain.tld. 3600 IN NS ns2.domain.tld.

;; ADDITIONAL SECTION:
ns.domain.tld. 86400 IN A 1.2.3.4.5
ns3.netkey.hu. 42512 IN A 2.3.4.5.6

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Feb 3 10:49:04 2012
;; MSG SIZE rcvd: 118
------------

Becuse of it is not wotking properly I configured my domains to other DNS server and redirected the A records to ispconfig master servers when I running web servers and mail server.

I do know why do not working the DNS server.

(ISPconfig version is: 3.0.4.2)

Comment: When I added the slave DNS record to other secondary DNS server, it did not work, there was error message same: NS not authoritative...


Thank in advance.
__________________
_________
iszabi
Reply With Quote
  #8  
Old 4th February 2012, 11:11
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,727 Times in 2,565 Posts
Default

You must tell your registrar that your own nameservers are authoritative for the domain.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #9  
Old 26th February 2012, 13:11
pinhais pinhais is offline
Junior Member
 
Join Date: Feb 2012
Location: Pinhais
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to pinhais Send a message via Skype™ to pinhais
 
Default

Quote:
Originally Posted by falko View Post
You must tell your registrar that your own nameservers are authoritative for the domain.

Sorry to be reopening the forum here but: I believe I have something wrong with the dns settings making the interface ispconfig3

I did the same procedures using only the command and Pront was just right.

Now ispconfigs by the dns pointed to the virtual host dminios are not recognized or pleo registro.com registro.br. If you put the ips in the registro.br they are recognized
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
MyDNS Install Problems - rezilient Installation/Configuration 4 18th April 2013 21:48
rkhunter warnings esezako General 7 27th September 2011 07:28
Installation -- pcre_exec.c:403: internal compiler error: Segmentation fault zerman Installation/Configuration 2 23rd September 2008 23:58
Update php shajazzi Server Operation 6 6th April 2008 18:20
Google Apps dayjahone General 19 29th March 2008 17:25


All times are GMT +2. The time now is 16:20.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.