Site is down and cant figure out how to get it back up

[falko]

Can you post the domain name and your zone file?

[rrhode]

Quote:

Originally Posted by falko

Can you post the domain name and your zone file?

Well I was trying to not do that because it isn't my site but it has to work so if you can help me that would make my day/week/month =)

The red errors show up right now on intodns: http://www.intodns.com/greenimagesofcanada.com

I won't restart BIND this time just so you can see them.

I am not sure which zone file you would need. I am guessing the one for the domain. I attached it I hope that is ok. This basically will tell you my settings in ISPConfig for the domain I suppose. If you want the other files I can add them as well.

Thank you again for your time and help. I appreciate it a great deal. I hope we can figure it out somehow because I don't understand why its doing this.

On a sitenote I can't get verification from networksolutions that they actually made a Glue record and maybe they won't make one for me but maybe they already did. I don't know because they won't respond to me. But for some reason I don't think that should cause it to do what it is doing but then again I really don't know.

[falko]

You need A records for ns1 and ns2 in your zone file. Please change that and then try intodns again.

[rrhode]

Thanks. I have tried that before actually but eventually it gave me errors again. I will see what it does this time. I had to restart BIND in order for the errors to go away again. There was no change after just adding the A record for ns2.

[rrhode]

Well the domain doesn't work again. It shows the errors at intodns.com again as well.

http://www.intodns.com/greenimagesofcanada.com

Here is something I found in the messages log which looks like maybe BIND restarting, perhaps it might be useful somehow.

Quote:

Dec 19 14:44:22 cl-t054-343cl named[6400]: shutting down: flushing changes
Dec 19 14:44:22 cl-t054-343cl named[6400]: stopping command channel on 127.0.0.1#953
Dec 19 14:44:22 cl-t054-343cl named[6400]: stopping command channel on ::1#953
Dec 19 14:44:22 cl-t054-343cl named[6400]: no longer listening on 127.0.0.1#53
Dec 19 14:44:22 cl-t054-343cl named[6400]: no longer listening on 72.55.164.45#53
Dec 19 14:44:22 cl-t054-343cl named[6400]: no longer listening on 70.38.4.145#53
Dec 19 14:44:22 cl-t054-343cl named[6400]: no longer listening on 70.38.4.146#53
Dec 19 14:44:22 cl-t054-343cl named[6400]: no longer listening on 70.38.4.147#53
Dec 19 14:44:22 cl-t054-343cl named[6400]: no longer listening on 70.38.4.148#53
Dec 19 14:44:22 cl-t054-343cl named[6400]: no longer listening on 70.38.4.149#53
Dec 19 14:44:22 cl-t054-343cl named[6400]: no longer listening on 70.38.4.150#53
Dec 19 14:44:22 cl-t054-343cl named[6400]: exiting
Dec 19 14:44:24 cl-t054-343cl named[6646]: starting BIND 9.3.4-P1 -u named -t /var/named/chroot
Dec 19 14:44:24 cl-t054-343cl named[6646]: found 2 CPUs, using 2 worker threads
Dec 19 14:44:24 cl-t054-343cl named[6646]: loading configuration from '/etc/named.conf'
Dec 19 14:44:24 cl-t054-343cl named[6646]: listening on IPv4 interface lo, 127.0.0.1#53
Dec 19 14:44:24 cl-t054-343cl named[6646]: listening on IPv4 interface eth0, 72.55.164.45#53
Dec 19 14:44:24 cl-t054-343cl named[6646]: listening on IPv4 interface eth0:1, 70.38.4.145#53
Dec 19 14:44:24 cl-t054-343cl named[6646]: listening on IPv4 interface eth0:2, 70.38.4.146#53
Dec 19 14:44:24 cl-t054-343cl named[6646]: listening on IPv4 interface eth0:3, 70.38.4.147#53
Dec 19 14:44:24 cl-t054-343cl named[6646]: listening on IPv4 interface eth0:4, 70.38.4.148#53
Dec 19 14:44:24 cl-t054-343cl named[6646]: listening on IPv4 interface eth0:5, 70.38.4.149#53
Dec 19 14:44:24 cl-t054-343cl named[6646]: listening on IPv4 interface eth0:6, 70.38.4.150#53
Dec 19 14:44:24 cl-t054-343cl named[6646]: command channel listening on 127.0.0.1#953
Dec 19 14:44:24 cl-t054-343cl named[6646]: command channel listening on ::1#953
Dec 19 14:44:24 cl-t054-343cl named[6646]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Dec 19 14:44:24 cl-t054-343cl named[6646]: zone greenimagesofcanada.com/IN: loaded serial 2008121901
Dec 19 14:44:24 cl-t054-343cl named[6646]: running
Dec 19 14:44:24 cl-t054-343cl named[6646]: zone greenimagesofcanada.com/IN: sending notifies (serial 2008121901)
Dec 19 14:44:24 cl-t054-343cl named[6646]: client 70.38.4.145#55684: received notify for zone 'greenimagesofcanada.com'

When my firewall (APF) restarts it seems to mention my DNS:

Quote:

Dec 20 04:02:29 cl-t054-343cl apf(8947): {glob} resolv dns discovery for 209.172.41.202
Dec 20 04:02:29 cl-t054-343cl apf(8947): {glob} resolv dns discovery for 209.172.41.200
Dec 20 04:02:29 cl-t054-343cl apf(8947): {glob} loading postroute.rules

These are in my resolv.conf

Quote:

search privatedns.com
nameserver 209.172.41.202
nameserver 209.172.41.200

My /etc/named.conf links to /var/named/chroot//etc/named.conf

It contains:

Quote:

options {
allow-recursion {
localhost;
};
pid-file "/var/named/chroot/var/run/named/named.pid";
directory "/var/named/chroot/var/named";
auth-nxdomain no;
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

//
// a caching only nameserver config
//
zone "." {
type hint;
file "named.root";
};

zone "0.0.127.in-addr.arpa" {
type master;
file "named.local";
};


zone "greenimagesofcanada.com" {
type master;
file "pri.greenimagesofcanada.com";
};



//// MAKE MANUAL ENTRIES BELOW THIS LINE! ////

Which is mostly the default of ISPConfig except for the recursion part which used to show an error at intodns until I added that. Is it wrong?

Any other ideas?

Thanks =)

[falko]

Does the zone file look identical on both ns1.greenimagesofcanada.com and ns2.greenimagesofcanada.com?

[rrhode]

Quote:

Originally Posted by falko

Does the zone file look identical on both ns1.greenimagesofcanada.com and ns2.greenimagesofcanada.com?

Well I tried to explain these two IPs are pointing to the same server, although I am not sure if the ns2 is setup properly or if I am even supposed to be using that as my ns2. I only have one server. So I am guessing they are using the same file. Wouldn't ISPConfig set these up when I add them as A records?

[falko]

Code:

mh1:~# dig @ns1.greenimagesofcanada.com greenimagesofcanada.com
mh1:~# dig @ns2.greenimagesofcanada.com greenimagesofcanada.com

; <<>> DiG 9.3.4 <<>> @ns2.greenimagesofcanada.com greenimagesofcanada.com
; (1 server found)
;; global options:  printcmd
;; connection timed out; no servers could be reached
mh1:~# telnet ns1.greenimagesofcanada.com 53

mh1:~#

I can't connect to your nameserver. Make sure port 53 is not blocked by a firewall, and that named is running.

[rrhode]

It seems like port 53 is open and named is running. I have just restarted the DNS server in ISPconfig and now things appear to work again. When I restart the DNS server in ISPConfig everything is now running with no errors.

I am using APF firewall. Maybe there is something in there causing the problem but I am not really sure. I have now added port 53 to a couple of areas and when I do nmap -sS -O 72.55.164.45 it shows it as open.

[falko]

Still not working for me. I'd switch off the firewall to see if it's the reason.