DNS not working in ISPconfig3 cluster

[archange]

Hi,

Thank you for having me on the Forums.
I am a Linux beginner, however, I have followed the "HowtoForge" guides with great interest and finally I decided to use ISPconfig3 for my hosting needs.

I installed ISPconfig3 on Centos 5.5 x64 using this guide: http://www.howtoforge.com/perfect-se...ispconfig-3-p3

Additionally, I needed to start running my own DNS and I proceeded adding to ISPconfig3 two more servers, configured as slaves.

I have registered ns1, ns2 and ns3 with my registrar (not GoDaddy though), according to this guide:

http://www.howtoforge.com/ispconfig_dns_godaddy

After they have propagated, I added the DNS zones in the control panel. The next day, when issuing the following command I get:

Code:

# dig @ns1.arenahosting.org any arenahosting.org
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> @ns1.arenahosting.org any arenahosting.org
; (1 server found)
;; global options:  printcmd
;; connection timed out; no servers could be reached

I can see no errors in ISPconfig3 panel, nor at systems' innitialisation.

Can anyone please help me out?

Thank you for your patience, time and understanding.

[damir]

What DNS software are you using and is it running? Do you have firewall, maybe port 53 is closed?

[archange]

Servers are running BIND9, chrooted. Firewall is disabled atm. I just restarted the named service and it appears to be running fine.

[till]

Please make sure that you configured BIND to start at boot time. The command is:

chkconfig --levels 235 named on

[archange]

I remember doing that during the setup and the service is indeed running; I just rebooted the server once again - this is the bind status output:

Quote:

# service named status
number of zones: 0
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/1000
tcp clients: 0/100
server is up and running
named (pid 2031) is running...

Is it just me, or does Bind not read the DNS configuration from ISPconfig?

[till]

You should check that the configuration directory and named.conf file path of your bind installation match the bind config settings in ispconfig.

and if you want to test your local dns server, use this command:

dig @localhost arenahosting.org


Dont use @ns1.arenahosting.org as the nameserver domain then is a subdomain of the domain that you query, so you have to add glue records and a failure does not indicate if it is a problem with your dns server or if you have not setup the gluue records at the domain registry correctly.

[archange]

Thanks Till, I think you have pointed me into the right direction with your reply:

Quote:

You should check that the configuration directory and named.conf file path of your bind installation match the bind config settings in ispconfig.

These were the instructions I have followed during configuration of Bind:

Quote:

chmod 755 /var/named/
chmod 775 /var/named/chroot/
chmod 775 /var/named/chroot/var/
chmod 775 /var/named/chroot/var/named/
chmod 775 /var/named/chroot/var/run/
chmod 777 /var/named/chroot/var/run/named/
cd /var/named/chroot/var/named/
ln -s ../../ chroot
cp /usr/share/doc/bind-9.3.6/sample/var/named/named.local /var/named/chroot/var/named/named.local
cp /usr/share/doc/bind-9.3.6/sample/var/named/named.root /var/named/chroot/var/named/named.root
touch /var/named/chroot/etc/named.conf.local
vi /var/named/chroot/etc/named.conf

I changed:


To these to get it right:

[archange]

OK, after the changes, I added the DNS zones again and this time I can see them:

Quote:

]# service named status
number of zones: 2
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/1000
tcp clients: 0/100
server is up and running
named (pid 18523) is running...

Also, on localhost, the dig command shows correct output:

Quote:

# dig @localhost any dtxigaming.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> @localhost any dtxigaming.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53964
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 4

;; QUESTION SECTION:
;dtxigaming.com. IN ANY

;; ANSWER SECTION:
dtxigaming.com. 86400 IN SOA ns1.arenahosting.org. info.dtxigaming.com. 2010090709 28800 7200 604800 86400
dtxigaming.com. 86400 IN A 85.121.201.138
dtxigaming.com. 86400 IN MX 10 mail.dtxigaming.com.
dtxigaming.com. 86400 IN NS ns3.arenahosting.org.
dtxigaming.com. 86400 IN NS ns1.arenahosting.org.
dtxigaming.com. 86400 IN NS ns2.arenahosting.org.

;; ADDITIONAL SECTION:
mail.dtxigaming.com. 86400 IN A 85.121.201.138
ns1.arenahosting.org. 86400 IN A 85.121.201.138
ns2.arenahosting.org. 86400 IN A 85.121.201.139
ns3.arenahosting.org. 86400 IN A 85.121.202.199

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Sep 7 06:16:15 2010
;; MSG SIZE rcvd: 244

Question is, how and when do the zones transfer to the additional name servers? I have also modified the Bind9 file paths in their respective entries under ISPconfig3 and did a service restart.

Also, the example that I have followed showed the addition of Slave zones - as far as I understand, this is no longer the case in ISPconfig3 v.3.0.2.2
Is it OK to set the slave servers' IPs under "DNS Zone":

Quote:

Allow zone transfers to these IPs (comma separated list) 85.121.201.139, 85.121.202.199

[falko]

Quote:

Originally Posted by archange

Question is, how and when do the zones transfer to the additional name servers? I have also modified the Bind9 file paths in their respective entries under ISPconfig3 and did a service restart.

Zone transfers start immediately after a zone has changed on the master.

Quote:

Originally Posted by archange

Is it OK to set the slave servers' IPs under "DNS Zone":

Yes.

[archange]

OK.

Now, on server3 i get the following error:

Quote:

[root@server3 etc]# service named restart
Stopping named: [ OK ]
Starting named:
Error in named configuration:
zone arenahosting.org/IN: has no NS records
_default/arenahosting.org/IN: bad zone
zone dtxigaming.com/IN: has no NS records
_default/dtxigaming.com/IN: bad zone
[FAILED]

And another question: in ISPconfig3 panel, under DNS Zones, is it normal for zones to be displayed only under "Server1"? When I pick "Server2" and "Server3" I get no records. Do I have to add entries manually for these aswell and if so, could you tell me what need I to do?

Thank you!