Domain name server - problems ... causes ?

[Amorphous]

Hello, i have just installed ISPConfig 3.0.3.2 on a fresh Centos 5.5 operating system, and i have stumblled among some problems wth Bind and DNS creating ...

I will start putting all the log bind creates, and after that all the config files regarding Bind, maybe u can explain what exactly is wrong
first of all, in the tutorial it is specified in the named.conf

I replaced

Quote:

include "/var/named/chroot/etc/named.conf.local";

with

Quote:

include "/var/named/chroot/var/named/named.local";

Also, in the "named" startup, i noticed that it asks for a /etc/named.conf file, so i created a link to /var/named/chroot/etc/named.conf


These are all the config files:


/var/named/chroot/etc/named.conf

Quote:

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named/chroot/var/named";
dump-file "/var/named/chroot/var/named/data/cache_dump.db";
statistics-file "/var/named/chroot/var/named/data/named_stats.txt";
memstatistics-file "/var/named/chroot/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
recursion yes;
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.root";
};
include "/var/named/chroot/var/named/named.local";

/var/named/chroot/var/named/named.local

Quote:

zone "domain1.ro" {
type master;
allow-transfer {none;};
file "/var/named/chroot/var/named//pri.domain1.ro";
};
zone "domain2.ro" {
type master;
allow-transfer {none;};
file "/var/named/chroot/var/named//pri.domain2.ro";
};
zone "domain3.ro" {
type master;
allow-transfer {none;};
file "/var/named/chroot/var/named//pri.domain3.ro";
};
zone "domain4.ro" {
type master;
allow-transfer {none;};
file "/var/named/chroot/var/named//pri.domain4.ro";
};
zone "domain5.ro" {
type master;
allow-transfer {none;};
file "/var/named/chroot/var/named//pri.domain5.ro";
};

/var/named/chroot/var/named/pri.domain1.ro

Quote:

$TTL 86400
@ IN SOA ns1.domain1.ro. office.domain1.ro. (
2011041106 ; serial, todays date + todays serial #
28800 ; refresh, seconds
7200 ; retry, seconds
604800 ; expire, seconds
86400 ) ; minimum, seconds
;

A 94.60.xx.xx
* A 94.60.xx.xx
cacti A 94.60.xx.xx
domain1.ro. A 94.60.xx.xx
domain1.ro. MX 10 mail.domain1.ro.
domain1.ro. NS ns1.domain1.ro.
domain1.ro. NS ns2.domain1.ro.
mail A 94.60.xx.xx
ns1 A 94.60.xx.xx
ns2 A 94.60.xx.xx
www A 94.60.xx.xx

/var/named/chroot/var/named/pri.domain2.ro

Quote:

$TTL 86400
@ IN SOA ns1.domain2.ro. office.domain2.ro. (
2011041404 ; serial, todays date + todays serial #
28800 ; refresh, seconds
7200 ; retry, seconds
604800 ; expire, seconds
86400 ) ; minimum, seconds
;

A 94.60.xx.xx
domain2.ro. A 94.60.xx.xx
domain2.ro. MX 10 mail.domain2.ro.
domain2.ro. NS ns1.domain2.ro.
domain2.ro. NS ns2.domain2.ro.
ns1 A 94.60.xx.xx
ns2 A 94.60.xx.xx
www A 94.60.xx.xx

/var/named/chroot/var/named/pri.domain3.ro

Quote:

$TTL 86400
@ IN SOA ns1.domain3.ro. office.domain3.ro. (
2011041105 ; serial, todays date + todays serial #
28800 ; refresh, seconds
7200 ; retry, seconds
604800 ; expire, seconds
86400 ) ; minimum, seconds
;

A 94.60.xx.xx
* A 94.60.xx.xx
mail A 94.60.xx.xx
domain3.ro. A 94.60.xx.xx
domain3.ro. MX 10 mail.domain3.ro.
domain3.ro. NS ns1.domain3.ro.
domain3.ro. NS ns2.domain3.ro.
ns1 A 94.60.xx.xx
ns2 A 94.60.xx.xx
www A 94.60.xx.xx

and so on, with all the other configs;

Errors:

Quote:

[root@hosting ~]# dig domain3.ro

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>> neoit.ro
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 40528
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;neoit.ro. IN A

;; Query time: 54 msec
;; SERVER: 94.60.xx.x#53(94.60.xx.x)
;; WHEN: Thu Apr 14 02:00:38 2011
;; MSG SIZE rcvd: 26

all the other domains look the same.


nslookup www.domain3.ro

Quote:

;; Got SERVFAIL reply from 94.60.xx.x, trying next server
;; Got SERVFAIL reply from 94.60.xx.x, trying next server
Server: 94.60.xx.y
Address: 94.60.xx.y#53

** server can't find www.domain3.ro.domain2.ro: SERVFAIL

/etc/init.d/named restart

Quote:

Stopping named: [ OK ]
Starting named: [ OK ]

As you see, no errors occur during restart named

tail -f /var/log/messages

Quote:

Apr 14 02:03:54 hosting named[11959]: shutting down: flushing changes
Apr 14 02:03:54 hosting named[11959]: stopping command channel on 127.0.0.1#953
Apr 14 02:03:54 hosting named[11959]: stopping command channel on ::1#953
Apr 14 02:03:54 hosting named[11959]: no longer listening on ::1#53
Apr 14 02:03:54 hosting named[11959]: no longer listening on 127.0.0.1#53
Apr 14 02:03:54 hosting named[11959]: exiting
Apr 14 02:03:56 hosting named[12069]: starting BIND 9.3.6-P1-RedHat-9.3.6-16.P1.el5 -u named -t /var/named/chroot
Apr 14 02:03:56 hosting named[12069]: found 1 CPU, using 1 worker thread
Apr 14 02:03:56 hosting named[12069]: using up to 4096 sockets
Apr 14 02:03:56 hosting named[12069]: loading configuration from '/etc/named.conf'
Apr 14 02:03:56 hosting named[12069]: max open files (1024) is smaller than max sockets (4096)
Apr 14 02:03:56 hosting named[12069]: using default UDP/IPv4 port range: [1024, 65535]
Apr 14 02:03:56 hosting named[12069]: using default UDP/IPv6 port range: [1024, 65535]
Apr 14 02:03:56 hosting named[12069]: listening on IPv6 interface lo, ::1#53
Apr 14 02:03:56 hosting named[12069]: listening on IPv4 interface lo, 127.0.0.1#53
Apr 14 02:03:56 hosting named[12069]: command channel listening on 127.0.0.1#953
Apr 14 02:03:56 hosting named[12069]: command channel listening on ::1#953
Apr 14 02:03:56 hosting named[12069]: zone domain1.ro/IN: loaded serial 2011041106
Apr 14 02:03:56 hosting named[12069]: zone domain2.ro/IN: loaded serial 2011041404
Apr 14 02:03:56 hosting named[12069]: zone domain3.ro/IN: loaded serial 2011041105
Apr 14 02:03:56 hosting named[12069]: zone domain4.ro/IN: loaded serial 2011041105
Apr 14 02:03:56 hosting named[12069]: zone domain5.ro/IN: loaded serial 2011041105
Apr 14 02:03:56 hosting named[12069]: running
Apr 14 02:03:56 hosting named[12069]: zone domain1.ro/IN: sending notifies (serial 2011041105)
Apr 14 02:03:56 hosting named[12069]: zone domain2.ro/IN: sending notifies (serial 2011041106)
Apr 14 02:03:56 hosting named[12069]: zone domain3.ro/IN: sending notifies (serial 2011041105)
Apr 14 02:03:56 hosting named[12069]: zone domain4.ro/IN: sending notifies (serial 2011041105)
Apr 14 02:03:56 hosting named[12069]: zone domain5.ro/IN: sending notifies (serial 2011041404)

i see in the nslookup command a problem at the end of the SERVFAIL error :

Quote:

** server can't find www.domain3.ro.domain2.ro: SERVFAIL

a closer look

Quote:

www.domain3.ro.domain2.ro:

why is this error in reading the domains ??? the domain2 is the "primary" domain,
is the domain allocated in the /etc/hosts/ file .....

Quote:

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
94.60.40.2 hosting.far3.ro hosting
::1 localhost6.localdomain6 localhost6

and also in the resolv.conf

Quote:

search domain2.ro
nameserver 94.60.xx.x
nameserver 94.60.xx.y

all of these, as i explain to myself, seem to be fine, i really don`t understand what can i do, none of these settings don`t seem to raise up the domains, and at least 2 of them are very much needed, one of them being my network domain, all the others are personal domains also, using them for some friends with game and radio servers .
a quick reply with any possible ideea would be much appreciated

Thank you very much !


Later Edit:

Quote:

[root@hosting ~]# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:imaps *:* LISTEN 1897/dovecot
tcp 0 0 *: pop3s *:* LISTEN 1897/dovecot
tcp 0 0 localhost.localdomain:smux *:* LISTEN 3246/snmpd
tcp 0 0 localhost.localdomain:10025 *:* LISTEN 1975/master
tcp 0 0 *:mysql *:* LISTEN 1865/mysqld
tcp 0 0 *: pop3 *:* LISTEN 1897/dovecot
tcp 0 0 localhost.local:dyna-access *:* LISTEN 1780/clamd
tcp 0 0 *:imap *:* LISTEN 1897/dovecot
tcp 0 0 *: sunrpc *:* LISTEN 1747/portmap
tcp 0 0 localhost.localdomai:domain *:* LISTEN 12069/named
tcp 0 0 *:ftp *:* LISTEN 2010/pure-ftpd (SER
tcp 0 0 localhost.localdomain:rndc *:* LISTEN 12069/named
tcp 0 0 *:smtp *:* LISTEN 1975/master
tcp 0 0 *:imaps *:* LISTEN 1897/dovecot
tcp 0 0 *: pop3s *:* LISTEN 1897/dovecot
tcp 0 0 *: pop3 *:* LISTEN 1897/dovecot
tcp 0 0 *:imap *:* LISTEN 1897/dovecot
tcp 0 0 *:webcache *:* LISTEN 1995/httpd
tcp 0 0 *:http *:* LISTEN 1995/httpd
tcp 0 0 *:tproxy *:* LISTEN 1995/httpd
tcp 0 0 localhost6.localdoma:domain *:* LISTEN 12069/named
tcp 0 0 *:ftp *:* LISTEN 2010/pure-ftpd (SER
tcp 0 0 *:ssh *:* LISTEN 1766/sshd
tcp 0 0 localhost6.localdomain:rndc *:* LISTEN 12069/named
tcp 0 0 *:https *:* LISTEN 1995/httpd
tcp 0 0 hosting.domain2.ro:ssh 79-117-35-66.rdsn:sonardata ESTABLISHED 20646/sshd: root@no
tcp 0 0 hosting.domain2.ro:ssh 79-117-35-66.rowergemplus ESTABLISHED 20698/sshd: root@no
tcp 0 2072 hosting.domain2.ro:ssh 79-117-35-66.rds:quicksuite ESTABLISHED 20784/0
tcp 0 0 hosting.domain2.ro:ssh 79-117-35-66.rdsnet.ro:4967 ESTABLISHED 11999/1

Thank You !

[till]

The command dig domain3.ro tests external dns servers and not the local one, to test the local nameserver, use this command:

dig @localhost dig domain3.ro

Quote:

a closer look
Quote:
www.domain3.ro.domain2.ro:

The reason is that a dot at the ends of the domain is missing. Every fully qualified domain name has to end with a dot in dns.

[Amorphous]

this is the answer to the command dig

Quote:

dig @localhost dig domain2.ro

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>> @localhost dig domain2.ro
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29283
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;dig. IN A

;; AUTHORITY SECTION:
. 10800 IN SOA a.root-servers.net. nstld.verisi gn-grs.com. 2011041301 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Apr 14 13:27:56 2011
;; MSG SIZE rcvd: 96

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5969
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;domain2.ro. IN A

;; ANSWER SECTION:
domain2.ro. 86400 IN A 94.60.xx.xx

;; AUTHORITY SECTION:
domain2.ro. 86400 IN NS ns2.domain2.ro.
domain2.ro. 86400 IN NS ns1.domain2.ro.

;; ADDITIONAL SECTION:
ns1.domain2.ro. 86400 IN A 94.60.xx.xx
ns2.domain2.ro. 86400 IN A 94.60.xx.xx

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Apr 14 13:27:56 2011
;; MSG SIZE rcvd: 109

[Amorphous]

Still no change, still nothing....

Any ideeas ? any suggestions ??? any thougts ??



later edit .....

maybe allow querry should be any instead of none ?

and also listening should not be made by named also on the public ip and not only by localhost ?\

I really am stucked here, on the previous instalation i used Centos 5.3 with ispconfig 3.0.2 .... with mydns installed and everythin worked perfect .... now .. i can t get my domains up ... and i don t know where is the problem ....
except forwarding DNS servers for my internet clients i am totally away from any other settings for named and bind DNS servers ...

[falko]

Please replace

Code:

options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named/chroot/var/named";
dump-file "/var/named/chroot/var/named/data/cache_dump.db";
statistics-file "/var/named/chroot/var/named/data/named_stats.txt";
memstatistics-file "/var/named/chroot/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
recursion yes;
};

with

Code:

options {
listen-on port 53 { any; };
listen-on-v6 port 53 { any; };
directory "/var/named/chroot/var/named";
dump-file "/var/named/chroot/var/named/data/cache_dump.db";
statistics-file "/var/named/chroot/var/named/data/named_stats.txt";
memstatistics-file "/var/named/chroot/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
};

in /var/named/chroot/etc/named.conf.

[Amorphous]

thank you very much, it work like a charm now if u can edit the tutorial also, u can try editing the tutorial for ispconfig centos 5.5, because all the commands and lines are copied exactly from the tutorial, and this erors i m sure i m not the only one with this problem,

if u can help me with one more little problem i would appreciate very much your help....

I want to make from this server also a DNS server for my Internet clients:

Quote:

IP Address: 94.60.xx.xx
Netmask : 255.255.255.xxx
Gateway: 94.60.xx.x

DNS1 : xx.xx.xx.xx
DNS2 : xx.xx.xx.xx

In the personal settings for each client, i have now the Routing server as my primary DNS, and i want to make my Ispconfig server as my second DNS, and to forward my ISP DNS trough ....
i know from the routing servers, that the config is somethig like this:

Quote:

acl "thor-clients" {
127.0.0.1/8;
94.60.xx.0/22;
};

logging {
category lame-servers { null; };
};

options {
// Relative to the chroot directory, if any
recursive-clients 3500;
directory "/etc";
pid-file "/var/run/named/pid";
dump-file "/var/dump/named_dump.db";
statistics-file "/var/stats/named.stats";
listen-on { 127.0.0.1; 94.60.xx.1;};
allow-query { any; };
forwarders {195.191.xxx.xxx;195.191.xxx.xxy;193.19.yyy.yy;};
version "surely you must be joking";
};

view "thor-clients" {
match-clients { "thor-clients"; };
recursion yes;
zone "." { type hint; file "named.root"; };
};

view "rest" {
match-clients { "any"; };
recursion no;
zone "." { type hint; file "named.root"; };
};

how can i add a set of rules like this one, to my Ispconfig server so i can use also this server as a forwarder ??

I know this is not the right section of the forum, but if u can help me with this little problem, i would appreciate it very much.

Thank you again very much !!