#1  
Old 25th December 2011, 23:50
wcsing wcsing is offline
Member
 
Join Date: Dec 2011
Posts: 36
Thanks: 2
Thanked 0 Times in 0 Posts
Default DNS servfail

Hi everyone,

Just install Debian 6 with desktop and perfect server, setup a client in ISP (3.0.4.1) and a zone by DNS wizard. But when i check the DNS with nslookup and it shown SERVFAIL:

================================================== ===
root@ci1:/home/terry# nslookup
> server 10.0.1.150
Default server: 10.0.1.150
Address: 10.0.1.150#53
> tadj.com
Server: 10.0.1.150
Address: 10.0.1.150#53

** server can't find tadj.com.tadj.com: SERVFAIL
================================================== ====
check the following files and it seem OK, can some one tell me what should i try?

IN /etc/bind/named.cond
...........
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
............


IN /etc/bind/named.conf.options
....................................
// forwarders {
// 0.0.0.0;
// };

auth-nxdomain no; # conform to RFC1035

listen-on-v6 { any; };
......................................


IN /etc/bind/named.conf.local
..................
zone "tadj.com" {
type master;
allow-transfer {none;};
file "/etc/bind/pri.tadj.com";
};
...................


in /etc/bind/named.conf.default-zones
..............................................
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
type master;
file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
..................................................


and there is full records in /etc/bind/pri.tadj.com
................................
$TTL 3600
@ IN SOA ci1.tadj.com. terry.computerinstruments.com.au. (
2011122501 ; serial, todays date + todays serial #
7200 ; refresh, seconds
540 ; retry, seconds
604800 ; expire, seconds
86400 ) ; minimum, seconds
;

mail 3600 A 123.243.65.181
tadj.com. 3600 A 123.243.65.181
tadj.com. 3600 MX 10 mail.tadj.com.
tadj.com. 3600 NS ci1.tadj.com.
tadj.com. 3600 NS ns1.telstra.net.
www 3600 A 123.243.65.181
...................................

also netstat as;

oot@ci1:/home/terry# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost.localdo:10024 *:* LISTEN 1487/amavisd (maste
tcp 0 0 localhost.localdo:10025 *:* LISTEN 2705/master
tcp 0 0 *:mysql *:* LISTEN 2248/mysqld
tcp 0 0 *op3 *:* LISTEN 2720/dovecot
tcp 0 0 *:imap2 *:* LISTEN 2720/dovecot
tcp 0 0 *:sunrpc *:* LISTEN 788/portmap
tcp 0 0 *:ftp *:* LISTEN 2652/pure-ftpd (SER
tcp 0 0 ci1.tadj.com:domain *:* LISTEN 1326/named
tcp 0 0 localhost.locald:domain *:* LISTEN 1326/named
tcp 0 0 *:ssh *:* LISTEN 2251/sshd
tcp 0 0 localhost.localdoma:ipp *:* LISTEN 1871/cupsd
tcp 0 0 *:smtp *:* LISTEN 2705/master
tcp 0 0 localhost.localdoma:953 *:* LISTEN 1326/named
tcp 0 0 *:imaps *:* LISTEN 2720/dovecot
tcp 0 0 *:35553 *:* LISTEN 800/rpc.statd
tcp 0 0 *op3s *:* LISTEN 2720/dovecot
tcp6 0 0 [::]:http-alt [::]:* LISTEN 1500/apache2
tcp6 0 0 [::]:www [::]:* LISTEN 1500/apache2
tcp6 0 0 [::]:tproxy [::]:* LISTEN 1500/apache2
tcp6 0 0 [::]:ftp [::]:* LISTEN 2652/pure-ftpd (SER
tcp6 0 0 [::]:domain [::]:* LISTEN 1326/named
tcp6 0 0 [::]:ssh [::]:* LISTEN 2251/sshd
tcp6 0 0 ip6-localhost:ipp [::]:* LISTEN 1871/cupsd
tcp6 0 0 ip6-localhost:953 [::]:* LISTEN 1326/named
tcp6 0 0 [::]:https [::]:* LISTEN 1500/apache2
root@ci1:/home/terry#

Thanks.
Reply With Quote
Sponsored Links
  #2  
Old 26th December 2011, 10:50
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

What's in /etc/bind/named.conf.local?

What's the output of
Code:
dig @localhost tadj.com
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 27th December 2011, 00:14
wcsing wcsing is offline
Member
 
Join Date: Dec 2011
Posts: 36
Thanks: 2
Thanked 0 Times in 0 Posts
Default

in /etc/bind/named.conf.local:
..................................................
zone "tadj.com" {
type master;
allow-transfer {none;};
file "/etc/bind/pri.tadj.com";
};

-------------------------------------------------------------
root@ci1:/home/terry# dig @localhost tadj.com

; <<>> DiG 9.7.3 <<>> @localhost tadj.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 36391
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;tadj.com. IN A

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Dec 27 10:09:26 2011
;; MSG SIZE rcvd: 26

root@ci1:/home/terry#

Thanks
Reply With Quote
  #4  
Old 27th December 2011, 20:16
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

What are the outputs of
Code:
netstat -uap
and
Code:
iptables -L
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 28th December 2011, 00:07
wcsing wcsing is offline
Member
 
Join Date: Dec 2011
Posts: 36
Thanks: 2
Thanked 0 Times in 0 Posts
Default

root@ci1:/home/terry# netstat -uap

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
udp 0 0 ci1.tadj.com:46127 uneeda.telstra.n:domain ESTABLISHED 19856/firefox-bin
udp 0 0 ci1.tadj.com:49199 uneeda.telstra.n:domain ESTABLISHED 19856/firefox-bin
udp 0 0 ci1.tadj.com:domain *:* 1313/named
udp 0 0 localhost.locald:domain *:* 1313/named
udp 0 0 *:965 *:* 789/rpc.statd
udp 0 0 *:mdns *:* 1261/avahi-daemon:
udp 0 0 *:39149 *:* 1261/avahi-daemon:
udp 0 0 *:sunrpc *:* 774/portmap
udp 0 0 *:ipp *:* 1920/cupsd
udp 0 0 ci1.tadj.com:ntp *:* 2514/ntpd
udp 0 0 localhost.localdoma:ntp *:* 2514/ntpd
udp 0 0 *:ntp *:* 2514/ntpd
udp 0 0 *:48395 *:* 789/rpc.statd
udp 0 0 ci1.tadj.com:56482 uneeda.telstra.n:domain ESTABLISHED 19856/firefox-bin
udp6 0 0 [::]:domain [::]:* 1313/named
udp6 0 0 [::]:48713 [::]:* 1261/avahi-daemon:
udp6 0 0 [::]:mdns [::]:* 1261/avahi-daemon:
udp6 0 0 fe80::213:72ff:feb4:ntp [::]:* 2514/ntpd
udp6 0 0 ip6-localhost:ntp [::]:* 2514/ntpd
udp6 0 0 [::]:ntp [::]:* 2514/ntpd


root@ci1:/home/terry# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
fail2ban-dovecot-pop3imap tcp -- anywhere anywhere multiport dports pop3,pop3s,imap2,imaps
fail2ban-pureftpd tcp -- anywhere anywhere multiport dports ftp
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
DROP tcp -- anywhere loopback/8
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
DROP all -- base-address.mcast.net/4 anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
DROP all -- anywhere anywhere

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere

Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere

Chain PAROLE (15 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere

Chain PUB_IN (4 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp echo-request
PAROLE tcp -- anywhere anywhere tcp dpt:ftp-data
PAROLE tcp -- anywhere anywhere tcp dpt:ftp
PAROLE tcp -- anywhere anywhere tcp dpt:ssh
PAROLE tcp -- anywhere anywhere tcp dpt:smtp
PAROLE tcp -- anywhere anywhere tcp dpt:domain
PAROLE tcp -- anywhere anywhere tcp dpt:www
PAROLE tcp -- anywhere anywhere tcp dptop3
PAROLE tcp -- anywhere anywhere tcp dpt:imap2
PAROLE tcp -- anywhere anywhere tcp dpt:https
PAROLE tcp -- anywhere anywhere tcp dpt:imaps
PAROLE tcp -- anywhere anywhere tcp dptop3s
PAROLE tcp -- anywhere anywhere tcp dpt:mysql
PAROLE tcp -- anywhere anywhere tcp dpt:http-alt
PAROLE tcp -- anywhere anywhere tcp dpt:tproxy
PAROLE tcp -- anywhere anywhere tcp dpt:webmin
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:mysql
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain PUB_OUT (4 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere

Chain fail2ban-dovecot-pop3imap (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere

Chain fail2ban-pureftpd (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere

Chain fail2ban-ssh (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
root@ci1:/home/terry#

Thanks
Reply With Quote
  #6  
Old 29th December 2011, 13:24
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

Looks ok. Can you post your FULL /etc/bind/named.conf here (not sure if what you posted in your first post was the full file)?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 30th December 2011, 00:27
wcsing wcsing is offline
Member
 
Join Date: Dec 2011
Posts: 36
Thanks: 2
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by falko View Post
Looks ok. Can you post your FULL /etc/bind/named.conf here (not sure if what you posted in your first post was the full file)?
Sure, here is my /etc/bind/named.local:

// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
~
~
~
~
~
~
~
~
~
~
~
~
"/etc/bind/named.conf" 11L, 463C 1,1 All
Reply With Quote
  #8  
Old 30th December 2011, 18:44
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

I see you didn't create an A record for ci1.tadj.com - maybe that is the problem.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #9  
Old 31st December 2011, 00:14
wcsing wcsing is offline
Member
 
Join Date: Dec 2011
Posts: 36
Thanks: 2
Thanked 0 Times in 0 Posts
Default

Add A record and reboot server, but same error.

IN /etc/bind/pri.tadj.com:

$TTL 3600
@ IN SOA ci1.tadj.com. terry.computerinstruments.com.au. (
2011123101 ; serial, todays date + todays serial #
7200 ; refresh, seconds
540 ; retry, seconds
604800 ; expire, seconds
86400 ) ; minimum, seconds
;

ci1.tadj.com 86400 A 123.243.65.181
mail 3600 A 123.243.65.181
tadj.com. 3600 A 123.243.65.181
tadj.com. 3600 MX 10 mail.tadj.com.
tadj.com. 3600 NS ci1.tadj.com.
tadj.com. 3600 NS ns1.telstra.net.
www 3600 A 123.243.65.181

~
~
~
"/etc/bind/pri.tadj.com" 17L, 705C 1,1 All

root@ci1:/home/terry# dig @localhost tadj.com

; <<>> DiG 9.7.3 <<>> @localhost tadj.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 44142
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;tadj.com. IN A

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Dec 31 10:05:05 2011
;; MSG SIZE rcvd: 26

Will it help if we reinstall ISP3 ?

Falko; Happy New Year to you and your family. (many thanks for all the help). Terry Dec/2011.
Reply With Quote
  #10  
Old 31st December 2011, 13:11
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
 
Default

Quote:
ci1.tadj.com 86400 A 123.243.65.181
You forgot the dot. It must either be
Code:
ci1.tadj.com. 86400 A 123.243.65.181
or
Code:
ci1 86400 A 123.243.65.181
Quote:
Falko; Happy New Year to you and your family. (many thanks for all the help). Terry Dec/2011.
Thanks a lot, I wish the same to you and your family.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
wcsing (1st January 2012)
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Bind9 Error Messages (and a problem with A records...) erosbk Server Operation 0 23rd May 2011 07:18
Squid Proxy Caching on Linux obzerver Installation/Configuration 4 13th August 2008 19:51
Google Apps dayjahone General 19 29th March 2008 17:25
DNS Configuration Problems VMartins Installation/Configuration 10 24th July 2007 14:40
Unable send receive emails vassilis3 Installation/Configuration 15 19th May 2007 14:34


All times are GMT +2. The time now is 05:09.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.