BIND 9 issue

Discussion in 'Installation/Configuration' started by dolmax, Oct 24, 2011.

  1. dolmax

    dolmax New Member

    I have recently installed ISPConfig 3 in a new server. The system was OK after the installation, but when I have physically installed it in the data center, I have realized that external DNSs responses were not functioning. I have parked two separate domains on the server and added some A and CNAME records using ISPconfig interface. Server does not respond to external queries. Just for your information, the version installed is 3.0.3.3 and the WAN interface is on the DMZ (so no port forwarding is required). I can confirm that, the prior server (an ISPconfig 2 machine) had no issues using the existing configuration.

    I have used the following different installations when trying to localize the problem. Just to make sure that I was not doing any mistakes I have installed and checked each configuration separately.

    The Perfect Server – Debian Squeeze (Debian 6.0) With BIND & Dovecot [ISPConfig 3]
    The Perfect Server – Debian Squeeze (Debian 6.0) With BIND & Courier [ISPConfig 3]

    In all of these cases, BIND queries failed. Later I have discovered that during boot I receive BIND related errors. When I use /etc/init.d/bind9 restart, it looks like the service is running, but again no response on the outside.

    Could this be a specific BIND bug related to current version?

    Thanx,
    Hakan
     
  2. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    Please post the error messages that you get in the syslog when you restart bind.
     
  3. dolmax

    dolmax New Member

    Dear Till,

    Please omit the "boot up DNS error" part in my previous message. That was my fault. In one of the installations I have included some parameters in /etc/bind/named.conf.local file. Those errors were related to that.

    Still, the server does not respond to queries outside.

    Need help? Any suggestions would do fine.

    Have you receive a BIND related issue in near future. I strongly believe that this related to the recent BIND update.

    Thanks,
    Hakan
     
  4. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    Please post the output of:

    netstat -tap

    and the content of the named.conf file
     
  5. dolmax

    dolmax New Member

    I have revised the domain name into "mydomain.com" and the real IP as "X.X.X.X".

    netstat -tap output
    named.conf
    named.conf.local
    pri.mydomain.com
     
  6. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    There ais a dns A-Record for ns2 missing. Please add a ns2 A-Record in the zone mydomain.com.

    Then check if you are you able to resolve the domain when you run this command on the server:

    dig @localhost mydomain.com

    If yes, then the problem might be either a closed firewall (please post the output of "iptables -L") or BIND is configured in /etc/bind/named.conf.options to not answer external queries.
     
  7. dolmax

    dolmax New Member

    This is the output. This is exactly what my problem is. Everything looks OK in the configuration files, the BIND service look OK, but no query response.
     
  8. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    Restart bind, then take a look into the syslog. You will find messages there which dns zones were skipped during start due to errors in the configuration.
     

Share This Page