Can't seem to get my own nameservers working

Discussion in 'General' started by johannes1985, Nov 4, 2018.

Tags:
  1. johannes1985

    johannes1985 Member HowtoForge Supporter

    Hi,

    I created 3 droplets at digital ocean:
    1 x for a web, mail, database etc server
    2 x Nameservers eg. ns1 and ns2

    The domain is petfectly.com (159.89.18.102)

    I edited the hosts on Godaddy as follows and let it point to my own nameservers:
    ns1 - 165.227.170.72
    ns2 - 165.227.166.39

    The DNS Zone on ISPConfig are as follows:

    Code:
    Active    Type    Name              Data                    Priority    TTL
    ----------------------------------------------------------------------------
    Yes          A    mail                  159.89.18.102        0        3600
    Yes          A    petfectly.com.    159.89.18.102        0        3600
    Yes          A    www                 159.89.18.102        0        3600
    Yes          MX    petfectly.com.  mail.petfectly.com.  10      3600
    Yes          NS    petfectly.com.   ns2.petfectly.com.   0       3600
    Yes         NS    petfectly.com.    ns1.petfectly.com.  0       3600
    Yes        TXT    petfectly.com.  v=spf1 mx a ~all    0       3600
    The nameservers are up and ISPConfig does pick them up on system -> server services.

    If someone could perhaps point me in the correct way or sent please :)
     

    Attached Files:

    Last edited: Nov 4, 2018
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

  3. johannes1985

    johannes1985 Member HowtoForge Supporter

    It is working now, I setup everything according to the perfect server for debian 9, I only opted to install the DNS servers apart, which I checked the setup on a previous tutorial that had a 5 server setup.

    Could you please elaborate?, Please see the screenshots attached also where there could still be a problem.

    If you go to petfectly.com, then you will be greeted with the default ispconfig page for a website.

    What I also noticed, I had google's dns' 8.8.8.8 and 8.8.4.4 on my laptop and it didn't resolve. Only when I selected dhcp on my laptop is when it went through.
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    In your screenshot, the A-Records for ns1 and ns2 are missing like @Taleman pointed out. When the NS records of a zone are subdomains of the zone itself, then you have to create A-Records for them in addition to the NS records.
     
  5. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    If it works, what is there to elaborate?
     
  6. johannes1985

    johannes1985 Member HowtoForge Supporter

    Is the screenshot above correct then? I added A records for the Nameservers.

    Just a quick rundown:
    Godaddy does not handle the records anymore as I added my own nameservers as you can see in the screenshot attached.

    I used the perfect server for debian 9 tutorial, the only exception was that I did a expert install and installed 2 additional nameservers with info I gathered from other tutorials (somewhat older tutorials, but I mixed and matched it with the info on the perfect server tutorial), is this fine? as it seems to be working?
     

    Attached Files:

  7. johannes1985

    johannes1985 Member HowtoForge Supporter

    I just want to make sure that I am doing it right, as to why I asked for help. Was hoping you could share your knowledge on this. I did add 2 a records as instructed.
     
  8. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Did you read the tutorial I gave a link to? It tells how to test name service is working?
     
  9. johannes1985

    johannes1985 Member HowtoForge Supporter

    I am getting the following on each nameserver (using dig from the webserver):
    Code:
    ; <<>> DiG 9.10.3-P4-Debian <<>> @165.227.170.72 ns1.petfectly.com
    ; (1 server found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 13346
    ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
    ;; WARNING: recursion requested but not available
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;ns1.petfectly.com.             IN      A
    
    ;; Query time: 1 msec
    ;; SERVER: 165.227.170.72#53(165.227.170.72)
    ;; WHEN: Sun Nov 04 17:25:35 UTC 2018
    ;; MSG SIZE  rcvd: 46
    
    Code:
    ; <<>> DiG 9.10.3-P4-Debian <<>> @165.227.166.39 ns2.petfectly.com
    ; (1 server found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 27207
    ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
    ;; WARNING: recursion requested but not available
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;ns2.petfectly.com.             IN      A
    
    ;; Query time: 1 msec
    ;; SERVER: 165.227.166.39#53(165.227.166.39)
    ;; WHEN: Sun Nov 04 17:26:51 UTC 2018
    ;; MSG SIZE  rcvd: 46
    
     
  10. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Are you testing
    1. if your name servers are working?
    2. Is name service info you entered correct?
    3. Is domain registered properly?
     
  11. johannes1985

    johannes1985 Member HowtoForge Supporter

    The nameservers is active
    The domain is properly registered


    Here are the tests: (the server is named web.petfectly.com)
    Code:
    host web.petfectly.com 165.227.170.72
    Using domain server:
    Name: 165.227.170.72
    Address: 165.227.170.72#53
    Aliases:
    
    Host web.petfectly.com not found: 3(NXDOMAIN)
    
    Code:
    host web.petfectly.com 165.227.166.39
    Using domain server:
    Name: 165.227.166.39
    Address: 165.227.166.39#53
    Aliases:
    
    Host web.petfectly.com not found: 5(REFUSED)
    
    These are working on only petfectly.com:
    Code:
    host petfectly.com 165.227.166.39
    Using domain server:
    Name: 165.227.166.39
    Address: 165.227.166.39#53
    Aliases:
    
    petfectly.com has address 159.89.18.102
    petfectly.com mail is handled by 10 mail.petfectly.com.
    
    Code:
     host petfectly.com 165.227.170.72
    Using domain server:
    Name: 165.227.170.72
    Address: 165.227.170.72#53
    Aliases:
    
    petfectly.com has address 159.89.18.102
    petfectly.com mail is handled by 10 mail.petfectly.com.
    
    Using dig, it shows refused as in the previous post.
     
  12. johannes1985

    johannes1985 Member HowtoForge Supporter

    I added an A record for web.petfectly.com:
    It shows tests as follows:
    Code:
    host web.petfectly.com 165.227.170.72
    Using domain server:
    Name: 165.227.170.72
    Address: 165.227.170.72#53
    Aliases:
    
    web.petfectly.com has address 159.89.18.102
    
    But it shows this for the second name server:
    Code:
    host web.petfectly.com 165.227.166.39
    Using domain server:
    Name: 165.227.166.39
    Address: 165.227.166.39#53
    Aliases:
    
    Host web.petfectly.com not found: 3(NXDOMAIN)
    
     
  13. johannes1985

    johannes1985 Member HowtoForge Supporter

    I am getting this from the first nameserver:
    Code:
    ; <<>> DiG 9.10.3-P4-Debian <<>> @165.227.170.72 petfectly.com
    ; (1 server found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51335
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;petfectly.com.                 IN      A
    
    ;; ANSWER SECTION:
    petfectly.com.          3600    IN      A       159.89.18.102
    
    ;; AUTHORITY SECTION:
    petfectly.com.          3600    IN      NS      ns1.petfectly.com.
    petfectly.com.          3600    IN      NS      ns2.petfectly.com.
    
    ;; ADDITIONAL SECTION:
    ns1.petfectly.com.      3600    IN      A       165.227.170.72
    ns2.petfectly.com.      3600    IN      A       165.227.166.39
    
    ;; Query time: 1 msec
    ;; SERVER: 165.227.170.72#53(165.227.170.72)
    ;; WHEN: Sun Nov 04 17:59:05 UTC 2018
    ;; MSG SIZE  rcvd: 126
    
    and from the second:
    Code:
    ; <<>> DiG 9.10.3-P4-Debian <<>> @165.227.166.39 petfectly.com
    ; (1 server found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29995
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;petfectly.com.                 IN      A
    
    ;; ANSWER SECTION:
    petfectly.com.          3012    IN      A       159.89.18.102
    
    ;; AUTHORITY SECTION:
    petfectly.com.          172212  IN      NS      ns1.petfectly.com.
    petfectly.com.          172212  IN      NS      ns2.petfectly.com.
    
    ;; ADDITIONAL SECTION:
    ns1.petfectly.com.      172212  IN      A       165.227.170.72
    ns2.petfectly.com.      172212  IN      A       165.227.166.39
    
    ;; Query time: 1 msec
    ;; SERVER: 165.227.166.39#53(165.227.166.39)
    ;; WHEN: Sun Nov 04 18:00:04 UTC 2018
    ;; MSG SIZE  rcvd: 126
    
     
  14. johannes1985

    johannes1985 Member HowtoForge Supporter

    Domain works fine on www.petfectly.com, but not on https://petfectly.com/.

    I did enable ssl and letsencrypt, also generated and save the ssl certificate and still it displays "This site can’t be reached"
     
  15. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Your site is not reachable from the Internet. Therefore certificate generation fails.
     
  16. johannes1985

    johannes1985 Member HowtoForge Supporter

    Then where could the problem be? I followed the tutorials to the finest details, added my own nameservers on godaddy and still nothing...

    Could the fact that the it is on digital oceans droplets be the problem?
     
  17. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Have you or have you not read the Tutorial I posted a link to?
     
  18. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    I suspect your problem is in registering the domain. Read chapter 1.7 in the tutorial.
     
  19. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    You seem to have moved name servers back to your providers service? Did you not get your registration fixed or not get the nameservers to answer to queries from the Internet?
     
  20. johannes1985

    johannes1985 Member HowtoForge Supporter

    I didn't get the nameservers to answer quieries, it kept returning refused when I tested it.

    I am going to reinstall everything from scratch and start over.
     

Share This Page