DNS Server not working

Discussion in 'Installation/Configuration' started by mmdollar, Jul 9, 2016.

  1. mmdollar

    mmdollar New Member

    Linux version: Ubuntu 16.04 LTS Xenial Server, Linux SkyNet 4.4.0-28-generic #47-Ubuntu SMP Fri Jun 24 10:08:35 UTC 2016 i686 i686 i686 GNU/Linux
    Code:
    ##### SERVER #####
    IP-address (as per hostname): ***.***.***.***
    IP-address(es) (as per ifconfig): ***.***.***.***
    [WARN] ip addresses from hostname differ from ifconfig output. Please check your ip settings.
    [INFO] ISPConfig is installed.
    
    ##### ISPCONFIG #####
    ISPConfig version is 3.1dev
    
    
    ##### VERSION CHECK #####
    
    [INFO] php (cli) version is 7.0.4-7ubuntu2.1
    
    ##### PORT CHECK #####
    
    [WARN] Port 993 (IMAP server SSL) seems NOT to be listening
    [WARN] Port 995 (POP3 server SSL) seems NOT to be listening
    [WARN] Port 22 (SSH server) seems NOT to be listening
    
    ##### MAIL SERVER CHECK #####
    
    
    ##### RUNNING SERVER PROCESSES #####
    
    [INFO] I found the following web server(s):
            Apache 2 (PID 959)
    [INFO] I found the following mail server(s):
            Postfix (PID 1571)
    [INFO] I found the following pop3 server(s):
            Dovecot (PID 851)
    [INFO] I found the following imap server(s):
            Dovecot (PID 851)
    [INFO] I found the following ftp server(s):
            PureFTP (PID 1101)
    
    ##### LISTENING PORTS #####
    (only           ()
    Local           (Address)
    [localhost]:953         (10500/named)
    [anywhere]:25           (1571/master)
    [anywhere]:1252         (745/sshd)
    [localhost]:10023               (884/postgrey.pid)
    [localhost]:3306                (781/mysqld)
    [anywhere]:587          (1571/master)
    [localhost]:11211               (749/memcached)
    [anywhere]:110          (851/dovecot)
    [anywhere]:143          (851/dovecot)
    [anywhere]:465          (1571/master)
    ***.***.***.***:53              (10500/named)
    [localhost]:53          (10500/named)
    [anywhere]:21           (1101/pure-ftpd)
    *:*:*:*::*:25           (1571/master)
    *:*:*:*::*:443          (959/apache2)
    [localhost]252          (745/sshd)
    *:*:*:*::*:10023                (884/postgrey.pid)
    *:*:*:*::*:587          (1571/master)
    [localhost]10           (851/dovecot)
    [localhost]43           (851/dovecot)
    *:*:*:*::*:8080         (959/apache2)
    *:*:*:*::*:80           (959/apache2)
    *:*:*:*::*:465          (1571/master)
    *:*:*:*::*:8081         (959/apache2)
    *:*:*:*::*:21           (1101/pure-ftpd)
    
    
    
    
    ##### IPTABLES #####
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination
    f2b-dovecot-pop3imap  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 110,995,143,993
    f2b-pureftpd  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 21
    f2b-postfix-sasl  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 25
    f2b-sshd   tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 22
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp dpt:53
    
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp spt:53
    
    Chain f2b-dovecot-pop3imap (1 references)
    target     prot opt source               destination
    RETURN     all  --  [anywhere]/0            [anywhere]/0
    
    Chain f2b-postfix-sasl (1 references)
    target     prot opt source               destination
    RETURN     all  --  [anywhere]/0            [anywhere]/0
    
    Chain f2b-pureftpd (1 references)
    target     prot opt source               destination
    RETURN     all  --  [anywhere]/0            [anywhere]/0
    
    Chain f2b-sshd (1 references)
    target     prot opt source               destination
    RETURN     all  --  [anywhere]/0            [anywhere]/0
    dig @localhost shows me the DNS record but without @localhost it does not work (I have waited over 24 hours before posting).
    Code:
    dig @localhost mydomain
    
    ; <<>> DiG 9.10.3-P4-Ubuntu <<>> @localhost mydomain
    ; (2 servers found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46739
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;mydomain.                   IN      A
    
    ;; ANSWER SECTION:
    mydomain.            3600    IN      A       [my.external.ip]
    
    ;; AUTHORITY SECTION:
    mydomain.            3600    IN      NS      ns2.mydomain.
    mydomain.            3600    IN      NS      ns1.mydomain.
    
    ;; ADDITIONAL SECTION:
    ns1.mydomain.        3600    IN      A       [my.external.ip]
    ns2.mydomain.        3600    IN      A       [my.external.ip]
    
    ;; Query time: 0 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Sat Jul 09 10:56:30 EEST 2016
    ;; MSG SIZE  rcvd: 124
    I cannot post any errors from /var/log/syslog it says no such file in dir.
    I have a router and opened the port 53 UDP/TCP.
    The .host file created from ISPConfig3
    Code:
    
    $TTL        3600
    @       IN      SOA     ns1.mydomain. support.mydomain. (
                            2016070810       ; serial, todays date + todays serial #
                            7200              ; refresh, seconds
                            540              ; retry, seconds
                            604800              ; expire, seconds
                            3600 )            ; minimum, seconds
    ;
    
    mail 3600 A        [my.external.ip]
    ns1.mydomain. 3600 A        [my.external.ip]
    ns2.mydomain. 3600 A        [my.external.ip]
    mydomain. 3600 A        [my.external.ip]
    skynet.mydomain. 3600 A        [my.external.ip]
    www 3600 A        [my.external.ip]
    mydomain. 3600      MX    10   mail.mydomain.
    mydomain. 3600      NS        ns2.mydomain.
    mydomain. 3600      NS        ns1.mydomain.
    mydomain. 3600      TXT        "v=spf1 mx a ~all"
    
    Status of bind9
    Code:
    ● bind9.service - BIND Domain Name Server
       Loaded: loaded (/etc/systemd/system/bind9.service; enabled; vendor preset: enabled)
      Drop-In: /run/systemd/generator/bind9.service.d
               └─50-insserv.conf-$named.conf
       Active: active (running) since Sat 2016-07-09 10:44:52 EEST; 15min ago
         Docs: man:named(8)
      Process: 10492 ExecStop=/usr/sbin/rndc stop (code=exited, status=0/SUCCESS)
    Main PID: 10500 (named)
       CGroup: /system.slice/bind9.service
               └─10500 /usr/sbin/named -4 -f -u bind
    
    Jul 09 10:44:53 SkyNet named[10500]: managed-keys-zone: loaded serial 76
    Jul 09 10:44:53 SkyNet named[10500]: zone 0.in-addr.arpa/IN: loaded serial 1
    Jul 09 10:44:53 SkyNet named[10500]: zone 127.in-addr.arpa/IN: loaded serial 1
    Jul 09 10:44:53 SkyNet named[10500]: zone 255.in-addr.arpa/IN: loaded serial 1
    Jul 09 10:44:53 SkyNet named[10500]: zone localhost/IN: loaded serial 2
    Jul 09 10:44:53 SkyNet named[10500]: zone mydomain/IN: loaded serial 2016070810
    Jul 09 10:44:53 SkyNet named[10500]: all zones loaded
    Jul 09 10:44:53 SkyNet named[10500]: running
    Jul 09 10:44:53 SkyNet named[10500]: zone mydomain/IN: sending notifies (serial 2016070810)
    Jul 09 10:44:53 SkyNet named[10500]: client [my.external.ip]#53452: received notify for zone 'mydomain'
    The domain provider pointed the two NS servers to my external IP address for example if I type ns1.mydomain it will redirect me to my external IP address. I have tried to look in different forums before posting here but sadly I failed :(.
     
    Last edited: Jul 9, 2016
  2. mmdollar

    mmdollar New Member

    I have fixed the problem, I added allow-query { any; }; in named.conf.options and called my ISP to check if port 53 is blocked (there was a bad port forwarding from my router). Sorry for disturbing :D you can close the threat.
     

Share This Page