DNS server problems

Discussion in 'Installation/Configuration' started by sulfuric, Oct 7, 2007.

  1. sulfuric

    sulfuric ISPConfig Developer

    I'm migrating my server to a Virtual dedicated server, all works fine but I have some problems with dns server, tcp and udp 53 are open, I create master zone from domain.

    this is the output of dnsreport:

    WARN All nameservers report identical NS records WARNING: At least one of your nameservers did not return your NS records (it reported 0 answers). This could be because of a referral, if you have a lame nameserver (which would need to be fixed).

    72.167.93.29 returns 0 answers (may be a referral)
    72.167.93.29 returns 0 answers (may be a referral)

    FAIL Number of nameservers ERROR: You have 2 nameservers, but both are on the same IP! This is not a valid setup. You are required to have at least 2 nameservers, per RFC 1035 section 2.2.

    FAIL Lame nameservers ERROR: You have one or more lame nameservers. These are nameservers that do NOT answer authoritatively for your domain. This is bad; for example, these nameservers may never get updated. The following nameservers are lame:
    72.167.93.29
    72.167.93.29

    FAIL Missing nameservers 2 ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are:
    ns1.grupaprop.net.
    ns2.grupaprop.net.

    WARN Nameservers on separate class C's WARNING: All of your nameservers (listed at the parent nameservers) are in the same Class C (technically, /24) address space, which means that they are probably at the same physical location. Your nameservers should be at geographically dispersed locations. You should not have all of your nameservers at the same location. RFC2182 3.1 goes into more detail about secondary nameserver location.

    FAIL Single Point of Failure ERROR: Although you have at least 2 NS records, they both point to the same server, resulting in a single point of failure. You are required to have at least 2 nameservers per RFC 1035 section 2.2.
    INFO Nameservers versions [For security reasons, this test is limited to members]

    FAIL Stealth NS record leakage Your DNS servers leak stealth information in non-NS requests:

    Stealth nameservers are leaked [I.ROOT-SERVERS.NET.]!
    Stealth nameservers are leaked [J.ROOT-SERVERS.NET.]!
    Stealth nameservers are leaked [K.ROOT-SERVERS.NET.]!
    Stealth nameservers are leaked [L.ROOT-SERVERS.NET.]!
    Stealth nameservers are leaked [M.ROOT-SERVERS.NET.]!
    Stealth nameservers are leaked [A.ROOT-SERVERS.NET.]!
    Stealth nameservers are leaked [B.ROOT-SERVERS.NET.]!
    Stealth nameservers are leaked [C.ROOT-SERVERS.NET.]!
    Stealth nameservers are leaked [D.ROOT-SERVERS.NET.]!
    Stealth nameservers are leaked [E.ROOT-SERVERS.NET.]!
    Stealth nameservers are leaked [F.ROOT-SERVERS.NET.]!
    Stealth nameservers are leaked [G.ROOT-SERVERS.NET.]!
    Stealth nameservers are leaked [H.ROOT-SERVERS.NET.]!

    This can cause some serious problems (especially if there is a TTL discrepancy). If you must have stealth NS records (NS records listed at the authoritative DNS servers, but not the parent DNS servers), you should make sure that your DNS server does not leak the stealth NS records in response to other queries.

    SOA FAIL SOA Record No valid SOA record came back:
    (root) is not grupaprop.com.

    any ideas thanks a lot.
     
  2. falko

    falko Super Moderator

    Can you post the domain name that is having this problem?
     

Share This Page