Loop detected! We were referred back

Discussion in 'Installation/Configuration' started by Jeremy007, May 7, 2018.

  1. Jeremy007

    Jeremy007 Member

    Good day HF friends,

    Ispconfig type : Multi Server Setup
    Os : Linux 16.0.4
    Server type : Nginx

    I seem to having the following issue :
    My DNS takes very long to propagate, weeks sometimes. It seems like i have found a problem when i test my DNS data with MXToolbox. I get the error : "
    Loop detected! We were referred back to [panel ip addrress].

    When i dig via the local server it seems to return the correct information and bind also accepts the config. I can reach the site via certain networks.
    I have both DNS zone files on my ns servers , ns1(zone file) - ns2(secondary zone).

    Do i also need to enable DNS services/bind on webserver1?
  2. ztk.me

    ztk.me ISPConfig Developer ISPConfig Developer

  3. Jeremy007

    Jeremy007 Member

    Here is the output

    setup :

    $TTL        3600
    @       IN      SOA     ns1.myserver.com. info.sitexample.com. (
                            2018043002       ; serial, todays date + todays serial #
                            7200              ; refresh, seconds
                            540              ; retry, seconds
                            604800              ; expire, seconds
                            3600 )            ; minimum, seconds
    mail 3600 A        ip.of.webserver.1
    sitexample.com. 3600 A        ip.of.webserver.1
    www 3600 A        ip.of.webserver.1
    sitexample.com. 3600      MX    10   mail.sitexample.com.
    sitexample.com. 3600      NS        ns1.myserver.com.
    sitexample.com. 3600      NS        ns2.myserver.com.
    sitexample.com. 3600      TXT        "v=spf1 mx a ~all"
    Last edited: May 7, 2018
  4. Jeremy007

    Jeremy007 Member

    Nothing i do seems to solve the problem. Bind is running and the zone seems to be accepted. Wha'ts strange is that it that the redirect error points to my panel ip...
  5. ztk.me

    ztk.me ISPConfig Developer ISPConfig Developer

    I'd guess we just need more data - maybe to do some checks ourselves. But I can't see an issue on the zone file for that domain, it should work.
    maybe ns1, ns2 records are configured inproperly,
    your nameservers are on the same subnet and therefore get rejected by registry ( probably not for .com but for .de it might be ),
    nameserver is under the same domain as the one having issues?

    Having no detailed description or real data to gather informations one would need makes this a guessing game.
    If you have security conerns about the IP of your services or domainnames for some reasons, maybe getting in touch and ask for a quote and non disclosure agreement ...
    but since it's obviously non internal infrastructure - or do you have your own mx toolbox? :D
  6. Jeremy007

    Jeremy007 Member

    Haha. Sorry dont have my own mx toolbox.
    My main server config including nameservers are hosted on digotalocean.

    More info :

    My main server's zone file is not on the same subnet as my ispconfig panel server I believe.
    My main server's zone file is on digotalocean DNS system (panel, ns1, ns2), the rest are all on my ISPconfig dns server.
  7. ztk.me

    ztk.me ISPConfig Developer ISPConfig Developer

    hmm and does this thread help you?
    Uses DO aswell, especially #6 entry?

    edit: ah man, sry - nah probably won't help since you're using your own dns - facepalm :(

    So how do the lookups look like when you dig the domain using your dns and using $someother
    Are the nameservers entered for the domain deployed and functioning / configured for the given domain?
  8. Jeremy007

    Jeremy007 Member

    The mention thread actually addresses a different situation where Digitalocean serves as the main DNS service. In that way, everything works properly. The problems arises with my custom name servers.

    I can ping them both and they both return the correct IP addresses in dnschecker and mxtoolbox but somehow any zone file i post under my server gives a loop.
  9. Taleman

    Taleman Active Member HowtoForge Supporter

    If the posted zone file is complete, then it is missing A records for the name servers. If you have ns1 and ns2 as NS records, they must also have A records to show what their IP number is.
  10. Jeremy007

    Jeremy007 Member

    This would be true but the above example does not suffer the lack of an A record. The ns1 and ns2 records belong to myserver.com (Digitalocean DNS) and not to sitexample.com (ISPCONFIG BIND). The corrrect A record would then be
    sitexample.com. 3600 A ip.of.webserver.1

    My main hosting network DNS settings are configured with Digitalocean's DNS setting.

    My servers :

    ns/webserver1 (ns1)
    ns/webserver2 (ns2)
    webserver1 (is not ns/webserver1)
    webserver2 (is not ns/webserver2)

    If my site is hosted on webserver1 must i have the zone file on ns/webserver1 or webserver1 because DNS is disabled at webserver1 and unable to host the zone file. What's strange is that the sites hosted on ns/webserver1 and ns/webserver2 do not give the loop error.
    Last edited: May 10, 2018
  11. till

    till Super Moderator Staff Member ISPConfig Developer

    Why do you add a DNS record in ISPConfig then when your ISPConfig DNS server is not the authoritative DNS server of that zone? Wheen the DNS zone is hosted at the Digitalocean servers, then do not add that DNS zone on your ISPConfig server.
  12. Jeremy007

    Jeremy007 Member

    It might be a bit confusing but the DNS zone setting on ispconfig belongs to sitexample.com and not myserver.com

    So sitexample.com uses ns1.myserver.com and ns2.myserver.com as authoritative DNS server.

    If I use digotalocean to host sitexample.com's zone file, everything works nicely. It seems as if my nameservers are not responding.
    Last edited: May 11, 2018
  13. Jeremy007

    Jeremy007 Member

    Do i also need a copy of the main server's dns configuration on ispconfig?
  14. Jesse Norell

    Jesse Norell Well-Known Member

    To clarify, ns1.myserver.com and ns2.myserver.com are ISPConfig DNS servers?

    That could be, have you verified that the do give or the correct DNS info locally? If so, check firewalls and nat forwards if applicable.

    It's not clear to me what your "main" server is. You do not need DNS info added to the control panel server, only to your DNS servers, if that's what you mean.

Share This Page