Name server sdns1.ovh.ca (8.33.137.137) does not answer queries over TCP.

Discussion in 'ISPConfig 3 Priority Support' started by Enrique García, Jan 9, 2018.

  1. Enrique García

    Enrique García Member HowtoForge Supporter

    I have a new fresh installtion with Cento 7.4 using your guides.
    But, testing with http://dnscheck.pingdom.com
    Display this:
    sdns1.ovh.ca.
    [​IMG]
    DNS SERVFAIL when querying 8.33.137.137 for SOA


    [​IMG]
    Name server sdns1.ovh.ca (8.33.137.137) does not answer queries over TCP.


    The name server failed to answer queries sent over TCP. This is probably due to the name server not correctly set up or due to misconfgured filtering in a firewall. It is a rather common misconception that DNS does not need TCP unless they provide zone transfers - perhaps the name server administrator is not aware that TCP usually is a requirement.

    This is my config is:
    cat /var/named/pri.fyde.com.mx
    $TTL 3600
    @ IN SOA ns.fyde.com.mx. eagarciaj.gmail.com. (
    2018010904 ; serial, todays date + todays serial #
    7200 ; refresh, seconds
    540 ; retry, seconds
    1209600 ; expire, seconds
    3600 ) ; minimum, seconds
    ;

    fyde.com.mx. 3600 A 144.217.95.153
    www 3600 A 144.217.95.153
    mail 3600 A 144.217.95.153
    fyde.com.mx. 3600 NS ns.fyde.com.mx.
    fyde.com.mx. 3600 NS sdns1.ovh.ca.
    fyde.com.mx. 3600 MX 10 mail.fyde.com.mx.
    fyde.com.mx. 3600 TXT "v=spf1 mx ~all"
    default._domainkey.fyde.com.mx. 3600 TXT "v=DKIM1; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCa27c6ShU+TQu5TdLFwxOu7+VGb480jgp$
    _dmarc.fyde.com.mx. 3600 TXT "v=DMARC1; p=quarantine; rua=mailto:[email protected]; ruf=mailto:[email protected]"
    ns 3600 A 144.217.95.153
    mail.fyde.com.mx 3600 PTR mail
    ownercheck 3600 TXT "d44a5b5d"
    sdns1.ovh.ca 3600 A 8.33.137.137

    Please advise,
    Regards,
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Remove these records in ISPConfig:

    mail.fyde.com.mx 3600 PTR mail
    sdns1.ovh.ca 3600 A 8.33.137.137

    Then wait a minute. Now test the dns server locally with the command:

    dig @localhost fyde.com.mx

    and post the output.
     
  3. Enrique García

    Enrique García Member HowtoForge Supporter

    [[email protected] ~]# dig @localhost fyde.com.mx

    ; <<>> DiG 9.9.4-RedHat-9.9.4-51.el7_4.1 <<>> @localhost fyde.com.mx
    ; (2 servers found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24008
    ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
    ;; WARNING: recursion requested but not available

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;fyde.com.mx. IN A

    ;; ANSWER SECTION:
    fyde.com.mx. 3600 IN A 144.217.95.153

    ;; AUTHORITY SECTION:
    fyde.com.mx. 3600 IN NS sdns1.ovh.ca.
    fyde.com.mx. 3600 IN NS ns.fyde.com.mx.

    ;; ADDITIONAL SECTION:
    ns.fyde.com.mx. 3600 IN A 144.217.95.153

    ;; Query time: 1 msec
    ;; SERVER: ::1#53:):1)
    ;; WHEN: Wed Jan 10 15:15:54 CST 2018
    ;; MSG SIZE rcvd: 115
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    fine, so dns seems to be working now.
     
  5. Enrique García

    Enrique García Member HowtoForge Supporter

  6. till

    till Super Moderator Staff Member ISPConfig Developer

    The zone is resolving fine:

    [email protected]:~# dig fyde.com.mx

    ; <<>> DiG 9.10.3-P4-Debian <<>> fyde.com.mx
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34061
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 512
    ;; QUESTION SECTION:
    ;fyde.com.mx. IN A

    ;; ANSWER SECTION:
    fyde.com.mx. 3599 IN A 144.217.95.153

    ;; Query time: 274 msec
    ;; SERVER: 8.8.8.8#53(8.8.8.8)
    ;; WHEN: Wed Jan 10 14:30:49 CST 2018
    ;; MSG SIZE rcvd: 56

    [email protected]:~# dig www.fyde.com.mx

    ; <<>> DiG 9.10.3-P4-Debian <<>> www.fyde.com.mx
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54120
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 512
    ;; QUESTION SECTION:
    ;www.fyde.com.mx. IN A

    ;; ANSWER SECTION:
    www.fyde.com.mx. 3599 IN A 144.217.95.153

    ;; Query time: 314 msec
    ;; SERVER: 8.8.8.8#53(8.8.8.8)
    ;; WHEN: Wed Jan 10 14:42:14 CST 2018
    ;; MSG SIZE rcvd: 60

    [email protected]:~# dig MX fyde.com.mx

    ; <<>> DiG 9.10.3-P4-Debian <<>> MX fyde.com.mx
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56905
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 512
    ;; QUESTION SECTION:
    ;fyde.com.mx. IN MX

    ;; ANSWER SECTION:
    fyde.com.mx. 3599 IN MX 10 mail.fyde.com.mx.

    ;; Query time: 217 msec
    ;; SERVER: 8.8.8.8#53(8.8.8.8)
    ;; WHEN: Wed Jan 10 14:42:26 CST 2018
    ;; MSG SIZE rcvd: 61
     

Share This Page