Hi, I'm using ispConfig 3.0.4.2 on a VPS server and I created a DNS in IspConfig's admin after I've checked with dig, there is no error: ------------ # dig @1.2.3.4.5 something.org ; <<>> DiG 9.7.0-P1 <<>> @1.2.3.4.5 something.org ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48627 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;something.org. IN A ;; ANSWER SECTION: something.org. 86400 IN A 1.2.3.4.5 ;; AUTHORITY SECTION: something.org. 3600 IN NS ns2.something.org. something.org. 3600 IN NS ns.something.org. ;; ADDITIONAL SECTION: ns.something.org. 3600 IN A 1.2.3.4.5 ns2.something.org. 40211 IN A 100.200.300.400 ;; Query time: 0 msec ;; SERVER: 1.2.3.4.5 #53(1.2.3.4.5 ) ;; WHEN: Wed Jan 18 12:59:23 2012 ;; MSG SIZE rcvd: 118 ------------- I created slave record, too in other DNS server: ------------ zone "something.org" { type slave; masters {1.2.3.4.5 ;}; allow-transfer {none;}; file "/etc/bind/slave/sec.something.org"; }; -------------- but DNS checking is write out an error: -------- M-PNAU -E- [something.org] NS not authoritative: ns2.something.org -------------- How can I resolve this problem? Thank you in advance iszabi
ensure that the directory /etc/bind/slave is writable for the users that runs bind (named) and then update the dns record on the master by e.g. changing the ttl.
bind is going well... # netstat -tap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 localhost.localdo:10024 *:* LISTEN 1009/amavisd (maste tcp 0 0 localhost.localdo:10025 *:* LISTEN 1650/master tcp 0 0 *:mysql *:* LISTEN 908/mysqld tcp 0 0 localhost.localdo:spamd *:* LISTEN 1056/spamd.pid tcp 0 0 *:43027 *:* LISTEN 828/sshd tcp 0 0 jotudni.hu:domain *:* LISTEN 2358/named tcp 0 0 localhost.locald:domain *:* LISTEN 2358/named tcp 0 0 *:ftp *:* LISTEN 1663/pure-ftpd (SER tcp 0 0 localhost.localdoma:953 *:* LISTEN 2358/named tcp 0 0 *:smtp *:* LISTEN 1650/master tcp 0 0 localhost.localdo:mysql localhost.localdo:57304 ESTABLISHED 908/mysqld tcp 0 0 localhost.localdo:57289 localhost.localdo:mysql ESTABLISHED 1099/amavisd (ch7-a tcp 0 0 jotudni.hu:43027 catv-80-98-212-78:20927 ESTABLISHED 1354/sshd: iszabi [ tcp 0 0 localhost.localdo:mysql localhost.localdo:57289 ESTABLISHED 908/mysqld tcp 0 0 localhost.localdo:57304 localhost.localdo:mysql ESTABLISHED 1100/amavisd (ch7-a tcp6 0 0 [::]:imaps [::]:* LISTEN 1516/couriertcpd tcp6 0 0 [::]op3s [::]:* LISTEN 1550/couriertcpd tcp6 0 0 [::]op3 [::]:* LISTEN 1530/couriertcpd tcp6 0 0 [::]:imap2 [::]:* LISTEN 1496/couriertcpd tcp6 0 0 [::]:http-alt [::]:* LISTEN 1756/apache2 tcp6 0 0 [::]:www [::]:* LISTEN 1756/apache2 tcp6 0 0 [::]:tproxy [::]:* LISTEN 1756/apache2 tcp6 0 0 [::]:43027 [::]:* LISTEN 828/sshd tcp6 0 0 [::]:domain [::]:* LISTEN 2358/named tcp6 0 0 [::]:ftp [::]:* LISTEN 1663/pure-ftpd (SER tcp6 0 0 localhost:953 [::]:* LISTEN 2358/named tcp6 0 0 [::]:smtp [::]:* LISTEN 1650/master tcp6 0 0 [::]:https [::]:* LISTEN 1756/apache2 tcp6 0 0 localhost:47272 localhost:http-alt TIME_WAIT - tcp6 0 0 jotudni.hu:www 79-116-67-103.rdsn:4824 TIME_WAIT - tcp6 0 0 localhost:47270 localhost:http-alt TIME_WAIT - tcp6 0 0 jotudni.hu:www 79-116-67-103.rdsn:4820 TIME_WAIT - tcp6 0 0 localhost:47269 localhost:http-alt TIME_WAIT - tcp6 0 0 localhost:47274 localhost:http-alt TIME_WAIT - tcp6 0 0 jotudni.hu:www dsl51B64307.:codasrv-se TIME_WAIT - tcp6 0 0 jotudni.hu:www c-vl2001.osr0-ceg:55685 TIME_WAIT - tcp6 0 0 jotudni.hu:www dsl51B64307.pool.t:2437 TIME_WAIT - tcp6 0 0 jotudni.hu:www dsl51B64307.poo:codasrv TIME_WAIT - tcp6 0 0 jotudni.hu:www dsl51B64307.poo:codasrv TIME_WAIT - tcp6 0 0 localhost:47271 localhost:http-alt TIME_WAIT - tcp6 0 0 jotudni.hu:www dsl51B64307.pool.t:2435 TIME_WAIT - tcp6 0 0 localhost:47273 localhost:http-alt TIME_WAIT - tcp6 0 0 jotudni.hu:www dsl51B64307.pool.t:2438 TIME_WAIT - tcp6 0 0 localhost:47268 localhost:http-alt TIME_WAIT - # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination DROP tcp -- anywhere anywhere tcp dpt:www STRING match "GET /w00tw00t.at.ISC.SANS." ALGO name bm TO 70 fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain fail2ban-ssh (1 references) target prot opt source destination RETURN all -- anywhere anywhere
# dig @ns2.somebody.org ; <<>> DiG 9.7.0-P1 <<>> @ns2.somebody.org somebody.org ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 46181 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;somebody.org. IN A ;; Query time: 0 msec ;; SERVER: 79.172.211.98#53(79.172.211.98) ;; WHEN: Wed Jan 18 18:20:46 2012 ;; MSG SIZE rcvd: 28 ----------------- on primary dns server /etc/bind/named.conf.local zone "somebody.org" { type slave; masters {1.2.3.4.5;}; allow-transfer {none;}; file "/etc/bind/slave/sec.somebody.hu"; }; BUT /etc/bind/slave/sec.somebody.hu is missing!
NS not authoritative problem's continuation Hi, till and falko! I have two servers with two master configured ispconfig, beceuse there are independent hosting platform. Each one has the zone master files, and the other server has the slave zone file. Primary zone file: -------------- $TTL 3600 @ IN SOA ns.domain.tld. webmaster.domain.tld. ( 2012011813 ; serial, todays date + todays serial # 7200 ; refresh, seconds 540 ; retry, seconds 604800 ; expire, seconds 86400 ) ; minimum, seconds ; domain.tld. 3600 A 1.2.3.4.5 domain.tld. 3600 MX 10 mail.domain.tld. domain.tld. 3600 NS ns.domain.tld. domain.tld. 3600 NS ns2.domain.tld. mail 3600 A 1.2.3.4.5 ns 86400 A 1.2.3.4.5 www 3600 A 1.2.3.4.5 ---------------- Secondary zone file: /in named.conf.local file/ ----------------- zone "domain.tld" { type slave; masters {1.2.3.4.5;}; allow-transfer {none;}; file "/etc/bind/slave/sec.domain.tld"; }; ----------- Technical checking results: ------------- M-GREET -I- [domain.tld] Domi version 20120103 M-STA -I- [domain.tld] Starting from: 1.2.3.4.5 M-PNAM -I- [domain.tld] NS name: ns.domain.tld M-PADD -I- [domain.tld] NS addr: 1.2.3.4.5 M-PGET -I- [domain.tld] getting domain from NS 1.2.3.4.5 ... M-PRZO -I- [domain.tld] cannot download domain from 1.2.3.4.5 M-PARI -W- [domain.tld] NS records inconsistent with parent !!! M-RERR -W- [domain.tld] SOA parameters don't comply with RIPE M-NS -I- [domain.tld] A records for DNS servers: addr of NS ns.domain.tld.: 1.2.3.4.5 addr of NS ns2.domain.tld.: 2.3.4.5.6 M-PNAU -E- [domain.tld] NS not authoritative: ns2.domain.tld ------------- Primary zone file testing runned well on localhost: ----------- # dig localhost domain.tld ; <<>> DiG 9.7.0-P1 <<>> localhost domain.tld ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 706 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;localhost. IN A ;; ANSWER SECTION: localhost. 604800 IN A 127.0.0.1 ;; AUTHORITY SECTION: localhost. 604800 IN NS localhost. ;; ADDITIONAL SECTION: localhost. 604800 IN AAAA ::1 ;; Query time: 4 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Feb 3 10:49:04 2012 ;; MSG SIZE rcvd: 85 ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1245 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;domain.tld. IN A ;; ANSWER SECTION: domain.tld. 3600 IN A 1.2.3.4.5 ;; AUTHORITY SECTION: domain.tld. 3600 IN NS ns.domain.tld. domain.tld. 3600 IN NS ns2.domain.tld. ;; ADDITIONAL SECTION: ns.domain.tld. 86400 IN A 1.2.3.4.5 ns3.netkey.hu. 42512 IN A 2.3.4.5.6 ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Feb 3 10:49:04 2012 ;; MSG SIZE rcvd: 118 ------------ Becuse of it is not wotking properly I configured my domains to other DNS server and redirected the A records to ispconfig master servers when I running web servers and mail server. I do know why do not working the DNS server. (ISPconfig version is: 3.0.4.2) Comment: When I added the slave DNS record to other secondary DNS server, it did not work, there was error message same: NS not authoritative... Thank in advance.
Sorry to be reopening the forum here but: I believe I have something wrong with the dns settings making the interface ispconfig3 I did the same procedures using only the command and Pront was just right. Now ispconfigs by the dns pointed to the virtual host dminios are not recognized or pleo registro.com registro.br. If you put the ips in the registro.br they are recognized
