Was using ispconfig 2 for a long time but have made the switch to ispconfig 3. Can't get DNS working though and I have no idea why. Server uses Fedora 16 and I used the perfect server setup for Fedora 15. On ispconfig 2, the old server/pc, the sites were running without a problem behind my router so DNS was working, but now on intodns.com I keep getting: Error Mismatched NS records WARNING: One or more of your nameservers did not return any of your NS records. Error DNS servers responded ERROR: One or more of your nameservers did not respond: The ones that did not respond are: 204.13.249.76 122.249.2.210 Below is needed output. Help is greatly appreciated. Service named is running: named.service - LSB: start|stop|status|restart|try-restart|reload|force-reload DNS server Loaded: loaded (/etc/rc.d/init.d/named) Active: active (running) since Mon, 05 Mar 2012 21:22:22 +0900; 16min ago Process: 8451 ExecStop=/etc/rc.d/init.d/named stop (code=exited, status=0/SUCCESS) Process: 7537 ExecReload=/etc/rc.d/init.d/named reload (code=exited, status=0/SUCCESS) Process: 8500 ExecStart=/etc/rc.d/init.d/named start (code=exited, status=0/SUCCESS) CGroup: name=systemd:/system/named.service └ 8506 /usr/sbin/named -u named Dig: ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.2.rc1.fc16 <<>> ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29806 ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 14 ;; QUESTION SECTION: ;. IN NS ;; ANSWER SECTION: . 6297 IN NS g.root-servers.net. . 6297 IN NS b.root-servers.net. . 6297 IN NS j.root-servers.net. . 6297 IN NS i.root-servers.net. . 6297 IN NS d.root-servers.net. . 6297 IN NS h.root-servers.net. . 6297 IN NS f.root-servers.net. . 6297 IN NS m.root-servers.net. . 6297 IN NS c.root-servers.net. . 6297 IN NS k.root-servers.net. . 6297 IN NS l.root-servers.net. . 6297 IN NS e.root-servers.net. . 6297 IN NS a.root-servers.net. ;; ADDITIONAL SECTION: a.root-servers.net. 3554584 IN A 198.41.0.4 a.root-servers.net. 3554584 IN AAAA 2001:503:ba3e::2:30 b.root-servers.net. 3554584 IN A 192.228.79.201 c.root-servers.net. 3565869 IN A 192.33.4.12 d.root-servers.net. 3565869 IN A 128.8.10.90 d.root-servers.net. 3596535 IN AAAA 2001:500:2d::d e.root-servers.net. 3596535 IN A 192.203.230.10 f.root-servers.net. 3594940 IN A 192.5.5.241 f.root-servers.net. 3554584 IN AAAA 2001:500:2f::f g.root-servers.net. 3565869 IN A 192.112.36.4 h.root-servers.net. 3554584 IN A 128.63.2.53 h.root-servers.net. 3554584 IN AAAA 2001:500:1::803f:235 i.root-servers.net. 3554584 IN A 192.36.148.17 i.root-servers.net. 3584273 IN AAAA 2001:7fe::53 ;; Query time: 17 msec ;; SERVER: 216.146.35.35#53(216.146.35.35) ;; WHEN: Mon Mar 5 21:39:28 2012 ;; MSG SIZE rcvd: 512 dig @localhost mutoh-seikatsu.com: ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.2.rc1.fc16 <<>> @localhost mutoh-seikatsu.com ; (2 servers found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 467 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;mutoh-seikatsu.com. IN A ;; ANSWER SECTION: mutoh-seikatsu.com. 86400 IN A 122.249.2.210 ;; AUTHORITY SECTION: mutoh-seikatsu.com. 0 IN NS ns2.mydyndns.com. mutoh-seikatsu.com. 0 IN NS ns1.mutoh-seikatsu.com. ;; ADDITIONAL SECTION: ns1.mutoh-seikatsu.com. 86400 IN A 122.249.2.210 ;; Query time: 0 msec ;; SERVER: ::1#53:1) ;; WHEN: Mon Mar 5 21:40:25 2012 ;; MSG SIZE rcvd: 113 dig @122.249.2.210 mutoh-seikatsu.com: ;; reply from unexpected source: 192.168.24.1#53, expected 122.249.2.210#53 ;; reply from unexpected source: 192.168.24.1#53, expected 122.249.2.210#53 ;; reply from unexpected source: 192.168.24.1#53, expected 122.249.2.210#53 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.2.rc1.fc16 <<>> @122.249.2.210 mutoh-seikatsu.com ; (1 server found) ;; global options: +cmd ;; connection timed out; no servers could be reached iptables -L: Chain INPUT (policy DROP) target prot opt source destination ACCEPT tcp -- resolver1.dyndnsinternetguide.com anywhere tcpflags:! FIN,SYN,RST,ACK/SYN ACCEPT udp -- resolver1.dyndnsinternetguide.com anywhere ACCEPT tcp -- resolver2.dyndnsinternetguide.com anywhere tcpflags:! FIN,SYN,RST,ACK/SYN ACCEPT udp -- resolver2.dyndnsinternetguide.com anywhere ACCEPT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere limit: avg 10/sec burst 5 DROP all -- anywhere 255.255.255.255 DROP all -- anywhere 192.168.24.255 DROP all -- 255.255.255.255 anywhere DROP all -- anywhere default DROP all -- anywhere anywhere state INVALID LSI all -f anywhere anywhere limit: avg 10/min burst 5 INBOUND all -- anywhere anywhere INBOUND all -- anywhere server.mutoh-seikatsu.com INBOUND all -- anywhere server.mutoh-seikatsu.com INBOUND all -- anywhere 192.168.0.255 LOG_FILTER all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix "Unknown Input" Chain FORWARD (policy DROP) target prot opt source destination ACCEPT icmp -- anywhere anywhere limit: avg 10/sec burst 5 TCPMSS tcp -- anywhere anywhere tcpflags: SYN,RST/SYN TCPMSS clamp to PMTU OUTBOUND all -- anywhere anywhere ACCEPT tcp -- anywhere 192.168.0.0/24 state RELATED,ESTABLISHED ACCEPT udp -- anywhere 192.168.0.0/24 state RELATED,ESTABLISHED LOG_FILTER all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix "Unknown Forward" Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT tcp -- server.mutoh-seikatsu.com resolver1.dyndnsinternetguide.com tcp dpt:domain ACCEPT udp -- server.mutoh-seikatsu.com resolver1.dyndnsinternetguide.com udp dpt:domain ACCEPT tcp -- server.mutoh-seikatsu.com resolver2.dyndnsinternetguide.com tcp dpt:domain ACCEPT udp -- server.mutoh-seikatsu.com resolver2.dyndnsinternetguide.com udp dpt:domain ACCEPT all -- anywhere anywhere DROP all -- 255.255.255.255 anywhere DROP all -- anywhere default DROP all -- anywhere anywhere state INVALID OUTBOUND all -- anywhere anywhere OUTBOUND all -- anywhere anywhere LOG_FILTER all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix "Unknown Output" Chain INBOUND (4 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.0.104 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT all -- 192.168.24.1 anywhere ACCEPT tcp -- 192.168.0.0/24 anywhere tcp dpts:bootps:bootpc ACCEPT udp -- 192.168.0.0/24 anywhere udp dpts:bootps:bootpc ACCEPT tcp -- anywhere anywhere tcp dpts:ftp-data:ftp ACCEPT udp -- anywhere anywhere udp dpts:ftp-data:ftp ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT udp -- anywhere anywhere udp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT udp -- anywhere anywhere udp dpt:https ACCEPT tcp -- anywhere anywhere tcp dpt:imap ACCEPT udp -- anywhere anywhere udp dpt:imap ACCEPT tcp -- anywhere anywhere tcp dpt:smtp ACCEPT udp -- anywhere anywhere udp dpt:smtp ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT udp -- anywhere anywhere udp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:ntp ACCEPT udp -- anywhere anywhere udp dpt:ntp ACCEPT tcp -- anywhere anywhere tcp dpt:webcache ACCEPT udp -- anywhere anywhere udp dpt:webcache ACCEPT tcp -- anywhere anywhere tcp dpt:ndmp ACCEPT udp -- anywhere anywhere udp dpt:ndmp ACCEPT tcp -- server.mutoh-seikatsu.com anywhere tcp dpt:db-lsp ACCEPT udp -- server.mutoh-seikatsu.com anywhere udp dpt:db-lsp-disc ACCEPT tcp -- 192.168.0.104 anywhere tcp dpt:netbios-dgm ACCEPT udp -- 192.168.0.104 anywhere udp dpt:netbios-dgm ACCEPT tcp -- 192.168.0.125 anywhere tcp dpt:db-lsp ACCEPT udp -- 192.168.0.125 anywhere udp dpt:db-lsp-disc ACCEPT tcp -- 115.179.101.100.ap.gmobb-fix.jp anywhere tcp dpt:imaps ACCEPT udp -- 115.179.101.100.ap.gmobb-fix.jp anywhere udp dpt:imaps ACCEPT tcp -- 115.179.101.100.ap.gmobb-fix.jp anywhere tcp dpt:imaps ACCEPT udp -- 115.179.101.100.ap.gmobb-fix.jp anywhere udp dpt:imaps ACCEPT tcp -- anywhere anywhere tcp dpt:domain ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT tcp -- anywhere anywhere tcp dpt:25012 ACCEPT udp -- anywhere anywhere udp dpt:25012 ACCEPT tcp -- anywhere anywhere tcp dpt:mysql ACCEPT udp -- anywhere anywhere udp dpt:mysql ACCEPT tcp -- anywhere anywhere tcp dpt:tproxy ACCEPT udp -- anywhere anywhere udp dpt:tproxy ACCEPT tcp -- anywhere anywhere tcp dptop3 ACCEPT udp -- anywhere anywhere udp dptop3 LSI all -- anywhere anywhere Chain LOG_FILTER (5 references) target prot opt source destination Chain LSI (2 references) target prot opt source destination LOG_FILTER all -- anywhere anywhere LOG tcp -- anywhere anywhere tcpflags: FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5 LOG level info prefix "Inbound " DROP tcp -- anywhere anywhere tcpflags: FIN,SYN,RST,ACK/SYN LOG tcp -- anywhere anywhere tcpflags: FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 LOG level info prefix "Inbound " DROP tcp -- anywhere anywhere tcpflags: FIN,SYN,RST,ACK/RST LOG icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5 LOG level info prefix "Inbound " DROP icmp -- anywhere anywhere icmp echo-request LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix "Inbound " DROP all -- anywhere anywhere Chain LSO (0 references) target prot opt source destination LOG_FILTER all -- anywhere anywhere LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix "Outbound " REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain OUTBOUND (3 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere netstat -tap: Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 *:50502 *:* LISTEN 1308/rpc.statd tcp 0 0 localhost:10024 *:* LISTEN 1508/amavisd (maste tcp 0 0 localhost:10025 *:* LISTEN 1612/master tcp 0 0 *:mysql *:* LISTEN 1347/mysqld tcp 0 0 *:sunrpc *:* LISTEN 1123/rpcbind tcp 0 0 *:ndmp *:* LISTEN 1664/perl tcp 0 0 server.mutoh-seikats:domain *:* LISTEN 8506/named tcp 0 0 server.mutoh-seikats:domain *:* LISTEN 8506/named tcp 0 0 localhost:domain *:* LISTEN 8506/named tcp 0 0 *:ftp *:* LISTEN 1185/pure-ftpd (SER tcp 0 0 localhost:ipp *:* LISTEN 2084/cupsd tcp 0 0 localhost:rndc *:* LISTEN 8506/named tcp 0 0 *:smtp *:* LISTEN 1612/master tcp 0 0 *:db-lsp *:* LISTEN 2259/dropbox tcp 0 0 server.mutoh-seikatsu:56565 nrt19s11-in-f21.1e100:https TIME_WAIT - tcp 62 0 localhost:39435 localhost:10025 CLOSE_WAIT 1830/amavisd (ch1-a tcp 0 0 localhost:mysql localhost:45047 ESTABLISHED 1347/mysqld tcp 38 0 server.mutoh-seikatsu:37894 v-client-4b.sjc.dropb:https CLOSE_WAIT 2259/dropbox tcp 0 0 localhost:45047 localhost:mysql ESTABLISHED 1830/amavisd (ch1-a tcp 0 0 server.mutoh-seikatsu:56662 nrt19s11-in-f21.1e100:https ESTABLISHED 2371/firefox tcp 0 0 server.mutoh-seikatsu:33801 sjc-not20.sjc.dropbox.:http ESTABLISHED 2259/dropbox tcp 0 0 *:40429 *:* LISTEN 1308/rpc.statd tcp 0 0 *op3 *:* LISTEN 1553/couriertcpd tcp 0 0 *:imap *:* LISTEN 1521/couriertcpd tcp 0 0 *:sunrpc *:* LISTEN 1123/rpcbind tcp 0 0 *:webcache *:* LISTEN 1144/httpd tcp 0 0 *:http *:* LISTEN 1144/httpd tcp 0 0 *:tproxy *:* LISTEN 1144/httpd tcp 0 0 *:domain *:* LISTEN 8506/named tcp 0 0 *:ftp *:* LISTEN 1185/pure-ftpd (SER tcp 0 0 *:ipp *:* LISTEN 1/init tcp 0 0 localhost:rndc *:* LISTEN 8506/named tcp 0 0 *:smtp *:* LISTEN 1612/master tcp 0 0 *:https *:* LISTEN 1144/httpd tcp 0 0 *:imaps *:* LISTEN 1543/couriertcpd tcp 0 0 *op3s *:* LISTEN 1562/couriertcpd netstat -uap: Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name udp 0 0 *:ipp *:* 1/init udp 0 0 localhost:ldaps *:* 1308/rpc.statd udp 0 0 *:871 *:* 1123/rpcbind udp 0 0 *:db-lsp-disc *:* 2259/dropbox udp 0 0 *:mdns *:* 997/avahi-daemon udp 0 0 *:ndmp *:* 1664/perl udp 0 0 *:26734 *:* 3201/dhcpd udp 0 0 *:39846 *:* 1308/rpc.statd udp 0 0 *:60696 *:* 997/avahi-daemon udp 0 0 server.mutoh-seikatsu:domain *:* 8506/named udp 0 0 server.mutoh-seikatsu:domain *:* 8506/named udp 0 0 localhost:domain *:* 8506/named udp 0 0 *:bootps *:* 3201/dhcpd udp 0 0 *:sunrpc *:* 1123/rpcbind udp 0 0 *:ntp *:* 1020/chronyd udp 0 0 *:323 *:* 1020/chronyd udp 0 0 *:871 *:* 1123/rpcbind udp 0 0 *:43515 *:* 3201/dhcpd udp 0 0 *:60526 *:* 1308/rpc.statd udp 0 0 *:domain *:* 8506/named udp 0 0 *:sunrpc *:* 1123/rpcbind udp 0 0 *:ntp *:* 1020/chronyd udp 0 0 *:323 *:* 1020/chronyd
Am using firestarter for the firewall at the moment which setup a DHCP server that handles the internal network (wireless). If I need to get rid of firestarter, how to add the dhcp server and masquerading between internet - and local net?
Here is named.conf, note the allow-query line, when set to localhost the intodns reports that the server did not respond, when set to any, it responds but I get the error at recursive queries, anybody can use the dns server: options { listen-on port 53 { any; }; listen-on-v6 port 53 { any; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; recursion yes; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; include "/etc/named.conf.local";
