Everytime i make a dns record it puts peroids after the domain and replaces @ with peroids. and its making the dns records invalid. This is a fresh install. Also have a new issue. I can dig locally but if i try to dig on an external server i get servefails. This is a dedicated live front facing ip. There isnt any ports being blocked at all. Also did an external port scan and returned this. XXX.XXX.XXX.XX5 is responding on port 53 (domain).
The dns records are saved correctly, the problem is that you enterd the records wrong. All fully qualified domain name in dns for BIND has to end with a dot and @ is no dns record. If a dns record has no dot at the end, then it is a subbrecord of the zone. And what you refer to as @ record is the record for the zone itself, so if you create a zone for domain.tld, then the record that you refer to as @ is "domain.tld.". Either you block the dns port with a firewall or the dns records in the registry of the domain tld has not been changed yet to point to the new dns server.
Ive done the dig using the new nameserver to dig from and it doesnt work. Also i'm talking about entering the email address on the template page example: you enter [email protected] and the form saves it as test.test.com I also edited my first post saying i did a external port scan and its open.
Retrieving DNS records for abc123.com... DNS servers ns1.abc123.com [xxx.xxx.xxx.xxx] ns2.abc123.com [xxx.xxx.xxx.xxx] DNS server returned an error: Name server failed Answer records Authority records Additional records That was done using http://network-tools.com/
Then your dns is blocked b a firewall or you configured bins to listen only on localhost. Thats absolutely correct as mail addresses in dns records are saved in this way and ispconfig corrects your wrong input automatically. You might want to read a bit more about BIND dns file format before complaining that ispconfig handles this wrong.
Still the port scan is saying that its there also like you suggested i researched how bind works. "listen-on — Specifies the network interface on which named listens for queries. By default, all interfaces are used. " Everything is default. Unless ISPconfig changes that. I followed the guide on this website to the T.
The defaults depend on the Linux distribution you used and presets that might have been done by your internet provider, ispconfig does not set defaults for bind. To see if bind is listening on the correct interfaces, post the output of: netstat -tap | grep named and the output of: iptables -L
root@server1:/etc/bind# netstat -tap | grep named tcp 0 0 localhost:953 *:* LISTEN 14323/named tcp 0 0 server1.dynainte:domain *:* LISTEN 14323/named tcp 0 0 localhost:domain *:* LISTEN 14323/named tcp6 0 0 localhost:953 [::]:* LISTEN 14323/named tcp6 0 0 [::]:domain [::]:* LISTEN 14323/named root@server1:/etc/bind# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination fail2ban-courierimaps tcp -- anywhere anywhere multipo rt dports imaps fail2ban-sasl tcp -- anywhere anywhere multiport dport s smtp fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh fail2ban-pureftpd tcp -- anywhere anywhere multiport d ports ftp fail2ban-courierpop3s tcp -- anywhere anywhere multipo rt dports pop3s fail2ban-courierpop3 tcp -- anywhere anywhere multipor t dports pop3 fail2ban-courierimap tcp -- anywhere anywhere multipor t dports imap2 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain fail2ban-courierimap (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-courierimaps (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-courierpop3 (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-courierpop3s (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-pureftpd (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-sasl (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-ssh (1 references) target prot opt source destination RETURN all -- anywhere anywhere root@server1:/etc/bind# Also noted.. http://www.geektools.com/digtool.php ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 6 < if i use ns1.abc123.com ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 6 < if i use the ip of the server. Not sure if that matters or not.
Thats both ok. Please take alook into the syslog file in /var/log, are there any bind errors in there. According to your post above, you use a subdomain of the same zone as dns server name. This requires that you add glue records in the dns server of your provider were you registered the domain (not your ispconfig server). Have you added these glue records? http://en.wikipedia.org/wiki/Domain_Name_System#Circular_dependencies_and_glue_records
Aug 1 13:57:02 server1 named[394]: listening on IPv6 interfaces, port 53 Aug 1 13:57:02 server1 named[394]: listening on IPv4 interface lo, 127.0.0.1#53 Aug 1 13:57:02 server1 named[394]: listening on IPv4 interface venet0:0, xxx.xxx.xxx.xxx#53 Aug 1 13:57:02 server1 named[394]: generating session key for dynamic DNS Aug 1 13:57:02 server1 named[394]: set up managed keys zone for view _default, file 'managed-keys.bind' Aug 1 13:57:02 server1 named[394]: automatic empty zone: 254.169.IN-ADDR.ARPA Aug 1 13:57:02 server1 named[394]: automatic empty zone: 2.0.192.IN-ADDR.ARPA Aug 1 13:57:02 server1 named[394]: automatic empty zone: 100.51.198.IN-ADDR.ARPA Aug 1 13:57:02 server1 named[394]: automatic empty zone: 113.0.203.IN-ADDR.ARPA Aug 1 13:57:02 server1 named[394]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA Aug 1 13:57:02 server1 named[394]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA Aug 1 13:57:02 server1 named[394]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA Aug 1 13:57:02 server1 named[394]: automatic empty zone: D.F.IP6.ARPA Aug 1 13:57:02 server1 named[394]: automatic empty zone: 8.E.F.IP6.ARPA Aug 1 13:57:02 server1 named[394]: automatic empty zone: 9.E.F.IP6.ARPA Aug 1 13:57:02 server1 named[394]: automatic empty zone: A.E.F.IP6.ARPA Aug 1 13:57:02 server1 named[394]: automatic empty zone: B.E.F.IP6.ARPA Aug 1 13:57:02 server1 named[394]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA Aug 1 13:57:02 server1 named[394]: command channel listening on 127.0.0.1#953 Aug 1 13:57:02 server1 named[394]: command channel listening on ::1#953 Aug 1 13:57:02 server1 named[394]: zone 0.in-addr.arpa/IN: loaded serial 1 Aug 1 13:57:02 server1 named[394]: zone 127.in-addr.arpa/IN: loaded serial 1 Aug 1 13:57:02 server1 named[394]: zone 255.in-addr.arpa/IN: loaded serial 1 Aug 1 13:57:02 server1 named[394]: zone abc.com/IN: NS 'ns1.dynainternet.com' has no address records (A or AAAA) Aug 1 13:57:02 server1 named[394]: zone dynainternet.com/IN: NS 'ns2.abc.com' has no address records (A or AAAA) Aug 1 13:57:02 server1 named[394]: zone abc.com/IN: not loaded due to errors. Aug 1 13:57:02 server1 named[394]: zone localhost/IN: loaded serial 2 Aug 1 13:57:02 server1 named[394]: managed-keys-zone ./IN: loading from master file managed-keys.bind failed: file not found Aug 1 13:57:02 server1 named[394]: managed-keys-zone ./IN: loaded serial 0 Aug 1 13:57:02 server1 named[394]: running --- pri.abc.com zonefile in /etc/bind GNU nano 2.2.4 File: pri.abc.com $TTL 3600 @ IN SOA ns1.abc.com. dns.abc.com. ( 2012080102 ; serial, todays date + todays serial # 7200 ; refresh, seconds 540 ; retry, seconds 604800 ; expire, seconds 86400 ) ; minimum, seconds ; abc.com. 3600 A xxx.xxx.xxx.xxx abc.com. 3600 MX 10 mail.abc.com. abc.com. 3600 NS ns1.abc.com. abc.com. 3600 NS ns2.abc.com. mail 3600 A xxx.xxx.xxx.xxx www 3600 A xxx.xxx.xxx.xxx
You missed to add A-Records in the zone for ns1 and ns2 subrecords. Add the records: Type: A Hostname: ns1 IP address: 1.2.3.4 Active: yes and Type: A Hostname: ns2 IP address: 1.2.3.4 Active: yes
