DNS problem registro.br

Hello everybody.
Installed on the server as ISPConfig3 link:

http://www.howtoforge.com/perfect-s...n-6.0-with-bind-dovecot-and-nginx-ispconfig-3

After the installation, set up according to the link:

http://www.howtoforge.com/how-to-run-your-own-name-server-with-ispconfig-3-and-fast-hosts

In registro.br configured:

ns1.leandroangelo.com.br 1 IP server (master) 94.23.53.131

ns2.leandroangelo.com.br 2 server IP 94.23.75.204

But in this updating registro.br returns the error:

Master DNS server: Connection refused
Slave DNS Server 1: Time out

The sites:

http://leandroangelo.com.br
http://fundacaofreiluiz.org
Do not work.

Already http://reportertatu.com works perfectly.


Could someone give me a hint?


Grateful.

Note Using google translator.

 

If I am understanding this correctly, all three of the listed domains are yours?

You mention reportertatu.com works correctly. Looking at http://www.intodns.com/reportertatu.com - this domain uses Cloudflare as it's DNS provider. Cloudflare is a 3rd party DNS provider, so that domain isn't hosting its own name services anyway. Trying to compare the other two domains to it is irrelevant unless you move those domains name services to Cloudflare as well.

Looking at:
http://www.intodns.com/leandroangelo.com.br
and
http://www.intodns.com/fundacaofreiluiz.org

I would venture a guess that neither of those domains have their DNS zones set up properly in ISPConfig. Ensure that the zone has an A record and a corresponding NS record for the name server. It looks like you probably don't have the A records set up for ns1.leandroangelo.com.br and ns2.leandroangelo.com.br.

 

make sure the server it's self is listing on port 53 tcp/udp

try

dig @localhost reportertatu.com

 

Before using ISPConfig, I used the Kloxo and 3 domains, used as "DNS" and ns1.leandroangelo.com.br ns2.leandroangelo.com.br
* There was only one difference between them, I believe the time to configure ns for domain reportertatu.com I also added the IP's server.

Although use cloudflare, any change you make in reportertatu.com (files for this field are on the server where you installed the ispconfig) For example if you put a file on the server with any one index.html content and clear the cache cloudflare, the index.html page appears smoothly.

Do not know if you will understand what I can explain. Below are some pictures of the ISPConfig DNS tab.












Added the site to fundacaofreiluiz.org cloudflare and this did not detect the dns settings.



Thanks for the help.

 

<<>> DiG 9.7.3 <<>> @localhost reportertatu.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38193
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 0

;; QUESTION SECTION:
;reportertatu.com. IN A

;; ANSWER SECTION:
reportertatu.com. 300 IN A 141.101.116.88
reportertatu.com. 300 IN A 141.101.117.88

;; AUTHORITY SECTION:
reportertatu.com. 171642 IN NS fay.ns.cloudflare.com.
reportertatu.com. 171642 IN NS jeff.ns.cloudflare.com.

;; Query time: 14 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed May 1 07:24:33 2013
;; MSG SIZE rcvd: 117



____________________________________________________________


<>> DiG 9.7.3 <<>> @localhost fundacaofreiluiz.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 15596
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;fundacaofreiluiz.org. IN A

;; Query time: 101 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed May 1 07:26:56 2013
;; MSG SIZE rcvd: 38



____________________________________________________________


<<>> DiG 9.7.3 <<>> @localhost leandroangelo.com.br
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63143
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;leandroangelo.com.br. IN A

;; ANSWER SECTION:
leandroangelo.com.br. 3600 IN A 94.23.53.131

;; AUTHORITY SECTION:
leandroangelo.com.br. 3600 IN NS ns2.leandroangelo.com.br.
leandroangelo.com.br. 3600 IN NS ns1.leandroangelo.com.br.

;; ADDITIONAL SECTION:
ns1.leandroangelo.com.br. 86400 IN A 94.23.53.131
ns2.leandroangelo.com.br. 86400 IN A 94.23.53.204

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed May 1 07:27:44 2013
;; MSG SIZE rcvd: 122




I noticed that only see DNS settings for leandroangelo.com.br

It nescessário create a configuration dns for each domain?

 

Double- and triple-check your firewall on hosts 94.23.75.204 and 94.23.53.131.

DNS (port 53) is completely unreachable on those hosts.

 

Configured port on the server (was not active)

Server rebooted and the problem persists.

Print firewall ports.

 

Are you sure your IP addresses are correct?

Querying the root servers we see your name servers' IP addresses as follows:

ns2.leandroangelo.com.br. ['94.23.75.204'] [TTL=86400]
ns1.leandroangelo.com.br. ['94.23.53.131'] [TTL=86400]

Looking at the screenshots above you have the A record for ns2 different from what the root servers are reporting.

Regardless, in testing I still can not reach either IP address on port 53 via telnet, which indicates to me that no name server is listening on those ports or it is somehow blocked by firewall.

edit: Ridiculous question - can you make sure BIND is actually running? --> ps aux | grep named

 

The dns actually was incorrect.

Just fix ns2.leandroangelo.com.br for 94.23.75.204

Not sure if you asked me to run: ps aux | grep named

When running: ps aux | grep named

Got the answer:

root@servidor:~# ps aux | grep named
bind 2507 0.0 0.8 122624 15968 ? Ssl 23:45 0:00 /usr/sbin/named -u bind
root 4506 0.0 0.0 10148 816 pts/0 S+ 23:57 0:00 grep named

 

Alright, then bind is running.

Can you check your named.conf (or possibly named.conf.options) and verify what listen-on port and address bind is listening on?

It should look something like:

Code:

options {
     listen-on port 53 { any; }
     ...
     allow-query { any; };
     ...
};

 

No.
Is as follows in named.conf.options:

options {
directory "/var/cache/bind";

// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113

// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.

// forwarders {
// 0.0.0.0;
// };

auth-nxdomain no; # conform to RFC1035
listen-on-v6 { ::1; };
listen-on { 127.0.0.1; };
allow-recursion { 127.0.0.1; };

};

 

That would appear to be the problem.

Your nameservers are only listening to local requests only, which is why the outside world can't reach them. You need to change those lines, and the listen-on-v6 line if you have any ipv6 addresses you want to resolve on, to listen on the appropriate adapter address for that particular server. Once done, restart the bind service and test again.

 

I have no idea how to set / change the lines.
Could you give me a tip or a tutorial that teaches do this?

I do not intend to configure IPV6.

Grateful.

 

You can edit the file with your text editor of choice (vi, nano, emacs).

I would suggest for ease of use to change the localhost address listed to "any;" as per my previous example. After the changes are made, run "/etc/init.d/named restart" (or possibly "/etc/init.d/bind restart", I'm not sure how Debian installs the service) and then test to see if the outside world can resolve against your nameservers.