Hi all, I followed the guide in https://www.howtoforge.com/installi...tabase-servers-on-debian-5.0-with-ispconfig-3 along side referencing elements from https://www.howtoforge.com/tutorial...l-pureftpd-bind-postfix-doveot-and-ispconfig/ to do a new ispconfig3 installation. In more detail I have used LXC containers to isolate different functions of the server as follows: WEB1 (WEB ONLY) hosthame = web1.mydomain.com container IP: 10.0.0.10 public IP: XXX.YYY.ZZZ.1 WEBSITES: mydomain.com - My own main website sub.mydomain.com - A web application WEB2 (WEB AND DB) hostname = web2.mydomain.com container IP: 10.0.0.11 public IP: XXX.YYY.ZZZ.2 WEBSITES: another_domain.com - A small website that mainly displays some images (php) some_other_domain.com - A small website (some CMS) NS (DNS ONLY) hostname = ns.mydomain.com container IP: 10.0.0.15 public IP: XXX.YYY.ZZZ.3 PM (EMAIL ONLY) hostname = pm.mydomain.com container IP: 10.0.0.25 public IP: XXX.YYY.ZZZ.4 Will act as the mail server for all the websites hosted on WEB1 and WEB2 DB (DB ONLY) hostname = db.mydomain.com container IP: 10.0.0.9 All containers are UBUNTU 18.04 on a baremetal server running UBUNTU 18.04. The choice is purely based on familiarity, so please do not judge me on that The content of the file /etc/hosts for all containers includes the following (as per the debian guide above). Code: 10.0.0.15 ns.mydomain.com ns 10.0.5.25 pm.mydomain.com pm 10.0.0.9 db.mydomain.com db 10.0.5.10 host.mydomain.com host 10.0.5.11 guest.mydomain.com guest I am using IPTABLES to expose WEB1, WEB2, NS and PM using a script that looks like: Code: #!/bin/bash IP_LOC=10.0.0.10 IP_PUB=XXX.YYY.ZZZ.KKK iptables -t nat -I PREROUTING -d $IP_PUB -j DNAT --to-destination $IP_LOC iptables -t nat -I POSTROUTING -s $IP_LOC -j SNAT --to-source $IP_PUB I have defined 3 DNS Zones: Code: Server Zone NS ns.mydomain.com mydomain.com. ns1.mydomain.com. ns.mydomain.com another_domain.com. ns1.mydomain.com. ns.mydomain.com some_other_domain.com. ns1.mydomain.com. In more detail the different zones are defined as follows: For mydomain.com: Code: ACTIVE TYPE NAME DATA PRIORITY YES A WEB1 XXX.YYY.ZZZ.1 0 YES A WEB2 XXX.YYY.ZZZ.2 0 YES A ns XXX.YYY.ZZZ.3 0 YES A ns1 XXX.YYY.ZZZ.3 0 YES A ns2 XXX.YYY.ZZZ.3 0 YES A pm XXX.YYY.ZZZ.4 0 YES A mydomain.com. XXX.YYY.ZZZ.1 0 YES A www XXX.YYY.ZZZ.1 0 YES CNAME sub my-domain.com. 0 YES MX mydomain.com. pm.mydomain.com. 10 YES NS mydomain.com. ns1.mydomain.com. 0 YES NS mydomain.com. ns2.mydomain.com. 0 YES TXT mydomain.com. v=spf1 a mx ptr ip4:XXX.YYY.ZZZ.4 mx: pm.mydomain.com -all 0 For another_domain.com: Code: ACTIVE TYPE NAME DATA PRIORITY YES A another_domain.com. XXX.YYY.ZZZ.2 0 YES A www XXX.YYY.ZZZ.2 0 YES MX another_domain.com. pm.mydomain.com. 10 YES NS another_domain.com. ns1.mydomain.com. 0 YES NS another_domain.com. ns2.mydomain.com. 0 YES TXT another_domain.com. v=spf1 mx a ~all 0 For some_other_domain.com: Code: ACTIVE TYPE NAME DATA PRIORITY YES A some_other_domain.com. XXX.YYY.ZZZ.2 0 YES A www XXX.YYY.ZZZ.2 0 YES MX some_other_domain.com. pm.mydomain.com. 10 YES NS some_other_domain.com. ns1.mydomain.com. 0 YES NS some_other_domain.com. ns2.mydomain.com. 0 YES TXT some_other_domain.com. v=spf1 mx a ~all 0 The 3 domains (mydomain.com, another_domain.com and some_other_domain.com) are currenly hosted on a baremetal server that has a very similar setup (the difference is that WEB1 on the old server is acting as a WEB and DNS server, i.e. there is no DNS only container). To switch over the domains to the "new" server I did the following: The DNS servers for another_domain.com and some_other_domain.com (at the domain name registrar side) point to cloudflare and then on the cloudflare DNS, the proxy entries were changed to point to the public IP XXX.YYY.ZZZ.2. Both domains worked as expected (regarding serving the content of the web pages, email delivery is another task altogether that I will work on once the web part is functional). The DNS servers for mydomain.com (at the domain name registrar side) were changes to point to ns1.mydomain.com (XXX.YYY.ZZZ.3) and ns2.mydomain.com (XXX.YYY.ZZZ.3). After the settings were applied, browsing to mydomain.com did not work. I do understand that it takes time for the DNS servers to propagate etc. etc. However, I did check with OpenDNS cache check, and it was reporting the switch, in the form of a SERVFAIL. When I used the DNS check tool at https://mxtoolbox.com/ I get an "Loop detected! We were referred back to XXX.YYY.ZZZ.3" error. Note: To test that the data migration worked, I used a VM on my desktop, where I added the following to /etc/hosts: Code: XXX.YYY.ZZZ.1 host.mydomain.com XXX.YYY.ZZZ.2 guest.mydomain.com XXX.YYY.ZZZ.3 ns.mydomain.com XXX.YYY.ZZZ.4 pm.mydomain.com I then used systemd-resolve to set the DNS of the eth0 device DNS to: XXX.YYY.ZZZ.3 All websites functioned as expected under that setup. Any pointers towards establishing a working state are appreciated. Regards, GeorgeG
You have misconfigured your name servers. Verify the zones have NS records and every host that is given as name server must have A record. You could make the listings you post more readable by posting them in CODE tags.
Hi Teleman, I wrapped a few parts with the CODE tag to make the post a bit more readable. I thought this was done in the my-domain.com Zone (the one that I have the issue with) with the following records: Code: ACTIVE TYPE NAME DATA PRIORITY YES A ns1 XXX.YYY.ZZZ.3 0 YES A ns2 XXX.YYY.ZZZ.3 0 YES A mydomain.com. XXX.YYY.ZZZ.1 0 YES CNAME sub my-domain.com. 0 YES NS mydomain.com. ns1.mydomain.com. 0 YES NS mydomain.com. ns2.mydomain.com. 0 Is that is not defining NS records and the hosts A records? what should I be looking at? Regards, GeorgioG
Test like this: https://www.howtoforge.com/tutorial/setting-up-your-own-name-service-with-ispconfig/#nbsptesting You use both mydomain.com and my-domain.com. Are they different?
Hi Teleman, No, they are the same. It was just me mistyping over the original domain name. I've edited the posts so they show the correct names. I did the the tests as suggested, however, I could not see anything obvious... here is the output. Code: dog:~$ host mydomain.com XXX.YYY.ZZZ.3 Using domain server: Name: XXX.YYY.ZZZ.3 Address: XXX.YYY.ZZZ.3#53 Aliases: mydomain.com has address XXX.YYY.ZZZ.1 mydomain.com mail is handled by 10 pm.mydomain.com. and then... Code: dog:~$ dig @XXX.YYY.ZZZ.3 mydomain.com ; <<>> DiG 9.16.1-Ubuntu <<>> @XXX.YYY.ZZZ.3 mydomain.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10651 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX (good) ;; QUESTION SECTION: ;mydomain.com. IN A ;; ANSWER SECTION: mydomain.com. 3600 IN A XXX.YYY.ZZZ.1 ;; AUTHORITY SECTION: mydomain.com. 3600 IN NS ns1.mydomain.com. mydomain.com. 3600 IN NS ns2.mydomain.com. ;; ADDITIONAL SECTION: ns1.mydomain.com. 3600 IN A XXX.YYY.ZZZ.3 ns2.mydomain.com. 3600 IN A XXX.YYY.ZZZ.3 ;; Query time: 20 msec ;; SERVER: XXX.YYY.ZZZ.3#53(XXX.YYY.ZZZ.3) ;; WHEN: Mon Jun 29 15:32:15 BST 2020 ;; MSG SIZE rcvd: 152 Note: I do use the same IP for ns, ns1 and ns2 In the evening, I will change the DNS server IP for the domain to XXX.YYY.ZZZ.3 and re-do the tests just to see if the output is different. Regards, GeorgeG
