DNS Problem - host not found: (SERVFAIL)

Discussion in 'Installation/Configuration' started by djesys, Jul 5, 2022.

  1. djesys

    djesys Member

    Hi there!
    I followed the tutorial for the ISPConfig auto-installer on Debian 11 and it installed flawlessly.
    Now, I having a major headache getting DNS to work.

    Code:
    lsb_release -a
    No LSB modules are available.
    Distributor ID:    Debian
    Description:    Debian GNU/Linux 11 (bullseye)
    Release:    11
    Codename:    bullseye
    
    1. Added nameserver to my DNS provider
    Screenshot 2022-07-05 at 23.41.35.png
    2. Created Zone and Record (screenshots)
    Screenshot 2022-07-05 at 23.45.27.png

    Screenshot 2022-07-05 at 23.43.51.png

    Dig Result:

    Code:
    oot@b0x:/etc/bind# dig @localhost cloud.counter.party
    
    ; <<>> DiG 9.16.27-Debian <<>> @localhost cloud.counter.party
    ; (2 servers found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 10712
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 1232
    ; COOKIE: 449012747b5ce4720100000062c4b1bce3a930686cb6a21c (good)
    ;; QUESTION SECTION:
    ;cloud.counter.party.        IN    A
    
    ;; Query time: 0 msec
    ;; SERVER: ::1#53(::1)
    ;; WHEN: Tue Jul 05 22:48:44 BST 2022
    ;; MSG SIZE  rcvd: 76
    
    Code:
    # host cloud.counter.party 185.XX.XXX.100
    Using domain server:
    Name: 185.XX.XXX.100
    Address: 185.XX.XXX.100#53
    Aliases:
    
    Host cloud.counter.party not found: 2(SERVFAIL)
    Code:
     systemctl status bind9.service
    ● named.service - BIND Domain Name Server
         Loaded: loaded (/lib/systemd/system/named.service; enabled; vendor preset: enabled)
         Active: active (running) since Tue 2022-07-05 16:16:54 BST; 6h ago
           Docs: man:named(8)
        Process: 20419 ExecReload=/usr/sbin/rndc reload (code=exited, status=0/SUCCESS)
       Main PID: 589 (named)
          Tasks: 8 (limit: 2336)
         Memory: 35.5M
            CPU: 15.977s
         CGroup: /system.slice/named.service
                 └─589 /usr/sbin/named -f -u bind
    
    Jul 05 22:52:47 b0x named[589]: network unreachable resolving 'ns2.counter.party/AAAA/IN': 2001:dcd:>
    Jul 05 22:52:47 b0x named[589]: network unreachable resolving 'ns2.counter.party/AAAA/IN': 2001:dcd:>
    Jul 05 22:52:47 b0x named[589]: network unreachable resolving 'ns2.counter.party/AAAA/IN': 2001:dcd:>
    Jul 05 22:52:47 b0x named[589]: network unreachable resolving 'ns1.counter.party/AAAA/IN': 2001:dcd:>
    Jul 05 22:52:47 b0x named[589]: lame server resolving 'ns2.counter.party' (in 'counter.party'?): 185>
    Jul 05 22:52:47 b0x named[589]: lame server resolving 'ns2.counter.party' (in 'counter.party'?): 185>
    Jul 05 22:52:47 b0x named[589]: lame server resolving 'ns1.counter.party' (in 'counter.party'?): 185>
    Jul 05 22:52:47 b0x named[589]: lame server resolving 'ns1.counter.party' (in 'counter.party'?): 185>
    Jul 05 22:52:57 b0x named[589]: lame server resolving 'counter.party' (in 'counter.party'?): 185.22.>
    Jul 05 22:52:57 b0x named[589]: lame server resolving 'counter.party' (in 'counter.party'?): 185.22.>
    lines 1-22/22 (END)
    Code:
    Jul  5 22:53:48 b0x kernel: [23842.117050] [UFW BLOCK] IN=ens3 OUT= MAC=00:16:3c:34:e8:c9:00:24:38:89:2f:00:08:00 SRC=89.248.163.240 DST=185.22.172.100 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=45908 PROTO=TCP SPT=55956 DPT=57860 WINDOW=1024 RES=0x00 SYN URGP=0
    Jul  5 22:54:01 b0x CRON[24152]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Jul  5 22:54:01 b0x CRON[24155]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Jul  5 22:54:04 b0x kernel: [23857.968633] [UFW BLOCK] IN=ens3 OUT= MAC=00:16:3c:34:e8:c9:00:24:38:89:2f:00:08:00 SRC=182.240.37.61 DST=185.22.172.100 LEN=40 TOS=0x00 PREC=0xE0 TTL=48 ID=52505 PROTO=TCP SPT=9823 DPT=23 WINDOW=2935 RES=0x00 SYN URGP=0
    Jul  5 22:54:26 b0x named[589]: network unreachable resolving 'vJWbUwAZsfKVLcxwcQMDooxQN1a4P.uribl.rspamd.com/A/IN': 2001:bc8:1e00:6f03::1#53
    Jul  5 22:54:28 b0x kernel: [23882.633471] [UFW BLOCK] IN=ens3 OUT= MAC=00:16:3c:34:e8:c9:00:24:38:89:2f:00:08:00 SRC=91.240.118.217 DST=185.22.172.100 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=30597 PROTO=TCP SPT=59202 DPT=21914 WINDOW=1024 RES=0x00 SYN URGP=0
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e94095840 152.89.162.24#61526 (ns2.counter.party): query (cache) 'ns2.counter.party/A/IN' denied
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c72ce90 152.89.162.24#11535 (ns1.counter.party): query (cache) 'ns1.counter.party/A/IN' denied
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c977880 152.89.162.24#62100 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c977880 152.89.162.24#51852 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c977880 152.89.162.24#30308 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e94095840 152.89.162.24#38052 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c72ce90 152.89.162.24#34033 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e94095840 152.89.162.24#20413 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c72ce90 152.89.162.24#25883 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e94095840 152.89.162.24#44308 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e94095840 152.89.162.24#40524 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
    Jul  5 22:54:35 b0x named[589]: network unreachable resolving 'bPM1OxuEq4NhEAA3q_UXxdnZ.email.rspamd.com/A/IN': 2a01:4f8:160:61e7::2#53
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c72ce90 152.89.162.24#12956 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c72ce90 152.89.162.24#64711 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c977880 152.89.162.24#6193 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e94095840 152.89.162.24#10170 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c977880 152.89.162.24#49503 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e94095840 152.89.162.24#43279 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e9406e880 152.89.162.24#65083 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
    Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c977880 152.89.162.24#49019 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
    Jul  5 22:54:39 b0x kernel: [23892.949987] [UFW BLOCK] IN=ens3 OUT= MAC=00:16:3c:34:e8:c9:00:24:38:89:2f:00:08:00 SRC=91.240.118.215 DST=185.22.172.100 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=62395 PROTO=TCP SPT=59151 DPT=20483 WINDOW=1024 RES=0x00 SYN URGP=0
    Jul  5 22:55:00 b0x kernel: [23914.008629] [UFW BLOCK] IN=ens3 OUT= MAC=00:16:3c:34:e8:c9:00:24:38:89:2f:00:08:00 SRC=144.126.243.51 DST=185.22.172.100 LEN=36 TOS=0x00 PREC=0x00 TTL=55 ID=26757 PROTO=UDP SPT=1409 DPT=123 LEN=16
    Jul  5 22:55:01 b0x CRON[24188]: (getmail) CMD (/usr/local/bin/run-getmail.sh > /dev/null 2>> /dev/null)
    Jul  5 22:55:01 b0x CRON[24189]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Jul  5 22:55:01 b0x CRON[24191]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Jul  5 22:55:01 b0x pure-ftpd: (?@::1) [INFO] New connection from ::1
    Jul  5 22:55:01 b0x pure-ftpd: (?@::1) [INFO] Logout.
    Jul  5 22:55:01 b0x mariadbd[737]: 2022-07-05 22:55:01 11701 [Warning] Aborted connection 11701 to db: 'unconnected' user: 'unauthenticated' host: 'localhost' (This connection closed normally without authentication)
    Jul  5 22:55:01 b0x dovecot: imap-login: Disconnected (disconnected before auth was ready, waited 0 secs): user=<>, rip=::1, lip=::1, secured, session=<n8SF5xXj9OQAAAAAAAAAAAAAAAAAAAAB>
    Firewall is open:
    Screenshot 2022-07-06 at 00.14.56.png

    I was using the same settings on a previews version of ISPC and it worked.
    Some help is very appreciated.

    thanks
     
    Last edited: Jul 6, 2022
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Remove the dot after 'cloud.' A-record. A dot is added in DNS only for FQDN (fully qualified domain) records. Plus you missed adding the dot in the MX record.

    It could not have worked with these typos, the way BIND works has not changed in many years.
     
  3. djesys

    djesys Member

     
  4. djesys

    djesys Member

    Thank you Till,

    I changed the Records.
    Screenshot 2022-07-06 at 11.36.56.png


    Unfortunately, Error now changed from SERVFAIL to REFUSED

    Code:
    host cloud.counter.party 185.xx.xxx.100
    Using domain server:
    Name: 185.xx.xxx.100
    Address: 185.xx.xxx.100#53
    Aliases:
    
    Host cloud.counter.party not found: 5(REFUSED)
    Code:
    dig @localhost cloud.counter.party
    
    ; <<>> DiG 9.10.6 <<>> @localhost cloud.counter.party
    ; (2 servers found)
    ;; global options: +cmd
    ;; connection timed out; no servers could be reached
    Code:
    Jul  6 10:34:46 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#42639 (ns2.counter.party): query (cache) 'ns2.counter.party/A/IN' denied
    Jul  6 10:34:46 b0x named[589]: client @0x7faac4977540 152.89.162.24#24394 (ns1.counter.party): query (cache) 'ns1.counter.party/A/IN' denied
    Jul  6 10:34:46 b0x named[589]: client @0x7faac4977540 152.89.162.24#40716 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
    Jul  6 10:34:47 b0x named[589]: client @0x7faac4977540 152.89.162.24#42108 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
    Jul  6 10:34:47 b0x named[589]: client @0x7faac49e0090 152.89.162.24#37553 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
    Jul  6 10:34:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#27902 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
    Jul  6 10:34:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#58740 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
    Jul  6 10:34:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#39035 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
    Jul  6 10:34:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#28515 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
    Jul  6 10:34:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#36340 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
    Jul  6 10:34:47 b0x named[589]: client @0x7faac49e0090 152.89.162.24#27274 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
    Jul  6 10:34:47 b0x named[589]: client @0x7faac49e0090 152.89.162.24#63257 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
    Jul  6 10:34:47 b0x named[589]: client @0x7faac4977540 152.89.162.24#15543 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
    Jul  6 10:34:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#34649 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
    Jul  6 10:34:47 b0x named[589]: client @0x7faac4977540 152.89.162.24#36291 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
    Jul  6 10:34:47 b0x named[589]: client @0x7faac4977540 152.89.162.24#57022 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
    Jul  6 10:34:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#23515 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
    Jul  6 10:34:47 b0x named[589]: client @0x7faac49e0090 152.89.162.24#57964 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
    Jul  6 10:34:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#34856 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
    Jul  6 10:34:48 b0x postfix/smtpd[1605]: connect from unknown[5.34.207.225]
    Jul  6 10:34:50 b0x named[589]: network unreachable resolving '_.127.zen.spamhaus.org/A/IN': 2a01:4f8:c17:aba4:d9:900b:3e:10f6#53
    Jul  6 10:34:50 b0x named[589]: network unreachable resolving '_.127.zen.spamhaus.org/A/IN': 2a05:9403::26e#53
    Jul  6 10:34:50 b0x named[589]: network unreachable resolving '_.127.zen.spamhaus.org/A/IN': 2a03:f80:36:194:71:130:18:b89b#53
    Jul  6 10:34:50 b0x named[589]: network unreachable resolving '_.0.127.zen.spamhaus.org/A/IN': 2a05:d014:1bf:db01:45c8:f4d6:6f50:360c#53
    Jul  6 10:34:50 b0x named[589]: network unreachable resolving '_.0.127.zen.spamhaus.org/A/IN': 2a05:9406::62#53
    Jul  6 10:34:50 b0x named[589]: network unreachable resolving '_.0.0.127.zen.spamhaus.org/A/IN': 2001:648:2000:340:68b:900d:39:b036#53
    Jul  6 10:34:50 b0x named[589]: network unreachable resolving '_.0.0.127.zen.spamhaus.org/A/IN': 2001:7c0:0:77::4#53
    Jul  6 10:34:50 b0x named[589]: network unreachable resolving '1.0.0.127.zen.spamhaus.org/A/IN': 2a03:f80:ed15:149:154:152:122:efa6#53
    Jul  6 10:34:50 b0x named[589]: network unreachable resolving '1.0.0.127.zen.spamhaus.org/A/IN': 2a01:4f8:c17:aba4:d9:900b:3e:10f6#53
    Jul  6 10:34:51 b0x postfix/smtpd[1600]: warning: unknown[5.34.207.225]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Jul  6 10:34:52 b0x postfix/smtpd[1600]: disconnect from unknown[5.34.207.225] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
    Jul  6 10:34:53 b0x postfix/smtpd[1600]: connect from unknown[5.34.207.225]
    Jul  6 10:34:59 b0x postfix/smtpd[1607]: connect from unknown[5.34.207.225]
    Jul  6 10:34:59 b0x postfix/smtpd[1605]: warning: unknown[5.34.207.225]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Jul  6 10:34:59 b0x postfix/smtpd[1605]: disconnect from unknown[5.34.207.225] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
    Jul  6 10:35:00 b0x named[589]: client @0x7faac49e0090 152.89.162.24#54877 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
    Jul  6 10:35:01 b0x CRON[1611]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Jul  6 10:35:01 b0x CRON[1612]: (getmail) CMD (/usr/local/bin/run-getmail.sh > /dev/null 2>> /dev/null)
    Jul  6 10:35:01 b0x CRON[1613]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
    Jul  6 10:35:02 b0x pure-ftpd: (?@::1) [INFO] New connection from ::1
    Jul  6 10:35:02 b0x pure-ftpd: (?@::1) [INFO] Logout.
    Jul  6 10:35:02 b0x mariadbd[741]: 2022-07-06 10:35:02 115 [Warning] Aborted connection 115 to db: 'unconnected' user: 'unauthenticated' host: 'localhost' (This connection closed normally without authentication)
    Jul  6 10:35:02 b0x postfix/smtpd[1605]: connect from localhost[::1]
    Jul  6 10:35:02 b0x postfix/smtpd[1605]: lost connection after CONNECT from localhost[::1]
    Jul  6 10:35:02 b0x postfix/smtpd[1605]: disconnect from localhost[::1] commands=0/0
    Code:
    systemctl status bind9.service
    ● named.service - BIND Domain Name Server
         Loaded: loaded (/lib/systemd/system/named.service; enabled; vendor preset: enabled)
         Active: active (running) since Wed 2022-07-06 10:32:57 BST; 33min ago
           Docs: man:named(8)
       Main PID: 589 (named)
          Tasks: 8 (limit: 2336)
         Memory: 34.2M
            CPU: 2.449s
         CGroup: /system.slice/named.service
                 └─589 /usr/sbin/named -f -u bind
    
    Jul 06 11:05:47 b0x named[589]: client @0x7faac49e0090 152.89.162.24#53090 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
    Jul 06 11:05:47 b0x named[589]: client @0x7faac4765c20 152.89.162.24#13728 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
    Jul 06 11:05:47 b0x named[589]: client @0x7faac4765c20 152.89.162.24#15671 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
    Jul 06 11:05:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#6236 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
    Jul 06 11:05:47 b0x named[589]: client @0x7faac4765c20 152.89.162.24#13409 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
    Jul 06 11:05:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#15278 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
    Jul 06 11:05:47 b0x named[589]: client @0x7faac4765c20 152.89.162.24#28496 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
    Jul 06 11:05:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#64794 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
    Jul 06 11:05:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#41110 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
    Jul 06 11:05:47 b0x named[589]: client @0x7faac4765c20 152.89.162.24#31226 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
     
    Last edited: Jul 8, 2022
  5. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    My signature has link to DNS Setup guide. It has troubleshooting instructions.
    Is there a file ending with .err in /etc/bind/ directory?
     
  6. djesys

    djesys Member

    I did read your instructions, but i am not finding a solution.
    there are .err files, but from a different zone.
    Should I post the contents of those files ? thanks

    Code:
    root@b0x:/etc/bind# ls -l
    total 60
    -rw-r--r-- 1 root root 1991 Mar 14 14:25 bind.keys
    -rw-r--r-- 1 root root  237 Mar 14 14:25 db.0
    -rw-r--r-- 1 root root  271 Mar 14 14:25 db.127
    -rw-r--r-- 1 root root  237 Mar 14 14:25 db.255
    -rw-r--r-- 1 root root  353 Mar 14 14:25 db.empty
    -rw-r--r-- 1 root root  270 Mar 14 14:25 db.local
    -rw-r--r-- 1 root bind  463 Mar 14 14:25 named.conf
    -rw-r--r-- 1 root bind  498 Mar 14 14:25 named.conf.default-zones
    -rw-r--r-- 1 root bind    1 Jul  6 10:32 named.conf.local
    -rw-r--r-- 1 root bind  907 Jul  5 13:19 named.conf.options
    -rw-r--r-- 1 root bind  832 Jul  6 10:32 pri.counter.party
    -rw-r--r-- 1 root bind  400 Jul  5 14:53 pri.viajah.com.err
    -rw-r----- 1 bind bind  100 Jul  5 13:08 rndc.key
    drwxrws--- 2 root bind 4096 Jul  5 13:19 slave
    -rw-r--r-- 1 root root 1317 Mar 14 14:25 zones.rfc1918
    Code:
    grep named /var/log/syslog
    ....
    
    
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'robotns2.second-ns.de/A/IN': 2001:67c:192c::add:b3#53
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.first-ns.de/A/IN': 2001:67c:192c::add:b3#53
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.first-ns.de/AAAA/IN': 2001:67c:192c::add:b3#53
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.first-ns.de/A/IN': 2a01:4f8:0:a101::b:1#53
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.first-ns.de/AAAA/IN': 2a01:4f8:0:a101::b:1#53
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.first-ns.de/A/IN': a01:4f8:d0a:2006::2#53
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.first-ns.de/AAAA/IN': 2a01:4f8:d0a:2006::2#53
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'robotns2.second-ns.de/AAAA/IN': 2001:67c:192c::add:b3#53
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'robotns2.second-ns.de/A/IN': 2a01:4f8:0:a101::b:1#53
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'robotns2.second-ns.de/AAAA/IN': 2a01:4f8:0:a101::b:1#53
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'robotns2.second-ns.de/A/IN': 2a01:4f8:d0a:2006::2#53
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'robotns2.second-ns.de/AAAA/IN': 2a01:4f8:d0a:2006::2#53
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns2.blocklist.de/AAAA/IN': 2a01:4f8:d0a:2004::2#53
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.blocklist.de/AAAA/IN': 2a01:4f8:d0a:2004::2#53
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.blocklist.de/AAAA/IN': 2001:67c:192c::add:a3#53
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.blocklist.de/AAAA/IN': 2a01:4f8:0:a101::a:1#53
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns2.blocklist.de/AAAA/IN': 2001:67c:192c::add:a3#53
    Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns2.blocklist.de/AAAA/IN': 2a01:4f8:0:a101::a:1#53
    Jul  7 19:15:53 b0x named[589]: SERVFAIL unexpected RCODE resolving '1.0.0.127.bl.blocklist.de/A/IN': 185.21.103.31#53
    Jul  7 19:15:53 b0x named[589]: SERVFAIL unexpected RCODE resolving '1.0.0.127.bl.blocklist.de/A/IN': 46.252.24.212#53
    Jul  7 19:18:33 b0x named[589]: network unreachable resolving '_.141.in-addr.arpa/A/IN': 2001:13c7:7010::53#53
    Jul  7 19:18:33 b0x named[589]: network unreachable resolving '_.141.in-addr.arpa/A/IN': 2001:500:87::87#53
    Jul  7 19:18:33 b0x named[589]: network unreachable resolving '_.141.in-addr.arpa/A/IN': 2620:37:e000::53#53
    Jul  7 19:18:33 b0x named[589]: network unreachable resolving '_.141.in-addr.arpa/A/IN': 2001:43f8:110::10#53
    Jul  7 19:18:33 b0x named[589]: network unreachable resolving '_.141.in-addr.arpa/A/IN': 2001:67c:e0::1#53
    Jul  7 19:18:33 b0x named[589]: network unreachable resolving '_.141.in-addr.arpa/A/IN': 2001:dd8:6::101#53
    Jul  7 19:18:34 b0x named[589]: network unreachable resolving '_.98.141.in-addr.arpa/A/IN': 2001:dd8:12::53#53
    Jul  7 19:18:34 b0x named[589]: network unreachable resolving '_.98.141.in-addr.arpa/A/IN': 2001:13c7:7002:3000::14#53
    Jul  7 19:18:34 b0x named[589]: network unreachable resolving '_.98.141.in-addr.arpa/A/IN': 2620:38:2000::53#53
    Jul  7 19:18:34 b0x named[589]: network unreachable resolving '_.98.141.in-addr.arpa/A/IN': 2001:500:14:6100:ad::1#53
    Jul  7 19:20:05 b0x named[589]: REFUSED unexpected RCODE resolving '24.66.125.45.in-addr.arpa/PTR/IN': 141.98.8.30#53
    Jul  7 19:20:05 b0x named[589]: REFUSED unexpected RCODE resolving '24.66.125.45.in-addr.arpa/PTR/IN': 141.98.8.31#53
    Jul  7 19:20:43 b0x named[589]: network unreachable resolving '125.45.in-addr.arpa/DS/IN': 2001:500:14:6050:ad::1#53
    Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'y.arin.net/A/IN': 2001:500:13::108#53
    Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'y.arin.net/AAAA/IN': 2001:500:13::108#53
    Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'y.arin.net/A/IN': 2001:500:14:6050:ad::1#53
    Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'y.arin.net/AAAA/IN': 2001:500:14:6050:ad::1#53
    Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'y.arin.net/A/IN': 2001:500:31::108#53
    Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'y.arin.net/AAAA/IN': 2001:500:31::108#53
    Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'y.arin.net/A/IN': 2001:500:a9::108#53
    Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'y.arin.net/AAAA/IN': 2001:500:a9::108#53
    Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'arin.authdns.ripe.net/A/IN': 2001:67c:e0::7#53
    Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'arin.authdns.ripe.net/AAAA/IN': 2001:67c:e0::7#53
    Jul  7 19:20:44 b0x named[589]: network unreachable resolving '125.45.in-addr.arpa/DS/IN': 2001:500:f0::63#53
    Jul  7 19:20:44 b0x named[589]: network unreachable resolving '125.45.in-addr.arpa/DS/IN': 2001:500:127::30#53
    Jul  7 19:20:44 b0x named[589]: network unreachable resolving '125.45.in-addr.arpa/DS/IN': 2001:500:13::63#53
    Jul  7 19:20:44 b0x named[589]: network unreachable resolving '125.45.in-addr.arpa/DS/IN': 2001:67c:e0::10#53
    Jul  7 19:22:23 b0x named[589]: network unreachable resolving '_.127.bip.virusfree.cz/A/IN': 2001:67c:15a0:4000:1:ea7:dead:beef#53
    Jul  7 19:22:23 b0x named[589]: network unreachable resolving '_.127.bip.virusfree.cz/A/IN': 2001:67c:1591:0:1:ea7:dead:beef#53
    Jul  7 19:22:23 b0x named[589]: network unreachable resolving 'nspuri.virusfree.cz/A/IN': 2a02:4a8:ac24:100::96:2#53
    Jul  7 19:22:23 b0x named[589]: network unreachable resolving 'nspuri.virusfree.cz/A/IN': 2001:1528:151::12#53
    Jul  7 19:22:23 b0x named[589]: network unreachable resolving 'nspuri.virusfree.cz/A/IN': 2a02:250:0:2c::228#53
    Jul  7 19:22:23 b0x named[589]: network unreachable resolving '1.0.0.127.bip.virusfree.cz/A/IN': 2001:67c:15a0:4000:1:ea7:dead:beef#53
    Jul  7 19:22:23 b0x named[589]: network unreachable resolving '1.0.0.127.bip.virusfree.cz/A/IN': 2001:67c:1591:0:1:ea7:dead:beef#53
    Jul  7 19:22:41 b0x named[589]: network unreachable resolving 'ns01.zencurity.com/A/IN': 2a06:d380:0:104::141#53
    Jul  7 19:22:41 b0x named[589]: network unreachable resolving 'ns01.zencurity.com/A/IN': 2a06:d380:0:101::141#53
    Jul  7 19:22:41 b0x named[589]: network unreachable resolving 'ns01.zencurity.com/AAAA/IN': 2a06:d380:0:101::141#53
    Jul  7 19:22:41 b0x named[589]: network unreachable resolving 'ns02.zencurity.com/AAAA/IN': 2a06:d380:0:101::141#53
    Jul  7 19:22:41 b0x named[589]: network unreachable resolving 'ns02.zencurity.com/A/IN': 2a06:d380:0:101::141#53
    Jul  7 19:22:41 b0x named[589]: network unreachable resolving 'zencurity.com/DS/IN': 2001:502:1ca1::30#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/A/IN': 2803:f800:50::6ca2:c194#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/AAAA/IN': 2803:f800:50::6ca2:c194#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/A/IN': 2a06:98c1:50::ac40:207e#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/AAAA/IN': 2a06:98c1:50::ac40:207e#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/A/IN': 2606:4700:58::adf5:3b94#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/AAAA/IN': 2606:4700:58::adf5:3b94#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/A/IN': 2803:f800:50::6ca2:c07e#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/AAAA/IN': 2803:f800:50::6ca2:c07e#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/A/IN': 2a06:98c1:50::ac40:2194#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/AAAA/IN': 2a06:98c1:50::ac40:2194#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/A/IN': 2606:4700:50::adf5:3a7e#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/AAAA/IN': 2606:4700:50::adf5:3a7e#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns1.digitalocean.com/A/IN': 2606:4700:50::adf5:3a7e#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns1.digitalocean.com/AAAA/IN': 2606:4700:50::adf5:3a7e#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns2.digitalocean.com/A/IN': 2606:4700:50::adf5:3a7e#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns2.digitalocean.com/AAAA/IN': 2606:4700:50::adf5:3a7e#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns1.digitalocean.com/A/IN': 2803:f800:50::6ca2:c194#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns1.digitalocean.com/AAAA/IN': 2803:f800:50::6ca2:c194#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns2.digitalocean.com/A/IN': 2803:f800:50::6ca2:c194#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns2.digitalocean.com/AAAA/IN': 2803:f800:50::6ca2:c194#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'monitoring.internet-measurement.com/A/IN': 2606:4700:58::adf5:3b3c#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'monitoring.internet-measurement.com/A/IN': 2803:f800:50::6ca2:c08f#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'monitoring.internet-measurement.com/A/IN': 2a06:98c1:50::ac40:213c#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'monitoring.internet-measurement.com/A/IN': 2a06:98c1:50::ac40:208f#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'monitoring.internet-measurement.com/A/IN': 2803:f800:50::6ca2:c13c#53
    Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'monitoring.internet-measurement.com/A/IN': 2606:4700:50::adf5:3a8f#53
    Jul  7 19:23:15 b0x named[589]: network unreachable resolving '_.dnsbl.manitu.net/A/IN': 2a03:4000:5c:d89::1#53
    Jul  7 19:23:15 b0x named[589]: network unreachable resolving 'dns03.manitu.de/A/IN': 2a00:1828:1000:1148::2#53
    Jul  7 19:23:15 b0x named[589]: network unreachable resolving '_.dnsbl.manitu.net/A/IN': 2a00:1828:1000:1148::2#53
    Jul  7 19:23:15 b0x named[589]: network unreachable resolving 'dns03.manitu.de/AAAA/IN': 2a00:1828:1000:1148::2#53
    Jul  7 19:23:15 b0x named[589]: network unreachable resolving 'dns03.manitu.de/A/IN': 2a00:1828:1000:1149::2#53
    Jul  7 19:23:15 b0x named[589]: network unreachable resolving '_.dnsbl.manitu.net/A/IN': 2a00:1828:1000:1149::2#53
    Jul  7 19:23:15 b0x named[589]: network unreachable resolving 'dns03.manitu.de/AAAA/IN': 2a00:1828:1000:1149::2#53
    Jul  7 19:23:16 b0x named[589]: network unreachable resolving '_.0.127.ix.dnsbl.manitu.net/A/IN': 2a00:e50:f155:a::10#53
    Jul  7 19:23:16 b0x named[589]: network unreachable resolving '_.0.127.ix.dnsbl.manitu.net/A/IN': 2a00:1828:2000:478::2#53
    Jul  7 19:23:16 b0x named[589]: network unreachable resolving '1.0.0.127.ix.dnsbl.manitu.net/A/IN': 2001:7c0:0:314::49#53
    Jul  7 19:23:16 b0x named[589]: network unreachable resolving '1.0.0.127.ix.dnsbl.manitu.net/A/IN': 2001:7c0:0:314::48#53
    Jul  7 19:23:16 b0x named[589]: network unreachable resolving '1.0.0.127.ix.dnsbl.manitu.net/A/IN': 2001:4dd0:100:1020:53:9:0:3#53
    Jul  7 19:25:13 b0x named[589]: client @0x7faabc04bf20 162.158.113.57#27809 (b0x.counter.party): query (cache) 'b0x.counter.party/AAAA/IN' denied
    Jul  7 19:25:20 b0x named[589]: client @0x7faabc04bf20 162.158.113.57#50540 (b0x.counter.party): query (cache) 'b0x.counter.party/A/IN' denied
    Jul  7 19:25:37 b0x named[589]: client @0x7faabc04bf20 162.158.113.57#10183 (cloud.counter.party): query (cache) 'cloud.counter.party/HTTPS/IN' denied
    Jul  7 19:25:37 b0x named[589]: client @0x7faac49d70b0 162.158.113.57#47009 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
    Jul  7 19:26:55 b0x named[589]: client @0x7faac49d70b0 162.158.113.57#18844 (b0x.counter.party): query (cache) 'b0x.counter.party/A/IN' denied
    Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:500:2f::f#53
    Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:500:2::c#53
    Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:7fe::53#53
    Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:500:200::b#53
    Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:7fd::1#53
    Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:500:2d::d#53
    Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:503:ba3e::2:30#53
    Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:500:1::53#53
    Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:500:12::d0d#53
    Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:dc3::35#53
    Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:503:c27::2:30#53
    Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:500:9f::42#53
    Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns2.outreachratio.com/AAAA/IN': 2001:500:a8::e#53
    Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns2.outreachratio.com/AAAA/IN': 2001:500:9f::42#53
    Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns2.outreachratio.com/AAAA/IN': 2001:500:2d::d#53
    Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:500:a8::e#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving '_.virusfree.cz/A/IN': 2001:678:f::1#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving '_.virusfree.cz/A/IN': 2001:678:1::1#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving '_.virusfree.cz/A/IN': 2001:678:10::1#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving '_.virusfree.cz/A/IN': 2001:678:11::1#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/A/IN': 2001:678:70::1#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/AAAA/IN': 2001:678:70::1#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/A/IN': 2a04:2b00:13ff::16#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/AAAA/IN': 2a04:2b00:13ff::16#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/A/IN': 2001:678:9c::1#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/AAAA/IN': 2001:678:9c::1#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/A/IN': 2001:678:90::1#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/AAAA/IN': 2001:678:90::1#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/A/IN': 2001:67c:13cc::1:16#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/AAAA/IN': 2001:67c:13cc::1:16#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/A/IN': 2a04:2b00:13ee::16#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/AAAA/IN': 2a04:2b00:13ee::16#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/A/IN': 2a04:2b00:13cc::1:16#53
    Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/AAAA/IN': 2a04:2b00:13cc::1:16#53
    root@b0x:/etc/bind# D
     
  7. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    No.
    What you should do is run named-checkzone. You can post the results of that, if the error messages are not obvious.
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

  9. djesys

    djesys Member

    There is no .err file, so I cannot run named-checkzone on it.
    please have one last look at these files, as I am out of ideas.

    Code:
    cat pri.counter.party
    $TTL        3600
    @       IN      SOA     ns1.counter.party. admin.counter.party. (
                            2022070602       ; serial, todays date + todays serial #
                            7200              ; refresh, seconds
                            540              ; retry, seconds
                            604800              ; expire, seconds
                            3600 )            ; minimum, seconds
    ;
    
    cloud 3600      A          185.xx.xxx.100
    ns1.counter.party. 3600      A          185.xx.xxx.100
    ns2.counter.party. 3600      A          185.xx.xxx.100
    counter.party. 3600      NS         ns1.counter.party.
    counter.party. 3600      NS         ns2.counter.party.
    counter.party. 3600      MX     10  b0x.counter.party.
    counter.party. 3600      TXT        "v=spf1 mx a ~all"
    counter.party. 3600      A          185.xx.xxx.100
    Code:
    dig @localhost cloud.counter.party
    
    ; <<>> DiG 9.16.27-Debian <<>> @localhost cloud.counter.party
    ; (2 servers found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 41685
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 1232
    ; COOKIE: 148235a5cc2201550100000062c80b2276f4b2c7fc582c86 (good)
    ;; QUESTION SECTION:
    ;cloud.counter.party.        IN    A
    
    ;; Query time: 24 msec
    ;; SERVER: ::1#53(::1)
    ;; WHEN: Fri Jul 08 11:46:58 BST 2022
    ;; MSG SIZE  rcvd: 76

    Code:
    host cloud.counter.party 185.xx.xxx.100
    Using domain server:
    Name: 185.xx.xxx.100
    Address: 185.xx.xxx.100#53
    Aliases:
    
    Host cloud.counter.party not found: 2(SERVFAIL)
    this seems ok:

    Code:
    host 185.22.172.100
    100.172.22.185.in-addr.arpa domain name pointer b0x.counter.party.
     
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    The zone file looks fine to me. Check if this zone file is included in the named.conf.local file. Then you might try to restart the server, or at least stop bind and ensure it's really stopped, it can happen that services hang in a way that they fail to load changed config files. then ensure to not try to start a service like bind using /etc/init.d/ on a current Linux system, always uses systemctl command, as services started by /etc/init.d/ script may fail to reload their config via systems. And finally, check your records for typos, it' snot the first time that a typo in the domain name has been overlooked :)
     
  11. djesys

    djesys Member


    name.conf.local is empty !! o_O

    what should I add there please ?

    pri.counter.party content ?
     
  12. Taleman

    Taleman Well-Known Member HowtoForge Supporter

  13. djesys

    djesys Member

    Hi,
    I have not edited any of those files. I simply ran the ISPC- Debian 11 autoinstaller script.
    So, it is ok that name.conf.local is empty ?

    Here the output of the test:

    Code:
    cat htf_report.txt
    
    ##### SERVER #####
    IP-address (as per hostname): ***.***.***.***
    [WARN] could not determine server's ip address by ifconfig
    [INFO] OS version is Debian GNU/Linux 11 (bullseye)
    
    [INFO] uptime:  13:45:24 up 2 days,  3:12,  1 user,  load average: 0.00, 0.03, 0.01
    
    [INFO] memory:
                   total        used        free      shared  buff/cache   available
    Mem:           1.9Gi       584Mi       110Mi        59Mi       1.3Gi       1.1Gi
    Swap:          975Mi          0B       975Mi
    
    [INFO] systemd failed services status:
      UNIT                     LOAD   ACTIVE SUB    DESCRIPTION
    ● clamav-freshclam.service loaded failed failed ClamAV virus database updater
    
    LOAD   = Reflects whether the unit definition was properly loaded.
    ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
    SUB    = The low-level unit activation state, values depend on unit type.
    1 loaded units listed.
    
    [INFO] ISPConfig is installed.
    
    ##### ISPCONFIG #####
    ISPConfig version is 3.2.8p1
    
    
    ##### VERSION CHECK #####
    
    [INFO] php (cli) version is 7.4.30
    [INFO] php-cgi (used for cgi php in default vhost!) is version 7.4.30
    
    ##### PORT CHECK #####
    
    [WARN] Port 22 (SSH server) seems NOT to be listening
    
    ##### MAIL SERVER CHECK #####
    
    
    ##### RUNNING SERVER PROCESSES #####
    
    [INFO] I found the following web server(s):
        Apache 2 (PID 1084)
    [INFO] I found the following mail server(s):
        Postfix (PID 1544)
    [INFO] I found the following pop3 server(s):
        Dovecot (PID 584)
    [INFO] I found the following imap server(s):
        Dovecot (PID 584)
    [INFO] I found the following ftp server(s):
        PureFTP (PID 1245)
    
    ##### LISTENING PORTS #####
    (only        ()
    Local        (Address)
    [anywhere]:25        (1544/master)
    [localhost]:953        (589/named)
    [anywhere]:4190        (584/dovecot)
    [anywhere]:993        (584/dovecot)
    [anywhere]:995        (584/dovecot)
    [localhost]:11332        (605/rspamd:)
    [localhost]:11333        (605/rspamd:)
    [localhost]:11334        (605/rspamd:)
    [localhost]:10023        (814/postgrey)
    [anywhere]:4874        (676/sshd:)
    [anywhere]:587        (1544/master)
    [localhost]:6379        (602/redis-server)
    [localhost]:11211        (588/memcached)
    [anywhere]:110        (584/dovecot)
    [anywhere]:143        (584/dovecot)
    [anywhere]:465        (1544/master)
    [anywhere]:21        (1245/pure-ftpd)
    ***.***.***.***:53        (589/named)
    ***.***.***.***:53        (589/named)
    [localhost]:53        (589/named)
    [localhost]:53        (589/named)
    *:*:*:*::*:25        (1544/master)
    *:*:*:*::*:953        (589/named)
    *:*:*:*::*:443        (1084/apache2)
    *:*:*:*::*:4190        (584/dovecot)
    *:*:*:*::*:993        (584/dovecot)
    *:*:*:*::*:995        (584/dovecot)
    *:*:*:*::*:11332        (605/rspamd:)
    *:*:*:*::*:11333        (605/rspamd:)
    *:*:*:*::*:11334        (605/rspamd:)
    *:*:*:*::*:10023        (814/postgrey)
    *:*:*:*::*:3306        (741/mariadbd)
    *:*:*:*::*:4874        (676/sshd:)
    *:*:*:*::*:587        (1544/master)
    *:*:*:*::*:6379        (602/redis-server)
    [localhost]10        (584/dovecot)
    [localhost]43        (584/dovecot)
    *:*:*:*::*:8080        (1084/apache2)
    *:*:*:*::*:80        (1084/apache2)
    *:*:*:*::*:465        (1544/master)
    *:*:*:*::*:8081        (1084/apache2)
    *:*:*:*::*:21        (1245/pure-ftpd)
    *:*:*:*::*:53        (589/named)
    *:*:*:*::*:53        (589/named)
    *:*:*:*::**:*:*:*::*53        (589/named)
    *:*:*:*::**:*:*:*::*53        (589/named)
    
    
    
    
    ##### IPTABLES #####
    Chain INPUT (policy DROP)
    target     prot opt source               destination
    f2b-postfix-sasl  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 25
    ufw-before-logging-input  all  --  [anywhere]/0            [anywhere]/0
    ufw-before-input  all  --  [anywhere]/0            [anywhere]/0
    ufw-after-input  all  --  [anywhere]/0            [anywhere]/0
    ufw-after-logging-input  all  --  [anywhere]/0            [anywhere]/0
    ufw-reject-input  all  --  [anywhere]/0            [anywhere]/0
    ufw-track-input  all  --  [anywhere]/0            [anywhere]/0
    
    Chain FORWARD (policy DROP)
    target     prot opt source               destination
    ufw-before-logging-forward  all  --  [anywhere]/0            [anywhere]/0
    ufw-before-forward  all  --  [anywhere]/0            [anywhere]/0
    ufw-after-forward  all  --  [anywhere]/0            [anywhere]/0
    ufw-after-logging-forward  all  --  [anywhere]/0            [anywhere]/0
    ufw-reject-forward  all  --  [anywhere]/0            [anywhere]/0
    ufw-track-forward  all  --  [anywhere]/0            [anywhere]/0
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination
    ufw-before-logging-output  all  --  [anywhere]/0            [anywhere]/0
    ufw-before-output  all  --  [anywhere]/0            [anywhere]/0
    ufw-after-output  all  --  [anywhere]/0            [anywhere]/0
    ufw-after-logging-output  all  --  [anywhere]/0            [anywhere]/0
    ufw-reject-output  all  --  [anywhere]/0            [anywhere]/0
    ufw-track-output  all  --  [anywhere]/0            [anywhere]/0
    
    Chain f2b-postfix-sasl (1 references)
    target     prot opt source               destination
    REJECT     all  --  ***.***.***.***         [anywhere]/0            reject-with icmp-port-unreachable
    RETURN     all  --  [anywhere]/0            [anywhere]/0
    
    Chain ufw-after-forward (1 references)
    target     prot opt source               destination
    
    Chain ufw-after-input (1 references)
    target     prot opt source               destination
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:137
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:138
    ufw-skip-to-policy-input  tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:139
    ufw-skip-to-policy-input  tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:445
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:67
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:68
    ufw-skip-to-policy-input  all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type BROADCAST
    
    Chain ufw-after-logging-forward (1 references)
    target     prot opt source               destination
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
    
    Chain ufw-after-logging-input (1 references)
    target     prot opt source               destination
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
    
    Chain ufw-after-logging-output (1 references)
    target     prot opt source               destination
    
    Chain ufw-after-output (1 references)
    target     prot opt source               destination
    
    Chain ufw-before-forward (1 references)
    target     prot opt source               destination
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 3
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 11
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 12
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 8
    ufw-user-forward  all  --  [anywhere]/0            [anywhere]/0
    
    Chain ufw-before-input (1 references)
    target     prot opt source               destination
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
    ufw-logging-deny  all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID
    DROP       all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 3
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 11
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 12
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 8
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp spt:67 dpt:68
    ufw-not-local  all  --  [anywhere]/0            [anywhere]/0
    ACCEPT     udp  --  [anywhere]/0            ***.***.***.***          udp dpt:5353
    ACCEPT     udp  --  [anywhere]/0            ***.***.***.***      udp dpt:1900
    ufw-user-input  all  --  [anywhere]/0            [anywhere]/0
    
    Chain ufw-before-logging-forward (1 references)
    target     prot opt source               destination
    
    Chain ufw-before-logging-input (1 references)
    target     prot opt source               destination
    
    Chain ufw-before-logging-output (1 references)
    target     prot opt source               destination
    
    Chain ufw-before-output (1 references)
    target     prot opt source               destination
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
    ufw-user-output  all  --  [anywhere]/0            [anywhere]/0
    
    Chain ufw-logging-allow (0 references)
    target     prot opt source               destination
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] "
    
    Chain ufw-logging-deny (2 references)
    target     prot opt source               destination
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID limit: avg 3/min burst 10
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
    
    Chain ufw-not-local (1 references)
    target     prot opt source               destination
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type LOCAL
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type MULTICAST
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type BROADCAST
    ufw-logging-deny  all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10
    DROP       all  --  [anywhere]/0            [anywhere]/0
    
    Chain ufw-reject-forward (1 references)
    target     prot opt source               destination
    
    Chain ufw-reject-input (1 references)
    target     prot opt source               destination
    
    Chain ufw-reject-output (1 references)
    target     prot opt source               destination
    
    Chain ufw-skip-to-policy-forward (0 references)
    target     prot opt source               destination
    DROP       all  --  [anywhere]/0            [anywhere]/0
    
    Chain ufw-skip-to-policy-input (7 references)
    target     prot opt source               destination
    DROP       all  --  [anywhere]/0            [anywhere]/0
    
    Chain ufw-skip-to-policy-output (0 references)
    target     prot opt source               destination
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0
    
    Chain ufw-track-forward (1 references)
    target     prot opt source               destination
    
    Chain ufw-track-input (1 references)
    target     prot opt source               destination
    
    Chain ufw-track-output (1 references)
    target     prot opt source               destination
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            ctstate NEW
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            ctstate NEW
    
    Chain ufw-user-forward (1 references)
    target     prot opt source               destination
    
    Chain ufw-user-input (1 references)
    target     prot opt source               destination
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:21
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:22
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:25
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:53
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:80
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:110
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:143
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:443
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:465
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:587
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:993
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:995
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:3306
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:4190
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:8080
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:8081
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 40110:40210
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp dpt:53
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:4874
    
    Chain ufw-user-limit (0 references)
    target     prot opt source               destination
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
    REJECT     all  --  [anywhere]/0            [anywhere]/0            reject-with icmp-port-unreachable
    
    Chain ufw-user-limit-accept (0 references)
    target     prot opt source               destination
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0
    
    Chain ufw-user-logging-forward (0 references)
    target     prot opt source               destination
    
    Chain ufw-user-logging-input (0 references)
    target     prot opt source               destination
    
    Chain ufw-user-logging-output (0 references)
    target     prot opt source               destination
    
    Chain ufw-user-output (1 references)
    target     prot opt source               destination
    
    
    
    
    ##### LET'S ENCRYPT #####
    [WARN] You have both certbot and acme.sh installed. This can lead to problems.
    Certbot: /usr/bin/letsencrypt
    acme.sh: /root/.acme.sh/acme.sh
    
     
  14. till

    till Super Moderator Staff Member ISPConfig Developer

    As @Taleman mentioned, do not add anything manually to this file on an ISPConfig system. Use debug mode in ISPConfig to find out why the file can not be written.

    https://www.faqforge.com/linux/debugging-ispconfig-3-server-actions-in-case-of-a-failure/

    1) Enable debug mode and comment out server.sh in root crontab.
    2) Change something in the zone. e.g. add a new A-Record for 'test' or something similar.
    3) Run server.sh script as root and post the result that you get on the shell here in the forum.
     
  15. djesys

    djesys Member

    o

    Code:
    08.07.2022-14:04 - DEBUG [plugins.inc:155] - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
    08.07.2022-14:04 - DEBUG [server:177] - Found 3 changes, starting update process.
    08.07.2022-14:04 - DEBUG [plugins.inc:118] - Calling function 'rr_update' from plugin 'bind_plugin' raised by event 'dns_rr_update'.
    08.07.2022-14:04 - DEBUG [system.inc:2399] - safe_exec cmd: named-checkzone 'counter.party.' '/etc/bind/pri.counter.party' - return code: 0
    08.07.2022-14:04 - DEBUG [bind plugin.inc:346] - Writing BIND domain file: /etc/bind/pri.counter.party
    08.07.2022-14:04 - WARNING - DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
    DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
    08.07.2022-14:04 - DEBUG [bind plugin.inc:592] - Writing BIND named.conf.local file: /etc/bind/named.conf.local
    08.07.2022-14:04 - DEBUG [modules.inc:240] - Processed datalog_id 75
    08.07.2022-14:04 - DEBUG [plugins.inc:118] - Calling function 'soa_update' from plugin 'bind_plugin' raised by event 'dns_soa_update'.
    08.07.2022-14:04 - DEBUG [system.inc:2399] - safe_exec cmd: named-checkzone 'counter.party.' '/etc/bind/pri.counter.party' - return code: 0
    08.07.2022-14:04 - DEBUG [bind plugin.inc:346] - Writing BIND domain file: /etc/bind/pri.counter.party
    08.07.2022-14:04 - WARNING - DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
    DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
    08.07.2022-14:04 - DEBUG [bind plugin.inc:592] - Writing BIND named.conf.local file: /etc/bind/named.conf.local
    08.07.2022-14:04 - DEBUG [modules.inc:240] - Processed datalog_id 76
    08.07.2022-14:04 - DEBUG [plugins.inc:118] - Calling function 'rr_insert' from plugin 'bind_plugin' raised by event 'dns_rr_insert'.
    08.07.2022-14:04 - DEBUG [system.inc:2399] - safe_exec cmd: named-checkzone 'counter.party.' '/etc/bind/pri.counter.party' - return code: 0
    08.07.2022-14:04 - DEBUG [bind plugin.inc:346] - Writing BIND domain file: /etc/bind/pri.counter.party
    08.07.2022-14:04 - WARNING - DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
    DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
    08.07.2022-14:04 - DEBUG [bind plugin.inc:592] - Writing BIND named.conf.local file: /etc/bind/named.conf.local
    08.07.2022-14:04 - DEBUG [modules.inc:240] - Processed datalog_id 77
    08.07.2022-14:04 - DEBUG [services.inc:56] - Calling function 'restartBind' from module 'dns_module'.
    08.07.2022-14:04 - DEBUG [system.inc:2082] - Trying to use Systemd to restart service
    08.07.2022-14:04 - DEBUG [system.inc:2399] - safe_exec cmd: systemctl is-enabled 'named' 2>&1 - return code: 0
    08.07.2022-14:04 - DEBUG [server:217] - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
    finished server.php.

    Let me guess - remove the lock and install haveged ?
     
  16. till

    till Super Moderator Staff Member ISPConfig Developer

    yes. it seems as if you use a virtualized system that does not generate enough entropy to use dnssec. There is no lock, just install haveged, then do a change in the DNS zone, save that and check with server.sh if it works now.
     
  17. djesys

    djesys Member

    I installed haveged, enabled it and rebooted the server. no change. i will look into haveged and report back.

    Code:
    root@b0x:/etc/bind# /usr/local/ispconfig/server/server.sh
    08.07.2022-14:23 - DEBUG [plugins.inc:155] - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
    08.07.2022-14:23 - DEBUG [server:177] - Found 2 changes, starting update process.
    08.07.2022-14:23 - DEBUG [plugins.inc:118] - Calling function 'rr_delete' from plugin 'bind_plugin' raised by event 'dns_rr_delete'.
    08.07.2022-14:23 - DEBUG [system.inc:2399] - safe_exec cmd: named-checkzone 'counter.party.' '/etc/bind/pri.counter.party' - return code: 0
    08.07.2022-14:23 - DEBUG [bind plugin.inc:346] - Writing BIND domain file: /etc/bind/pri.counter.party
    08.07.2022-14:23 - WARNING - DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
    DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
    08.07.2022-14:23 - DEBUG [bind plugin.inc:592] - Writing BIND named.conf.local file: /etc/bind/named.conf.local
    08.07.2022-14:23 - DEBUG [modules.inc:240] - Processed datalog_id 83
    08.07.2022-14:23 - DEBUG [plugins.inc:118] - Calling function 'soa_update' from plugin 'bind_plugin' raised by event 'dns_soa_update'.
    08.07.2022-14:23 - DEBUG [system.inc:2399] - safe_exec cmd: named-checkzone 'counter.party.' '/etc/bind/pri.counter.party' - return code: 0
    08.07.2022-14:23 - DEBUG [bind plugin.inc:346] - Writing BIND domain file: /etc/bind/pri.counter.party
    08.07.2022-14:23 - WARNING - DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
    DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
    08.07.2022-14:23 - DEBUG [bind plugin.inc:592] - Writing BIND named.conf.local file: /etc/bind/named.conf.local
    08.07.2022-14:23 - DEBUG [modules.inc:240] - Processed datalog_id 84
    08.07.2022-14:23 - DEBUG [services.inc:56] - Calling function 'restartBind' from module 'dns_module'.
    08.07.2022-14:23 - DEBUG [system.inc:2082] - Trying to use Systemd to restart service
    08.07.2022-14:23 - DEBUG [system.inc:2399] - safe_exec cmd: systemctl is-enabled 'named' 2>&1 - return code: 0
    08.07.2022-14:23 - DEBUG [server:217] - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
    finished server.php.
    Code:
    root@b0x:/etc/bind# systemctl status haveged
    ● haveged.service - Entropy Daemon based on the HAVEGE algorithm
         Loaded: loaded (/lib/systemd/system/haveged.service; enabled; vendor preset: enabled)
         Active: active (running) since Fri 2022-07-08 14:22:24 BST; 1min 39s ago
           Docs: man:haveged(8)
                 http://www.issihosts.com/haveged/
       Main PID: 520 (haveged)
          Tasks: 1 (limit: 2336)
         Memory: 3.5M
            CPU: 337ms
         CGroup: /system.slice/haveged.service
                 └─520 /usr/sbin/haveged --Foreground --verbose=1
    
    Jul 08 14:22:24 b0x systemd[1]: Started Entropy Daemon based on the HAVEGE algorithm.
    Jul 08 14:22:24 b0x haveged[520]: haveged: command socket is listening at fd 3
    Jul 08 14:22:25 b0x haveged[520]: haveged: ver: 1.9.14; arch: x86; vend: GenuineIntel; build: (gcc 10.2.1 ITV); collect: 128K
    Jul 08 14:22:25 b0x haveged[520]: haveged: cpu: (L4 VC); data: 32K (L2 L4 V); inst: 32K (L2 L4 V); idx: 24/40; sz: 32154/54019
    Jul 08 14:22:25 b0x haveged[520]: haveged: tot tests(BA8): A:1/1 B:1/1 continuous tests(B):  last entropy estimate 7.99827
    Jul 08 14:22:25 b0x haveged[520]: haveged: fills: 0, generated: 0
     
  18. till

    till Super Moderator Staff Member ISPConfig Developer

    Maybe haveged needs a bit to provide enough entropy. Please post the result of the command:

    cat /proc/sys/kernel/random/entropy_avail

    The available entropy should be 200+
     
  19. djesys

    djesys Member

    256 and not going up
     
  20. till

    till Super Moderator Staff Member ISPConfig Developer

    That should be enough as it is above 200. Try changing the zone again, e.g. change a TTL should be enough, and then see if you still get that error.
     

Share This Page