Bind Problem after Autoinstall Debian 12

Hi,

I have problems with bind after a clean ispconfig ibstall with the autoinstaller and standard setting on debian 12.

nslookup google.de
root@server1:~# nslookup google.de
;; communications error to 127.0.0.1#53: timed out
;; Got SERVFAIL reply from 127.0.0.1, trying next server

syslog


2023-11-20T19:51:02.924447+01:00 server1 named[1064]: shut down hung fetch while resolving '99.83.212.118.in-addr.arpa/PTR'
2023-11-20T19:51:07.930400+01:00 server1 named[1064]: shut down hung fetch while resolving '99.83.212.118.adsl-pool.jx.chinaunicom.com/A'
2023-11-20T19:51:08.752311+01:00 server1 named[1064]: shut down hung fetch while resolving '140.22.153.209.in-addr.arpa/PTR'
2023-11-20T19:51:12.938428+01:00 server1 named[1064]: shut down hung fetch while resolving '99.83.212.118.adsl-pool.jx.chinaunicom.com.your-server.de/A'
2023-11-20T19:51:14.788389+01:00 server1 named[1064]: shut down hung fetch while resolving '66.14.149.200.in-addr.arpa/PTR'
2023-11-20T19:51:18.764471+01:00 server1 named[1064]: shut down hung fetch while resolving 'wl22140.cin.net.your-server.de/A'
2023-11-20T19:51:20.802408+01:00 server1 named[1064]: shut down hung fetch while resolving '114.249.224.41.in-addr.arpa/PTR'
2023-11-20T19:51:21.158443+01:00 server1 named[1064]: shut down hung fetch while resolving '233.111.201.195.in-addr.arpa/PTR'
2023-11-20T19:51:25.072395+01:00 server1 named[1064]: shut down hung fetch while resolving '1.0.0.127.list.dnswl.org/A'
2023-11-20T19:51:27.388464+01:00 server1 named[1064]: shut down hung fetch while resolving '38.145.48.116.in-addr.arpa/PTR'
2023-11-20T19:51:31.188399+01:00 server1 named[1064]: shut down hung fetch while resolving '233.111.201.195.zen.spamhaus.org/A'
2023-11-20T19:51:32.398432+01:00 server1 named[1064]: shut down hung fetch while resolving '038.145.48.116.static.netvigator.com/A'
2023-11-20T19:51:34.450369+01:00 server1 named[1064]: shut down hung fetch while resolving '8.14.70.111.in-addr.arpa/PTR'
2023-11-20T19:51:36.306498+01:00 server1 named[1064]: shut down hung fetch while resolving '233.111.201.195.asn.rspamd.com/TXT'
2023-11-20T19:51:39.454389+01:00 server1 named[1064]: shut down hung fetch while resolving '111-70-14-8.emome-ip.hinet.net/A'
2023-11-20T19:51:45.898433+01:00 server1 named[1064]: shut down hung fetch while resolving '61.248.147.103.in-addr.arpa/PTR'
2023-11-20T19:51:50.380460+01:00 server1 named[1064]: shut down hung fetch while resolving '1.0.0.127.ix.dnsbl.manitu.net/A'
2023-11-20T19:51:51.896364+01:00 server1 named[1064]: shut down hung fetch while resolving '68.35.205.190.in-addr.arpa/PTR'
2023-11-20T19:51:56.900524+01:00 server1 named[1064]: shut down hung fetch while resolving '190.205.35.68.estatic.cantv.net/A'
2023-11-20T19:52:01.906438+01:00 server1 named[1064]: shut down hung fetch while resolving '190.205.35.68.estatic.cantv.net.your-server.de/A'
2023-11-20T19:52:30.288477+01:00 server1 named[1064]: shut down hung fetch while resolving '1.0.0.127.bl.blocklist.de/A'
2023-11-20T19:53:38.344481+01:00 server1 named[1064]: shut down hung fetch while resolving '1.0.0.127.bl.ipv6.spameatingmonkey.net/A'
2023-11-20T19:54:23.486488+01:00 server1 named[1064]: shut down hung fetch while resolving 'r3.o.lencr.org/A'
2023-11-20T19:54:23.486561+01:00 server1 named[1064]: shut down hung fetch while resolving 'r3.o.lencr.org/AAAA'
2023-11-20T19:54:25.564449+01:00 server1 named[1064]: shut down hung fetch while resolving '1.0.0.127.zen.spamhaus.org/A'

resolv.conf
root@server1:~# ls -l /etc/resolv.conf
lrwxrwxrwx 1 root root 29 Nov 19 21:21 /etc/resolv.conf -> ../run/resolvconf/resolv.conf


root@server1:~# cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "resolvectl status" to see details about the actual nameservers.


nameserver 127.0.0.1
nameserver 185.12.64.1
nameserver 185.12.64.2
search your-server.de

the resolve was automatically configured. during debian 12 minimal

netstat shows correct bind binding to 53 and firerwall allows udp 53

root@server1:~# cat /etc/bind/named.conf.options
options {
directory "/var/cache/bind";

// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113

// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.

// forwarders {
// 0.0.0.0;
// };

//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================

version "unknown";

allow-transfer {none;};

auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};

Could you help me? What about the resolv.conf? Looks wrong to me. Regarding to https://forum.howtoforge.de/threads/wie-nameserver-unter-serverconfig-einstellen-ubuntu-18-04.11564/

bind9 service is up and running

 

wget -O - https://get.ispconfig.org | sh -s -- --use-ftp-ports=40110-40210 --unattended-upgrades

all firewalls are open for 53 udp and if i manually delete the 127.0.0.1 then the resolving is fine. but i want to use bind to resolve but connection to bind looks damaged

 

Ok i added the nameserver of the datacenter of my server to the forward in named.conf.options for bind. this works now. and actually i am not able to resolve dns requests with any other than the datacenter nameservers. i.e. google is not working as well. doesnt look like an ispconfig problem but do you have any idea why.