Hello, I'm having an issue with Bind9 and ISPconfig3. When I create or modify a DNS record in ISPconfig3, the change gets quickly reflected in the Bind9 zone configuration file. However, if I query the record using nslookup, I don't get the updated response until I restart the Bind9 service. I would also like to emphasize that the issue persists even if I manually modify the zone configuration file and change the zone's serial number. Therefore, it seems that ISPconfig does not have an impact on this situation. I'm using Debian 10 with Bind version 9.11.5-P4-5.1+deb10u8-Debian Here's what I have already checked: Changes to DNS records in ISPconfig3 properly propagate to the Bind9 zone configuration file. When using the 'nslookup' command, the unupdated response is returned until the Bind9 service is restarted. After restarting the Bind9 service, the changes are correctly applied, and the nslookup response is up to date. I would like to achieve real-time propagation of DNS changes without having to manually restart the Bind9 service. Can someone please advise me on how to properly set this up? I would also like to mention that currently, I have a script in place that automatically restarts the Bind9 service every 15 minutes. However, this is not an ideal solution as it results in unnecessary service restarts even when no changes have been made. I am looking for a more efficient and reliable way to ensure real-time propagation of DNS changes without the need for manual restarts of the Bind9 service. Thank you very much for your assistance! I would also like to share the output of a test script for ISPconfig3: Code: ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] OS version is Debian GNU/Linux 10 (buster) [INFO] uptime: 15:23:55 up 75 days, 1:04, 1 user, load average: 0.00, 0.00, 0.00 [INFO] memory: total used free shared buff/cache available Mem: 2.4Gi 731Mi 236Mi 24Mi 1.4Gi 1.4Gi Swap: 0B 0B 0B [INFO] systemd failed services status: 0 loaded units listed. Pass --all to see loaded but inactive units, too. To show all installed unit files use 'systemctl list-unit-files'. [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.2.7p1 ##### VERSION CHECK ##### [INFO] php (cli) version is 7.3.27-1~deb10u1 ##### PORT CHECK ##### [WARN] Port 8080 (ISPConfig) seems NOT to be listening [WARN] Port 8081 (ISPConfig Apps) seems NOT to be listening [WARN] Port 80 (Webserver) seems NOT to be listening [WARN] Port 443 (Webserver SSL) seems NOT to be listening [WARN] Port 143 (IMAP server) seems NOT to be listening [WARN] Port 993 (IMAP server SSL) seems NOT to be listening [WARN] Port 110 (POP3 server) seems NOT to be listening [WARN] Port 995 (POP3 server SSL) seems NOT to be listening [WARN] Port 25 (SMTP server) seems NOT to be listening [WARN] Port 465 (SMTP server SSL) seems NOT to be listening [WARN] Port 21 (FTP server) seems NOT to be listening [WARN] Port 25 (SMTP server) seems NOT to be listening ##### MAIL SERVER CHECK ##### [WARN] I found no "smtp" entry in your postfix master.cf [WARN] I found no "submission" entry in your postfix master.cf [INFO] this is not critical, but if you want to offer port 587 for smtp connections you have to enable this. [WARN] I found no "smtps" entry in your postfix master.cf [INFO] this is not critical, but if you want to offer SSL for smtp (not TLS) connections you have to enable this. ##### RUNNING SERVER PROCESSES ##### [WARN] I could not determine which web server is running. [WARN] I could not determine which mail server is running. [WARN] I could not determine which pop3 server is running. [WARN] I could not determine which imap server is running. [WARN] I could not determine which ftp server is running. ##### LISTENING PORTS ##### (only () Local (Address) [anywhere]:22 (509/sshd) [localhost]:10808 (4122/veeamservice) [localhost]:953 (17204/named) [anywhere]:10050 (511/zabbix_agentd) [localhost]:3306 (494/mysqld) [anywhere]:10000 (674/perl) ***.***.***.***:53 (17204/named) [localhost]:53 (17204/named) *:*:*:*::*:22 (509/sshd) [localhost]0050 (511/zabbix_agentd) *:*:*:*::*:6160 (521/veeamdeployment) ##### IPTABLES ##### Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:6160 /* Veeam deployment rule */ Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination ##### LET'S ENCRYPT #####
Why are you posting same message again? You already posted here: https://forum.howtoforge.com/thread...ot-taking-effect-until-service-restart.90715/ At least admit at the beginning of your post it is a repost. You are running old version of ISPConfig, you should update before complaining about not working. Report does not show PHP version for php-cgi, strange. But report is full of "could not determine" and "seems NOT to be listening". What kind of server is this? How was is installed and how was ISPConfig installed?
Other than that asked by @Taleman, please note to create swap file. I noticed more and more new members posted their reports with 0 swap file, which is not good for their servers.
Hello, Thank you for your response. I apologize if reposting my message was inappropriate. Originally, I posted the question in the "Linux" forum, where I was informed that I posted in the wrong section. I can certainly schedule an update for ISPconfig, and I appreciate the reminder. The server in question is an authoritative master DNS server that is not accessible from the internet. The records are then distributed to the slave DNS servers. I was using nslookup from my own PC, where I set the IP address of the mentioned primary DNS server as the DNS server. Thank you for your time and assistance.
ISPConfig reloads bind automatically on zone file change, so changes get applied automatically. To debug why your system is unable to reload BIND, use debug mode: https://www.faqforge.com/linux/debugging-ispconfig-3-server-actions-in-case-of-a-failure/
Hello, Thank you for your response. I would like to inform you that I have updated all my ISPconfig servers to version 3.2.10p1, but the issue with DNS record propagation still persists. Following the instructions, I have enabled the debug mode on the server, and I am attaching the output as a screenshot. You can view the screenshot here: https://imgur.com/a/gArNWZq Thank you for your assistance in resolving this issue. Best regards, Jan Brodecky
Please do exactly what's described in the debug instructions, enabling debug mode is just the first step of the process.
