Hi there everyone! I'm having issues resolving popular domains sometimes on my server and I'm running Google nameservers, the same as other servers I work with. None of the other servers have an issue resolving these same domain names. The only thing I did differently with this server setup is installing the firewall and fail2ban. I was wondering if the firewall could somehow be blocking the domain resolving? If not, Is there some way I could track perhaps the point in the network that the request fails? Thanks for your time!
could be. make sure port 53 is open, for both tcp and udp. should be included as part of ispconfig's default set of firewall rule ports, so I would expect them to be open already though.
ISPC doesn't open them when you configure it by hand (like ufw) instead of through the panel. If you are not able to fix this after opening port 53, maybe you could one of the domains so I can look it up and see if I can reach the nameserver?
The one I'm having an issue with specifically is api.steampowered.com . It doesn't always fail. It's just rarely it will throw the error, when tried immediately after, it will almost always succeed.
It sounds like your issue is in your server resolving, so you suspect your dns requests are being blocked? (Not that others are trying to do dns lookups from your server.) ufw will not block outgoing requests at all, unless you manually configured that from the cli (you can not configure it to do so via ISPConfig's ui). You can packet capture outgoing port 53 to see what requests leave your server. Beyond that, probably not; you would need to have access to the network path along the way. You might be able to talk to whomever hosts your server and see if they could trace it a hop or so down the line. Likely they would not forward such a request to any of their upstream providers if they even address it themselves, but you could always ask. If you could find a domain/query that fails reliably, so you can reproduce it at will, you'll have much better luck tracking it down. (If you do, note the size of the queries and of the replies which come back to your other servers - maybe there's a mtu problem somewhere and larger replies are dropped or ??)
