Hey! i'm trying to import around 1500 DNS Zonefiles into my new ISPConfig DNS with a PHP Soap Script. The Script seems to work fine. It reads the DNS Entries from an MSSQL Server, converts the neccesary entries and import the data to the ISPConfig Server. Here is a part of the Script: PHP: $zone_params = array( 'server_id' => 3, 'origin' => $tmp_domain . ".", 'ns' => "ns1.XXXXXXX.de", 'mbox' => str_replace("@", ".", $id['email']) . ".", 'refresh' => "28800", 'retry' => "7200", 'expire' => "604800", 'minimum' => "86400", 'ttl' => "86400", 'xfer' => "", 'also_notify' => "", 'update_acl' => "", 'active' => 'y', ); $zone_id = $GLOBALS['client']->dns_zone_add($GLOBALS['session_id'], $cr['client_id'], $zone_params); However after doing so with a few test zones and checking back with nslookup on the host itself it seems to not work correctly. On the Server under /etc/bind/ the zonefiles are created like "pri.test123.com.err" and not like "pri.test1.com" (which got created manually), and in the file "named.conf.local" the zones are not added at all. Checking these new zones with nslookup results in a "SERVFAIL". The Entries in the ISPConfig Webpanel however are identical to the ones working, so the importing in itself seem to work. Any ideas what might be wrong here?
The zones are invalid and therefore saved with .err file ending as BIND rejected them. Only valid zone files get included into named.conf.local. You can test the .err zone files yourself with the named-checkzone command to get a detailed error message. In BIND, any fully qualified domain name ends with a dot, e.g. here: ns' => "ns1.XXXXXXX.de", you missed that dot. It has to be: ns' => "ns1.XXXXXXX.de.", and probably you missed dots in other records that you added as well. if a dor is missing, then BIND adds the zone name to the record, ns1.XXXXXXX.de becomes ns1.XXXXXXX.de.somedomain.tld.
Till thank you again for the quick response! You were right i missed the "." at the end. But after fixing this i've checked again and the zonefile has errors which is correct. The entries are not getting created within the zonefile, see here: Code: $TTL 86400 @ IN SOA ns1.XXXXXXX.com. xxx.xxx.com. ( 0 ; serial, todays date + todays serial # 28800 ; refresh, seconds 7200 ; retry, seconds 604800 ; expire, seconds 86400 ) ; minimum, seconds ; But in the Webpanel they are there: Is this a error within my script? Or what am i missing here?
Probably something wrong with your api calls in your script then. Create a record in ispconfig, then compare it with the ones you created with your script and adjust your script. You might also want t use debug mode to get further insights on what is going wrong when ISPConfig writes the zone file: https://www.faqforge.com/linux/debugging-ispconfig-3-server-actions-in-case-of-a-failure/
Well i've checked back. The log is empty there nothing gets logged while importing. However after checking the script i've tried creating a DNS Zone within the ISPConfig Webpanel, i've created a testzone with "New DNS Zone (SOA)" but it also gets created as .err file. The file contains the following: Code: $TTL 3600 @ IN SOA ns1.XXXXXXXX.com. webmaster.XXXXXXXX.com. ( 0 ; serial, todays date + todays serial # 7200 ; refresh, seconds 540 ; retry, seconds 604800 ; expire, seconds 3600 ) ; minimum, seconds ; I don't understand why this is happening. Any ideas?
Then you did not use debug mode. Reread the article I posted and follow it step by step. Btw. Debug mode is not a log!
Thank you. I've managed to fix a few things with the debug output and i am a step closer to fixing the problem. After checking whats going on, i've noticed that the database where i export the Zonedata from does not contain NS values, so i added that section to my script by simply doing this: PHP: if(strlen($tmp_sub_domain) == 0) { //add both NS values print(" ==> Add NS Record for domain: {$dom}\n"); // dns_ns_add $dom = $tmp_domain . "."; $params['name'] = $dom; $params['type'] = 'ns'; $params['data'] = 'ns1.xxxxx.com.'; $GLOBALS['client']->dns_ns_add($GLOBALS['session_id'], $cr['client_id'], $params); $params['data'] = 'ns2.xxxxx.com.'; $GLOBALS['client']->dns_ns_add($GLOBALS['session_id'], $cr['client_id'], $params); } It works. There are only 3 domains that have a diffrent NS entry but i will fix this manually afterwards. However, altough the zones and records are visible in ISPConfig the zonefile still gets not written properly. After some digging around i noticed that as soon as i click on any record that is visible in ISPConfig and just hit save, the zonefile gets updatet correctly, ".err" is gone and the zone works correctly. So any idea why this happens? The DNS Entries for a zone get created correlty with the script in ispconfig but only after manually going into each record and pressing the save button the records get written to the file.
Post the debug output from adding a zone and also the result that named-checkzone returns for that .err file. And does your script update the serial of the zone when adding a new record?
Here is the Output of adding the zone with the script: Code: Tue Apr 12 11:51:01 CEST 2022 12.04.2022-11:51 - DEBUG - Writing BIND named.conf.local file: /etc/bind/named.conf.local Tue Apr 12 11:51:01 CEST 2022 12.04.2022-11:51 - DEBUG - Processed datalog_id 4126 Tue Apr 12 11:51:01 CEST 2022 12.04.2022-11:51 - DEBUG - Replicated from master: REPLACE INTO `dns_soa` (`id`,`sys_userid`,`sys_groupid`,`sys_perm_user`,`sys_perm_group`,`sys_perm_other`,`server_id`,`origin`,`ns`,`mbox`,`serial`,`refresh`,`retry`,`expire`,`minimum`,`ttl`,`active`,`xfer`,`also_notify`,`update_acl`,`dnssec_initialized`,`dnssec_wanted`,`dnssec_algo`,`dnssec_last_signed`,`dnssec_info`) VALUES ('53','253','253','riud','riud','','3','xxxxx.com.','ns1.xxxxx.com.','xxxxx.com.','0','28800','7200','604800','86400','86400','Y','','','','N','N','','0','') Tue Apr 12 11:51:01 CEST 2022 12.04.2022-11:51 - DEBUG - Calling function 'soa_insert' from plugin 'bind_plugin' raised by event 'dns_soa_insert'. Tue Apr 12 11:51:01 CEST 2022 12.04.2022-11:51 - DEBUG - safe_exec cmd: named-checkzone 'xxxxx.com.' '/etc/bind/pri.xxxxx.com' - return code: 1 Tue Apr 12 11:51:01 CEST 2022 12.04.2022-11:51 - WARNING - Writing BIND domain file failed: /etc/bind/pri.xxxxx.com zone xxxxx.com/IN: has no NS records zone xxxxx.com/IN: not loaded due to errors. Tue Apr 12 11:51:01 CEST 2022 12.04.2022-11:51 - WARNING - Reason for Bind restart failure: zone xxxxx.com/IN: has no NS records Tue Apr 12 11:51:01 CEST 2022 zone xxxxx.com/IN: not loaded due to errors. Tue Apr 12 11:51:01 CEST 2022 12.04.2022-11:51 - DEBUG - Writing BIND named.conf.local file: /etc/bind/named.conf.local Tue Apr 12 11:51:01 CEST 2022 12.04.2022-11:51 - DEBUG - Processed datalog_id 4132 As expected named-checkzone reports errors because the zonefile does not contain a NS record. The script does not change the serial. However i don't see the creation of the records in the output, but they are within ISPConfig.
First, you must increase the serial after a record. Then, something with your API call to add the records must be wrong, otherwise, they would get added to the file. And as they get added when editing and saving them in ISPConfig, this means that the wrong API call got corrected by ISPConfig UI, so you should compare a record before editing it and after editing it to see which data you set wrong in $params array and adjust that to fix the issue. Maybe you e.g. set a wrong server_id for the records?
Till, i really appreciate you. I've check the whole script again and found a line where i've overwritten the correct server_ID as it was used for an older ISPConfig Instance beforhand after chaning $parmas[server_id] which is "3" for the DNS Server in my case, the zone got created successfully. So for everyone that may stumble upton this post: Make sure to check every paramter that you hand over to the dns_XXX_add function and dump it in a print for debugging. Check twice if these settings are correct, may check by reading out the data of a working one created within ISPConfig. @till Thank you so much for the great support you've been doing here over the years. Cheers!