DNS Problem - host not found: (SERVFAIL)

djesys · Jul 6, 2022

Hi there!
I followed the tutorial for the ISPConfig auto-installer on Debian 11 and it installed flawlessly.
Now, I having a major headache getting DNS to work.

Code:

lsb_release -a
No LSB modules are available.
Distributor ID:    Debian
Description:    Debian GNU/Linux 11 (bullseye)
Release:    11
Codename:    bullseye

1. Added nameserver to my DNS provider
Screenshot 2022-07-05 at 23.41.35.png

2. Created Zone and Record (screenshots)
Screenshot 2022-07-05 at 23.45.27.png

Dig Result:

Code:

[email protected]:/etc/bind# dig @localhost cloud.counter.party

; <<>> DiG 9.16.27-Debian <<>> @localhost cloud.counter.party
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 10712
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 449012747b5ce4720100000062c4b1bce3a930686cb6a21c (good)
;; QUESTION SECTION:
;cloud.counter.party.        IN    A

;; Query time: 0 msec
;; SERVER: ::1#53(::1)
;; WHEN: Tue Jul 05 22:48:44 BST 2022
;; MSG SIZE  rcvd: 76

Code:

# host cloud.counter.party 185.XX.XXX.100
Using domain server:
Name: 185.XX.XXX.100
Address: 185.XX.XXX.100#53
Aliases:

Host cloud.counter.party not found: 2(SERVFAIL)

Code:

 systemctl status bind9.service
● named.service - BIND Domain Name Server
     Loaded: loaded (/lib/systemd/system/named.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2022-07-05 16:16:54 BST; 6h ago
       Docs: man:named(8)
    Process: 20419 ExecReload=/usr/sbin/rndc reload (code=exited, status=0/SUCCESS)
   Main PID: 589 (named)
      Tasks: 8 (limit: 2336)
     Memory: 35.5M
        CPU: 15.977s
     CGroup: /system.slice/named.service
             └─589 /usr/sbin/named -f -u bind

Jul 05 22:52:47 b0x named[589]: network unreachable resolving 'ns2.counter.party/AAAA/IN': 2001:dcd:>
Jul 05 22:52:47 b0x named[589]: network unreachable resolving 'ns2.counter.party/AAAA/IN': 2001:dcd:>
Jul 05 22:52:47 b0x named[589]: network unreachable resolving 'ns2.counter.party/AAAA/IN': 2001:dcd:>
Jul 05 22:52:47 b0x named[589]: network unreachable resolving 'ns1.counter.party/AAAA/IN': 2001:dcd:>
Jul 05 22:52:47 b0x named[589]: lame server resolving 'ns2.counter.party' (in 'counter.party'?): 185>
Jul 05 22:52:47 b0x named[589]: lame server resolving 'ns2.counter.party' (in 'counter.party'?): 185>
Jul 05 22:52:47 b0x named[589]: lame server resolving 'ns1.counter.party' (in 'counter.party'?): 185>
Jul 05 22:52:47 b0x named[589]: lame server resolving 'ns1.counter.party' (in 'counter.party'?): 185>
Jul 05 22:52:57 b0x named[589]: lame server resolving 'counter.party' (in 'counter.party'?): 185.22.>
Jul 05 22:52:57 b0x named[589]: lame server resolving 'counter.party' (in 'counter.party'?): 185.22.>
lines 1-22/22 (END)

Code:

Jul  5 22:53:48 b0x kernel: [23842.117050] [UFW BLOCK] IN=ens3 OUT= MAC=00:16:3c:34:e8:c9:00:24:38:89:2f:00:08:00 SRC=89.248.163.240 DST=185.22.172.100 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=45908 PROTO=TCP SPT=55956 DPT=57860 WINDOW=1024 RES=0x00 SYN URGP=0
Jul  5 22:54:01 b0x CRON[24152]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
Jul  5 22:54:01 b0x CRON[24155]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
Jul  5 22:54:04 b0x kernel: [23857.968633] [UFW BLOCK] IN=ens3 OUT= MAC=00:16:3c:34:e8:c9:00:24:38:89:2f:00:08:00 SRC=182.240.37.61 DST=185.22.172.100 LEN=40 TOS=0x00 PREC=0xE0 TTL=48 ID=52505 PROTO=TCP SPT=9823 DPT=23 WINDOW=2935 RES=0x00 SYN URGP=0
Jul  5 22:54:26 b0x named[589]: network unreachable resolving 'vJWbUwAZsfKVLcxwcQMDooxQN1a4P.uribl.rspamd.com/A/IN': 2001:bc8:1e00:6f03::1#53
Jul  5 22:54:28 b0x kernel: [23882.633471] [UFW BLOCK] IN=ens3 OUT= MAC=00:16:3c:34:e8:c9:00:24:38:89:2f:00:08:00 SRC=91.240.118.217 DST=185.22.172.100 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=30597 PROTO=TCP SPT=59202 DPT=21914 WINDOW=1024 RES=0x00 SYN URGP=0
Jul  5 22:54:35 b0x named[589]: client @0x7f6e94095840 152.89.162.24#61526 (ns2.counter.party): query (cache) 'ns2.counter.party/A/IN' denied
Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c72ce90 152.89.162.24#11535 (ns1.counter.party): query (cache) 'ns1.counter.party/A/IN' denied
Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c977880 152.89.162.24#62100 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c977880 152.89.162.24#51852 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c977880 152.89.162.24#30308 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
Jul  5 22:54:35 b0x named[589]: client @0x7f6e94095840 152.89.162.24#38052 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c72ce90 152.89.162.24#34033 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
Jul  5 22:54:35 b0x named[589]: client @0x7f6e94095840 152.89.162.24#20413 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c72ce90 152.89.162.24#25883 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
Jul  5 22:54:35 b0x named[589]: client @0x7f6e94095840 152.89.162.24#44308 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
Jul  5 22:54:35 b0x named[589]: client @0x7f6e94095840 152.89.162.24#40524 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
Jul  5 22:54:35 b0x named[589]: network unreachable resolving 'bPM1OxuEq4NhEAA3q_UXxdnZ.email.rspamd.com/A/IN': 2a01:4f8:160:61e7::2#53
Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c72ce90 152.89.162.24#12956 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c72ce90 152.89.162.24#64711 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c977880 152.89.162.24#6193 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
Jul  5 22:54:35 b0x named[589]: client @0x7f6e94095840 152.89.162.24#10170 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c977880 152.89.162.24#49503 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
Jul  5 22:54:35 b0x named[589]: client @0x7f6e94095840 152.89.162.24#43279 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
Jul  5 22:54:35 b0x named[589]: client @0x7f6e9406e880 152.89.162.24#65083 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
Jul  5 22:54:35 b0x named[589]: client @0x7f6e9c977880 152.89.162.24#49019 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
Jul  5 22:54:39 b0x kernel: [23892.949987] [UFW BLOCK] IN=ens3 OUT= MAC=00:16:3c:34:e8:c9:00:24:38:89:2f:00:08:00 SRC=91.240.118.215 DST=185.22.172.100 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=62395 PROTO=TCP SPT=59151 DPT=20483 WINDOW=1024 RES=0x00 SYN URGP=0
Jul  5 22:55:00 b0x kernel: [23914.008629] [UFW BLOCK] IN=ens3 OUT= MAC=00:16:3c:34:e8:c9:00:24:38:89:2f:00:08:00 SRC=144.126.243.51 DST=185.22.172.100 LEN=36 TOS=0x00 PREC=0x00 TTL=55 ID=26757 PROTO=UDP SPT=1409 DPT=123 LEN=16
Jul  5 22:55:01 b0x CRON[24188]: (getmail) CMD (/usr/local/bin/run-getmail.sh > /dev/null 2>> /dev/null)
Jul  5 22:55:01 b0x CRON[24189]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
Jul  5 22:55:01 b0x CRON[24191]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
Jul  5 22:55:01 b0x pure-ftpd: ([email protected]::1) [INFO] New connection from ::1
Jul  5 22:55:01 b0x pure-ftpd: ([email protected]::1) [INFO] Logout.
Jul  5 22:55:01 b0x mariadbd[737]: 2022-07-05 22:55:01 11701 [Warning] Aborted connection 11701 to db: 'unconnected' user: 'unauthenticated' host: 'localhost' (This connection closed normally without authentication)
Jul  5 22:55:01 b0x dovecot: imap-login: Disconnected (disconnected before auth was ready, waited 0 secs): user=<>, rip=::1, lip=::1, secured, session=<n8SF5xXj9OQAAAAAAAAAAAAAAAAAAAAB>

Firewall is open:
Screenshot 2022-07-06 at 00.14.56.png

I was using the same settings on a previews version of ISPC and it worked.
Some help is very appreciated.

thanks

till · Jul 6, 2022

Remove the dot after 'cloud.' A-record. A dot is added in DNS only for FQDN (fully qualified domain) records. Plus you missed adding the dot in the MX record.

I was using the same settings on a previews version of ISPC and it worked.
Click to expand...

It could not have worked with these typos, the way BIND works has not changed in many years.

djesys · Jul 6, 2022

till said: ↑

Remove the dot after 'cloud.' A-record. A dot is added in DNS only for FQDN (fully qualified domain) records. Plus you missed adding the dot in the MX record.

It could not have worked with these typos, the way BIND works has not changed in many years.
Click to expand...

djesys · Jul 8, 2022

Thank you Till,

I changed the Records.
Screenshot 2022-07-06 at 11.36.56.png

Unfortunately, Error now changed from SERVFAIL to REFUSED

Code:

host cloud.counter.party 185.xx.xxx.100
Using domain server:
Name: 185.xx.xxx.100
Address: 185.xx.xxx.100#53
Aliases:

Host cloud.counter.party not found: 5(REFUSED)

Code:

dig @localhost cloud.counter.party

; <<>> DiG 9.10.6 <<>> @localhost cloud.counter.party
; (2 servers found)
;; global options: +cmd
;; connection timed out; no servers could be reached

Code:

Jul  6 10:34:46 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#42639 (ns2.counter.party): query (cache) 'ns2.counter.party/A/IN' denied
Jul  6 10:34:46 b0x named[589]: client @0x7faac4977540 152.89.162.24#24394 (ns1.counter.party): query (cache) 'ns1.counter.party/A/IN' denied
Jul  6 10:34:46 b0x named[589]: client @0x7faac4977540 152.89.162.24#40716 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
Jul  6 10:34:47 b0x named[589]: client @0x7faac4977540 152.89.162.24#42108 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
Jul  6 10:34:47 b0x named[589]: client @0x7faac49e0090 152.89.162.24#37553 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
Jul  6 10:34:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#27902 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
Jul  6 10:34:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#58740 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
Jul  6 10:34:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#39035 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
Jul  6 10:34:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#28515 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
Jul  6 10:34:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#36340 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
Jul  6 10:34:47 b0x named[589]: client @0x7faac49e0090 152.89.162.24#27274 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
Jul  6 10:34:47 b0x named[589]: client @0x7faac49e0090 152.89.162.24#63257 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
Jul  6 10:34:47 b0x named[589]: client @0x7faac4977540 152.89.162.24#15543 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
Jul  6 10:34:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#34649 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
Jul  6 10:34:47 b0x named[589]: client @0x7faac4977540 152.89.162.24#36291 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
Jul  6 10:34:47 b0x named[589]: client @0x7faac4977540 152.89.162.24#57022 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
Jul  6 10:34:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#23515 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
Jul  6 10:34:47 b0x named[589]: client @0x7faac49e0090 152.89.162.24#57964 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
Jul  6 10:34:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#34856 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
Jul  6 10:34:48 b0x postfix/smtpd[1605]: connect from unknown[5.34.207.225]
Jul  6 10:34:50 b0x named[589]: network unreachable resolving '_.127.zen.spamhaus.org/A/IN': 2a01:4f8:c17:aba4:d9:900b:3e:10f6#53
Jul  6 10:34:50 b0x named[589]: network unreachable resolving '_.127.zen.spamhaus.org/A/IN': 2a05:9403::26e#53
Jul  6 10:34:50 b0x named[589]: network unreachable resolving '_.127.zen.spamhaus.org/A/IN': 2a03:f80:36:194:71:130:18:b89b#53
Jul  6 10:34:50 b0x named[589]: network unreachable resolving '_.0.127.zen.spamhaus.org/A/IN': 2a05:d014:1bf:db01:45c8:f4d6:6f50:360c#53
Jul  6 10:34:50 b0x named[589]: network unreachable resolving '_.0.127.zen.spamhaus.org/A/IN': 2a05:9406::62#53
Jul  6 10:34:50 b0x named[589]: network unreachable resolving '_.0.0.127.zen.spamhaus.org/A/IN': 2001:648:2000:340:68b:900d:39:b036#53
Jul  6 10:34:50 b0x named[589]: network unreachable resolving '_.0.0.127.zen.spamhaus.org/A/IN': 2001:7c0:0:77::4#53
Jul  6 10:34:50 b0x named[589]: network unreachable resolving '1.0.0.127.zen.spamhaus.org/A/IN': 2a03:f80:ed15:149:154:152:122:efa6#53
Jul  6 10:34:50 b0x named[589]: network unreachable resolving '1.0.0.127.zen.spamhaus.org/A/IN': 2a01:4f8:c17:aba4:d9:900b:3e:10f6#53
Jul  6 10:34:51 b0x postfix/smtpd[1600]: warning: unknown[5.34.207.225]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jul  6 10:34:52 b0x postfix/smtpd[1600]: disconnect from unknown[5.34.207.225] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Jul  6 10:34:53 b0x postfix/smtpd[1600]: connect from unknown[5.34.207.225]
Jul  6 10:34:59 b0x postfix/smtpd[1607]: connect from unknown[5.34.207.225]
Jul  6 10:34:59 b0x postfix/smtpd[1605]: warning: unknown[5.34.207.225]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jul  6 10:34:59 b0x postfix/smtpd[1605]: disconnect from unknown[5.34.207.225] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Jul  6 10:35:00 b0x named[589]: client @0x7faac49e0090 152.89.162.24#54877 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
Jul  6 10:35:01 b0x CRON[1611]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
Jul  6 10:35:01 b0x CRON[1612]: (getmail) CMD (/usr/local/bin/run-getmail.sh > /dev/null 2>> /dev/null)
Jul  6 10:35:01 b0x CRON[1613]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
Jul  6 10:35:02 b0x pure-ftpd: ([email protected]::1) [INFO] New connection from ::1
Jul  6 10:35:02 b0x pure-ftpd: ([email protected]::1) [INFO] Logout.
Jul  6 10:35:02 b0x mariadbd[741]: 2022-07-06 10:35:02 115 [Warning] Aborted connection 115 to db: 'unconnected' user: 'unauthenticated' host: 'localhost' (This connection closed normally without authentication)
Jul  6 10:35:02 b0x postfix/smtpd[1605]: connect from localhost[::1]
Jul  6 10:35:02 b0x postfix/smtpd[1605]: lost connection after CONNECT from localhost[::1]
Jul  6 10:35:02 b0x postfix/smtpd[1605]: disconnect from localhost[::1] commands=0/0

Code:

systemctl status bind9.service
● named.service - BIND Domain Name Server
     Loaded: loaded (/lib/systemd/system/named.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2022-07-06 10:32:57 BST; 33min ago
       Docs: man:named(8)
   Main PID: 589 (named)
      Tasks: 8 (limit: 2336)
     Memory: 34.2M
        CPU: 2.449s
     CGroup: /system.slice/named.service
             └─589 /usr/sbin/named -f -u bind

Jul 06 11:05:47 b0x named[589]: client @0x7faac49e0090 152.89.162.24#53090 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
Jul 06 11:05:47 b0x named[589]: client @0x7faac4765c20 152.89.162.24#13728 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
Jul 06 11:05:47 b0x named[589]: client @0x7faac4765c20 152.89.162.24#15671 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
Jul 06 11:05:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#6236 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
Jul 06 11:05:47 b0x named[589]: client @0x7faac4765c20 152.89.162.24#13409 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
Jul 06 11:05:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#15278 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied
Jul 06 11:05:47 b0x named[589]: client @0x7faac4765c20 152.89.162.24#28496 (ns2.counter.party): query (cache) 'ns2.counter.party/AAAA/IN' denied
Jul 06 11:05:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#64794 (cloud.counter.party): query (cache) 'cloud.counter.party/AAAA/IN' denied
Jul 06 11:05:47 b0x named[589]: client @0x7faabc05bbd0 152.89.162.24#41110 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
Jul 06 11:05:47 b0x named[589]: client @0x7faac4765c20 152.89.162.24#31226 (ns1.counter.party): query (cache) 'ns1.counter.party/AAAA/IN' denied

Taleman · Jul 6, 2022

My signature has link to DNS Setup guide. It has troubleshooting instructions.
Is there a file ending with .err in /etc/bind/ directory?

djesys · Jul 7, 2022

I did read your instructions, but i am not finding a solution.
there are .err files, but from a different zone.
Should I post the contents of those files ? thanks

Code:

[email protected]:/etc/bind# ls -l
total 60
-rw-r--r-- 1 root root 1991 Mar 14 14:25 bind.keys
-rw-r--r-- 1 root root  237 Mar 14 14:25 db.0
-rw-r--r-- 1 root root  271 Mar 14 14:25 db.127
-rw-r--r-- 1 root root  237 Mar 14 14:25 db.255
-rw-r--r-- 1 root root  353 Mar 14 14:25 db.empty
-rw-r--r-- 1 root root  270 Mar 14 14:25 db.local
-rw-r--r-- 1 root bind  463 Mar 14 14:25 named.conf
-rw-r--r-- 1 root bind  498 Mar 14 14:25 named.conf.default-zones
-rw-r--r-- 1 root bind    1 Jul  6 10:32 named.conf.local
-rw-r--r-- 1 root bind  907 Jul  5 13:19 named.conf.options
-rw-r--r-- 1 root bind  832 Jul  6 10:32 pri.counter.party
-rw-r--r-- 1 root bind  400 Jul  5 14:53 pri.viajah.com.err
-rw-r----- 1 bind bind  100 Jul  5 13:08 rndc.key
drwxrws--- 2 root bind 4096 Jul  5 13:19 slave
-rw-r--r-- 1 root root 1317 Mar 14 14:25 zones.rfc1918

Code:

grep named /var/log/syslog
....


Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'robotns2.second-ns.de/A/IN': 2001:67c:192c::add:b3#53
Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.first-ns.de/A/IN': 2001:67c:192c::add:b3#53
Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.first-ns.de/AAAA/IN': 2001:67c:192c::add:b3#53
Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.first-ns.de/A/IN': 2a01:4f8:0:a101::b:1#53
Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.first-ns.de/AAAA/IN': 2a01:4f8:0:a101::b:1#53
Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.first-ns.de/A/IN': a01:4f8:d0a:2006::2#53
Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.first-ns.de/AAAA/IN': 2a01:4f8:d0a:2006::2#53
Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'robotns2.second-ns.de/AAAA/IN': 2001:67c:192c::add:b3#53
Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'robotns2.second-ns.de/A/IN': 2a01:4f8:0:a101::b:1#53
Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'robotns2.second-ns.de/AAAA/IN': 2a01:4f8:0:a101::b:1#53
Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'robotns2.second-ns.de/A/IN': 2a01:4f8:d0a:2006::2#53
Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'robotns2.second-ns.de/AAAA/IN': 2a01:4f8:d0a:2006::2#53
Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns2.blocklist.de/AAAA/IN': 2a01:4f8:d0a:2004::2#53
Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.blocklist.de/AAAA/IN': 2a01:4f8:d0a:2004::2#53
Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.blocklist.de/AAAA/IN': 2001:67c:192c::add:a3#53
Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns1.blocklist.de/AAAA/IN': 2a01:4f8:0:a101::a:1#53
Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns2.blocklist.de/AAAA/IN': 2001:67c:192c::add:a3#53
Jul  7 19:15:51 b0x named[589]: network unreachable resolving 'ns2.blocklist.de/AAAA/IN': 2a01:4f8:0:a101::a:1#53
Jul  7 19:15:53 b0x named[589]: SERVFAIL unexpected RCODE resolving '1.0.0.127.bl.blocklist.de/A/IN': 185.21.103.31#53
Jul  7 19:15:53 b0x named[589]: SERVFAIL unexpected RCODE resolving '1.0.0.127.bl.blocklist.de/A/IN': 46.252.24.212#53
Jul  7 19:18:33 b0x named[589]: network unreachable resolving '_.141.in-addr.arpa/A/IN': 2001:13c7:7010::53#53
Jul  7 19:18:33 b0x named[589]: network unreachable resolving '_.141.in-addr.arpa/A/IN': 2001:500:87::87#53
Jul  7 19:18:33 b0x named[589]: network unreachable resolving '_.141.in-addr.arpa/A/IN': 2620:37:e000::53#53
Jul  7 19:18:33 b0x named[589]: network unreachable resolving '_.141.in-addr.arpa/A/IN': 2001:43f8:110::10#53
Jul  7 19:18:33 b0x named[589]: network unreachable resolving '_.141.in-addr.arpa/A/IN': 2001:67c:e0::1#53
Jul  7 19:18:33 b0x named[589]: network unreachable resolving '_.141.in-addr.arpa/A/IN': 2001:dd8:6::101#53
Jul  7 19:18:34 b0x named[589]: network unreachable resolving '_.98.141.in-addr.arpa/A/IN': 2001:dd8:12::53#53
Jul  7 19:18:34 b0x named[589]: network unreachable resolving '_.98.141.in-addr.arpa/A/IN': 2001:13c7:7002:3000::14#53
Jul  7 19:18:34 b0x named[589]: network unreachable resolving '_.98.141.in-addr.arpa/A/IN': 2620:38:2000::53#53
Jul  7 19:18:34 b0x named[589]: network unreachable resolving '_.98.141.in-addr.arpa/A/IN': 2001:500:14:6100:ad::1#53
Jul  7 19:20:05 b0x named[589]: REFUSED unexpected RCODE resolving '24.66.125.45.in-addr.arpa/PTR/IN': 141.98.8.30#53
Jul  7 19:20:05 b0x named[589]: REFUSED unexpected RCODE resolving '24.66.125.45.in-addr.arpa/PTR/IN': 141.98.8.31#53
Jul  7 19:20:43 b0x named[589]: network unreachable resolving '125.45.in-addr.arpa/DS/IN': 2001:500:14:6050:ad::1#53
Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'y.arin.net/A/IN': 2001:500:13::108#53
Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'y.arin.net/AAAA/IN': 2001:500:13::108#53
Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'y.arin.net/A/IN': 2001:500:14:6050:ad::1#53
Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'y.arin.net/AAAA/IN': 2001:500:14:6050:ad::1#53
Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'y.arin.net/A/IN': 2001:500:31::108#53
Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'y.arin.net/AAAA/IN': 2001:500:31::108#53
Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'y.arin.net/A/IN': 2001:500:a9::108#53
Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'y.arin.net/AAAA/IN': 2001:500:a9::108#53
Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'arin.authdns.ripe.net/A/IN': 2001:67c:e0::7#53
Jul  7 19:20:43 b0x named[589]: network unreachable resolving 'arin.authdns.ripe.net/AAAA/IN': 2001:67c:e0::7#53
Jul  7 19:20:44 b0x named[589]: network unreachable resolving '125.45.in-addr.arpa/DS/IN': 2001:500:f0::63#53
Jul  7 19:20:44 b0x named[589]: network unreachable resolving '125.45.in-addr.arpa/DS/IN': 2001:500:127::30#53
Jul  7 19:20:44 b0x named[589]: network unreachable resolving '125.45.in-addr.arpa/DS/IN': 2001:500:13::63#53
Jul  7 19:20:44 b0x named[589]: network unreachable resolving '125.45.in-addr.arpa/DS/IN': 2001:67c:e0::10#53
Jul  7 19:22:23 b0x named[589]: network unreachable resolving '_.127.bip.virusfree.cz/A/IN': 2001:67c:15a0:4000:1:ea7:dead:beef#53
Jul  7 19:22:23 b0x named[589]: network unreachable resolving '_.127.bip.virusfree.cz/A/IN': 2001:67c:1591:0:1:ea7:dead:beef#53
Jul  7 19:22:23 b0x named[589]: network unreachable resolving 'nspuri.virusfree.cz/A/IN': 2a02:4a8:ac24:100::96:2#53
Jul  7 19:22:23 b0x named[589]: network unreachable resolving 'nspuri.virusfree.cz/A/IN': 2001:1528:151::12#53
Jul  7 19:22:23 b0x named[589]: network unreachable resolving 'nspuri.virusfree.cz/A/IN': 2a02:250:0:2c::228#53
Jul  7 19:22:23 b0x named[589]: network unreachable resolving '1.0.0.127.bip.virusfree.cz/A/IN': 2001:67c:15a0:4000:1:ea7:dead:beef#53
Jul  7 19:22:23 b0x named[589]: network unreachable resolving '1.0.0.127.bip.virusfree.cz/A/IN': 2001:67c:1591:0:1:ea7:dead:beef#53
Jul  7 19:22:41 b0x named[589]: network unreachable resolving 'ns01.zencurity.com/A/IN': 2a06:d380:0:104::141#53
Jul  7 19:22:41 b0x named[589]: network unreachable resolving 'ns01.zencurity.com/A/IN': 2a06:d380:0:101::141#53
Jul  7 19:22:41 b0x named[589]: network unreachable resolving 'ns01.zencurity.com/AAAA/IN': 2a06:d380:0:101::141#53
Jul  7 19:22:41 b0x named[589]: network unreachable resolving 'ns02.zencurity.com/AAAA/IN': 2a06:d380:0:101::141#53
Jul  7 19:22:41 b0x named[589]: network unreachable resolving 'ns02.zencurity.com/A/IN': 2a06:d380:0:101::141#53
Jul  7 19:22:41 b0x named[589]: network unreachable resolving 'zencurity.com/DS/IN': 2001:502:1ca1::30#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/A/IN': 2803:f800:50::6ca2:c194#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/AAAA/IN': 2803:f800:50::6ca2:c194#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/A/IN': 2a06:98c1:50::ac40:207e#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/AAAA/IN': 2a06:98c1:50::ac40:207e#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/A/IN': 2606:4700:58::adf5:3b94#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/AAAA/IN': 2606:4700:58::adf5:3b94#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/A/IN': 2803:f800:50::6ca2:c07e#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/AAAA/IN': 2803:f800:50::6ca2:c07e#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/A/IN': 2a06:98c1:50::ac40:2194#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/AAAA/IN': 2a06:98c1:50::ac40:2194#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/A/IN': 2606:4700:50::adf5:3a7e#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns3.digitalocean.com/AAAA/IN': 2606:4700:50::adf5:3a7e#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns1.digitalocean.com/A/IN': 2606:4700:50::adf5:3a7e#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns1.digitalocean.com/AAAA/IN': 2606:4700:50::adf5:3a7e#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns2.digitalocean.com/A/IN': 2606:4700:50::adf5:3a7e#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns2.digitalocean.com/AAAA/IN': 2606:4700:50::adf5:3a7e#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns1.digitalocean.com/A/IN': 2803:f800:50::6ca2:c194#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns1.digitalocean.com/AAAA/IN': 2803:f800:50::6ca2:c194#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns2.digitalocean.com/A/IN': 2803:f800:50::6ca2:c194#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'ns2.digitalocean.com/AAAA/IN': 2803:f800:50::6ca2:c194#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'monitoring.internet-measurement.com/A/IN': 2606:4700:58::adf5:3b3c#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'monitoring.internet-measurement.com/A/IN': 2803:f800:50::6ca2:c08f#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'monitoring.internet-measurement.com/A/IN': 2a06:98c1:50::ac40:213c#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'monitoring.internet-measurement.com/A/IN': 2a06:98c1:50::ac40:208f#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'monitoring.internet-measurement.com/A/IN': 2803:f800:50::6ca2:c13c#53
Jul  7 19:22:43 b0x named[589]: network unreachable resolving 'monitoring.internet-measurement.com/A/IN': 2606:4700:50::adf5:3a8f#53
Jul  7 19:23:15 b0x named[589]: network unreachable resolving '_.dnsbl.manitu.net/A/IN': 2a03:4000:5c:d89::1#53
Jul  7 19:23:15 b0x named[589]: network unreachable resolving 'dns03.manitu.de/A/IN': 2a00:1828:1000:1148::2#53
Jul  7 19:23:15 b0x named[589]: network unreachable resolving '_.dnsbl.manitu.net/A/IN': 2a00:1828:1000:1148::2#53
Jul  7 19:23:15 b0x named[589]: network unreachable resolving 'dns03.manitu.de/AAAA/IN': 2a00:1828:1000:1148::2#53
Jul  7 19:23:15 b0x named[589]: network unreachable resolving 'dns03.manitu.de/A/IN': 2a00:1828:1000:1149::2#53
Jul  7 19:23:15 b0x named[589]: network unreachable resolving '_.dnsbl.manitu.net/A/IN': 2a00:1828:1000:1149::2#53
Jul  7 19:23:15 b0x named[589]: network unreachable resolving 'dns03.manitu.de/AAAA/IN': 2a00:1828:1000:1149::2#53
Jul  7 19:23:16 b0x named[589]: network unreachable resolving '_.0.127.ix.dnsbl.manitu.net/A/IN': 2a00:e50:f155:a::10#53
Jul  7 19:23:16 b0x named[589]: network unreachable resolving '_.0.127.ix.dnsbl.manitu.net/A/IN': 2a00:1828:2000:478::2#53
Jul  7 19:23:16 b0x named[589]: network unreachable resolving '1.0.0.127.ix.dnsbl.manitu.net/A/IN': 2001:7c0:0:314::49#53
Jul  7 19:23:16 b0x named[589]: network unreachable resolving '1.0.0.127.ix.dnsbl.manitu.net/A/IN': 2001:7c0:0:314::48#53
Jul  7 19:23:16 b0x named[589]: network unreachable resolving '1.0.0.127.ix.dnsbl.manitu.net/A/IN': 2001:4dd0:100:1020:53:9:0:3#53
Jul  7 19:25:13 b0x named[589]: client @0x7faabc04bf20 162.158.113.57#27809 (b0x.counter.party): query (cache) 'b0x.counter.party/AAAA/IN' denied
Jul  7 19:25:20 b0x named[589]: client @0x7faabc04bf20 162.158.113.57#50540 (b0x.counter.party): query (cache) 'b0x.counter.party/A/IN' denied
Jul  7 19:25:37 b0x named[589]: client @0x7faabc04bf20 162.158.113.57#10183 (cloud.counter.party): query (cache) 'cloud.counter.party/HTTPS/IN' denied
Jul  7 19:25:37 b0x named[589]: client @0x7faac49d70b0 162.158.113.57#47009 (cloud.counter.party): query (cache) 'cloud.counter.party/A/IN' denied
Jul  7 19:26:55 b0x named[589]: client @0x7faac49d70b0 162.158.113.57#18844 (b0x.counter.party): query (cache) 'b0x.counter.party/A/IN' denied
Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:500:2f::f#53
Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:500:2::c#53
Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:7fe::53#53
Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:500:200::b#53
Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:7fd::1#53
Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:500:2d::d#53
Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:503:ba3e::2:30#53
Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:500:1::53#53
Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:500:12::d0d#53
Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:dc3::35#53
Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:503:c27::2:30#53
Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:500:9f::42#53
Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns2.outreachratio.com/AAAA/IN': 2001:500:a8::e#53
Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns2.outreachratio.com/AAAA/IN': 2001:500:9f::42#53
Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns2.outreachratio.com/AAAA/IN': 2001:500:2d::d#53
Jul  7 19:27:03 b0x named[589]: network unreachable resolving 'ns1.outreachratio.com/AAAA/IN': 2001:500:a8::e#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving '_.virusfree.cz/A/IN': 2001:678:f::1#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving '_.virusfree.cz/A/IN': 2001:678:1::1#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving '_.virusfree.cz/A/IN': 2001:678:10::1#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving '_.virusfree.cz/A/IN': 2001:678:11::1#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/A/IN': 2001:678:70::1#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/AAAA/IN': 2001:678:70::1#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/A/IN': 2a04:2b00:13ff::16#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/AAAA/IN': 2a04:2b00:13ff::16#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/A/IN': 2001:678:9c::1#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/AAAA/IN': 2001:678:9c::1#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/A/IN': 2001:678:90::1#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/AAAA/IN': 2001:678:90::1#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/A/IN': 2001:67c:13cc::1:16#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/AAAA/IN': 2001:67c:13cc::1:16#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/A/IN': 2a04:2b00:13ee::16#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/AAAA/IN': 2a04:2b00:13ee::16#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/A/IN': 2a04:2b00:13cc::1:16#53
Jul  7 19:28:14 b0x named[589]: network unreachable resolving 'gama.ns.active24.sk/AAAA/IN': 2a04:2b00:13cc::1:16#53
[email protected]:/etc/bind# D

Taleman · Jul 8, 2022

Should I post the contents of those files ? thanks
Click to expand...

No.
What you should do is run named-checkzone. You can post the results of that, if the error messages are not obvious.

till · Jul 8, 2022

And if you need help by remote login, contact @Th0m here: https://www.ispconfig.org/get-support/?type=ispconfig

djesys · Jul 8, 2022

There is no .err file, so I cannot run named-checkzone on it.
please have one last look at these files, as I am out of ideas.

Code:

cat pri.counter.party
$TTL        3600
@       IN      SOA     ns1.counter.party. admin.counter.party. (
                        2022070602       ; serial, todays date + todays serial #
                        7200              ; refresh, seconds
                        540              ; retry, seconds
                        604800              ; expire, seconds
                        3600 )            ; minimum, seconds
;

cloud 3600      A          185.xx.xxx.100
ns1.counter.party. 3600      A          185.xx.xxx.100
ns2.counter.party. 3600      A          185.xx.xxx.100
counter.party. 3600      NS         ns1.counter.party.
counter.party. 3600      NS         ns2.counter.party.
counter.party. 3600      MX     10  b0x.counter.party.
counter.party. 3600      TXT        "v=spf1 mx a ~all"
counter.party. 3600      A          185.xx.xxx.100

Code:

dig @localhost cloud.counter.party

; <<>> DiG 9.16.27-Debian <<>> @localhost cloud.counter.party
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 41685
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 148235a5cc2201550100000062c80b2276f4b2c7fc582c86 (good)
;; QUESTION SECTION:
;cloud.counter.party.        IN    A

;; Query time: 24 msec
;; SERVER: ::1#53(::1)
;; WHEN: Fri Jul 08 11:46:58 BST 2022
;; MSG SIZE  rcvd: 76

Code:

host cloud.counter.party 185.xx.xxx.100
Using domain server:
Name: 185.xx.xxx.100
Address: 185.xx.xxx.100#53
Aliases:

Host cloud.counter.party not found: 2(SERVFAIL)

this seems ok:

Code:

host 185.22.172.100
100.172.22.185.in-addr.arpa domain name pointer b0x.counter.party.

till · Jul 8, 2022

The zone file looks fine to me. Check if this zone file is included in the named.conf.local file. Then you might try to restart the server, or at least stop bind and ensure it's really stopped, it can happen that services hang in a way that they fail to load changed config files. then ensure to not try to start a service like bind using /etc/init.d/ on a current Linux system, always uses systemctl command, as services started by /etc/init.d/ script may fail to reload their config via systems. And finally, check your records for typos, it' snot the first time that a typo in the domain name has been overlooked

djesys · Jul 8, 2022

till said: ↑

The zone file looks fine to me. Check if this zone file is included in the named.conf.local file. Then you might try to restart the server, or at least stop bind and ensure it's really stopped, it can happen that services hang in a way that they fail to load changed config files. then ensure to not try to start a service like bind using /etc/init.d/ on a current Linux system, always uses systemctl command, as services started by /etc/init.d/ script may fail to reload their config via systems. And finally, check your records for typos, it' snot the first time that a typo in the domain name has been overlooked
Click to expand...

name.conf.local is empty !!

what should I add there please ?

pri.counter.party content ?

Taleman · Jul 8, 2022

Are you writing to the zone files and conf files directly? If you use ISPConfig, do not touch those files.
Check if ISPConfig has jobs pending. Go through this:
https://forum.howtoforge.com/threads/please-read-before-posting.58408/

djesys · Jul 8, 2022

Hi,
I have not edited any of those files. I simply ran the ISPC- Debian 11 autoinstaller script.
So, it is ok that name.conf.local is empty ?

Here the output of the test:

Code:

cat htf_report.txt

##### SERVER #####
IP-address (as per hostname): ***.***.***.***
[WARN] could not determine server's ip address by ifconfig
[INFO] OS version is Debian GNU/Linux 11 (bullseye)

[INFO] uptime:  13:45:24 up 2 days,  3:12,  1 user,  load average: 0.00, 0.03, 0.01

[INFO] memory:
               total        used        free      shared  buff/cache   available
Mem:           1.9Gi       584Mi       110Mi        59Mi       1.3Gi       1.1Gi
Swap:          975Mi          0B       975Mi

[INFO] systemd failed services status:
  UNIT                     LOAD   ACTIVE SUB    DESCRIPTION
● clamav-freshclam.service loaded failed failed ClamAV virus database updater

LOAD   = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB    = The low-level unit activation state, values depend on unit type.
1 loaded units listed.

[INFO] ISPConfig is installed.

##### ISPCONFIG #####
ISPConfig version is 3.2.8p1


##### VERSION CHECK #####

[INFO] php (cli) version is 7.4.30
[INFO] php-cgi (used for cgi php in default vhost!) is version 7.4.30

##### PORT CHECK #####

[WARN] Port 22 (SSH server) seems NOT to be listening

##### MAIL SERVER CHECK #####


##### RUNNING SERVER PROCESSES #####

[INFO] I found the following web server(s):
    Apache 2 (PID 1084)
[INFO] I found the following mail server(s):
    Postfix (PID 1544)
[INFO] I found the following pop3 server(s):
    Dovecot (PID 584)
[INFO] I found the following imap server(s):
    Dovecot (PID 584)
[INFO] I found the following ftp server(s):
    PureFTP (PID 1245)

##### LISTENING PORTS #####
(only        ()
Local        (Address)
[anywhere]:25        (1544/master)
[localhost]:953        (589/named)
[anywhere]:4190        (584/dovecot)
[anywhere]:993        (584/dovecot)
[anywhere]:995        (584/dovecot)
[localhost]:11332        (605/rspamd:)
[localhost]:11333        (605/rspamd:)
[localhost]:11334        (605/rspamd:)
[localhost]:10023        (814/postgrey)
[anywhere]:4874        (676/sshd:)
[anywhere]:587        (1544/master)
[localhost]:6379        (602/redis-server)
[localhost]:11211        (588/memcached)
[anywhere]:110        (584/dovecot)
[anywhere]:143        (584/dovecot)
[anywhere]:465        (1544/master)
[anywhere]:21        (1245/pure-ftpd)
***.***.***.***:53        (589/named)
***.***.***.***:53        (589/named)
[localhost]:53        (589/named)
[localhost]:53        (589/named)
*:*:*:*::*:25        (1544/master)
*:*:*:*::*:953        (589/named)
*:*:*:*::*:443        (1084/apache2)
*:*:*:*::*:4190        (584/dovecot)
*:*:*:*::*:993        (584/dovecot)
*:*:*:*::*:995        (584/dovecot)
*:*:*:*::*:11332        (605/rspamd:)
*:*:*:*::*:11333        (605/rspamd:)
*:*:*:*::*:11334        (605/rspamd:)
*:*:*:*::*:10023        (814/postgrey)
*:*:*:*::*:3306        (741/mariadbd)
*:*:*:*::*:4874        (676/sshd:)
*:*:*:*::*:587        (1544/master)
*:*:*:*::*:6379        (602/redis-server)
[localhost]10        (584/dovecot)
[localhost]43        (584/dovecot)
*:*:*:*::*:8080        (1084/apache2)
*:*:*:*::*:80        (1084/apache2)
*:*:*:*::*:465        (1544/master)
*:*:*:*::*:8081        (1084/apache2)
*:*:*:*::*:21        (1245/pure-ftpd)
*:*:*:*::*:53        (589/named)
*:*:*:*::*:53        (589/named)
*:*:*:*::**:*:*:*::*53        (589/named)
*:*:*:*::**:*:*:*::*53        (589/named)




##### IPTABLES #####
Chain INPUT (policy DROP)
target     prot opt source               destination
f2b-postfix-sasl  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 25
ufw-before-logging-input  all  --  [anywhere]/0            [anywhere]/0
ufw-before-input  all  --  [anywhere]/0            [anywhere]/0
ufw-after-input  all  --  [anywhere]/0            [anywhere]/0
ufw-after-logging-input  all  --  [anywhere]/0            [anywhere]/0
ufw-reject-input  all  --  [anywhere]/0            [anywhere]/0
ufw-track-input  all  --  [anywhere]/0            [anywhere]/0

Chain FORWARD (policy DROP)
target     prot opt source               destination
ufw-before-logging-forward  all  --  [anywhere]/0            [anywhere]/0
ufw-before-forward  all  --  [anywhere]/0            [anywhere]/0
ufw-after-forward  all  --  [anywhere]/0            [anywhere]/0
ufw-after-logging-forward  all  --  [anywhere]/0            [anywhere]/0
ufw-reject-forward  all  --  [anywhere]/0            [anywhere]/0
ufw-track-forward  all  --  [anywhere]/0            [anywhere]/0

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ufw-before-logging-output  all  --  [anywhere]/0            [anywhere]/0
ufw-before-output  all  --  [anywhere]/0            [anywhere]/0
ufw-after-output  all  --  [anywhere]/0            [anywhere]/0
ufw-after-logging-output  all  --  [anywhere]/0            [anywhere]/0
ufw-reject-output  all  --  [anywhere]/0            [anywhere]/0
ufw-track-output  all  --  [anywhere]/0            [anywhere]/0

Chain f2b-postfix-sasl (1 references)
target     prot opt source               destination
REJECT     all  --  ***.***.***.***         [anywhere]/0            reject-with icmp-port-unreachable
RETURN     all  --  [anywhere]/0            [anywhere]/0

Chain ufw-after-forward (1 references)
target     prot opt source               destination

Chain ufw-after-input (1 references)
target     prot opt source               destination
ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:137
ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:138
ufw-skip-to-policy-input  tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:139
ufw-skip-to-policy-input  tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:445
ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:67
ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:68
ufw-skip-to-policy-input  all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type BROADCAST

Chain ufw-after-logging-forward (1 references)
target     prot opt source               destination
LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-input (1 references)
target     prot opt source               destination
LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-output (1 references)
target     prot opt source               destination

Chain ufw-after-output (1 references)
target     prot opt source               destination

Chain ufw-before-forward (1 references)
target     prot opt source               destination
ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 3
ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 11
ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 12
ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 8
ufw-user-forward  all  --  [anywhere]/0            [anywhere]/0

Chain ufw-before-input (1 references)
target     prot opt source               destination
ACCEPT     all  --  [anywhere]/0            [anywhere]/0
ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
ufw-logging-deny  all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID
DROP       all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID
ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 3
ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 11
ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 12
ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 8
ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp spt:67 dpt:68
ufw-not-local  all  --  [anywhere]/0            [anywhere]/0
ACCEPT     udp  --  [anywhere]/0            ***.***.***.***          udp dpt:5353
ACCEPT     udp  --  [anywhere]/0            ***.***.***.***      udp dpt:1900
ufw-user-input  all  --  [anywhere]/0            [anywhere]/0

Chain ufw-before-logging-forward (1 references)
target     prot opt source               destination

Chain ufw-before-logging-input (1 references)
target     prot opt source               destination

Chain ufw-before-logging-output (1 references)
target     prot opt source               destination

Chain ufw-before-output (1 references)
target     prot opt source               destination
ACCEPT     all  --  [anywhere]/0            [anywhere]/0
ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
ufw-user-output  all  --  [anywhere]/0            [anywhere]/0

Chain ufw-logging-allow (0 references)
target     prot opt source               destination
LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] "

Chain ufw-logging-deny (2 references)
target     prot opt source               destination
RETURN     all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID limit: avg 3/min burst 10
LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-not-local (1 references)
target     prot opt source               destination
RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type LOCAL
RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type MULTICAST
RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type BROADCAST
ufw-logging-deny  all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10
DROP       all  --  [anywhere]/0            [anywhere]/0

Chain ufw-reject-forward (1 references)
target     prot opt source               destination

Chain ufw-reject-input (1 references)
target     prot opt source               destination

Chain ufw-reject-output (1 references)
target     prot opt source               destination

Chain ufw-skip-to-policy-forward (0 references)
target     prot opt source               destination
DROP       all  --  [anywhere]/0            [anywhere]/0

Chain ufw-skip-to-policy-input (7 references)
target     prot opt source               destination
DROP       all  --  [anywhere]/0            [anywhere]/0

Chain ufw-skip-to-policy-output (0 references)
target     prot opt source               destination
ACCEPT     all  --  [anywhere]/0            [anywhere]/0

Chain ufw-track-forward (1 references)
target     prot opt source               destination

Chain ufw-track-input (1 references)
target     prot opt source               destination

Chain ufw-track-output (1 references)
target     prot opt source               destination
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            ctstate NEW
ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            ctstate NEW

Chain ufw-user-forward (1 references)
target     prot opt source               destination

Chain ufw-user-input (1 references)
target     prot opt source               destination
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:21
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:22
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:25
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:53
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:80
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:110
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:143
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:443
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:465
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:587
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:993
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:995
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:3306
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:4190
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:8080
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:8081
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 40110:40210
ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp dpt:53
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:4874

Chain ufw-user-limit (0 references)
target     prot opt source               destination
LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
REJECT     all  --  [anywhere]/0            [anywhere]/0            reject-with icmp-port-unreachable

Chain ufw-user-limit-accept (0 references)
target     prot opt source               destination
ACCEPT     all  --  [anywhere]/0            [anywhere]/0

Chain ufw-user-logging-forward (0 references)
target     prot opt source               destination

Chain ufw-user-logging-input (0 references)
target     prot opt source               destination

Chain ufw-user-logging-output (0 references)
target     prot opt source               destination

Chain ufw-user-output (1 references)
target     prot opt source               destination




##### LET'S ENCRYPT #####
[WARN] You have both certbot and acme.sh installed. This can lead to problems.
Certbot: /usr/bin/letsencrypt
acme.sh: /root/.acme.sh/acme.sh

till · Jul 8, 2022

djesys said: ↑

what should I add there please ?
Click to expand...

As @Taleman mentioned, do not add anything manually to this file on an ISPConfig system. Use debug mode in ISPConfig to find out why the file can not be written.

https://www.faqforge.com/linux/debugging-ispconfig-3-server-actions-in-case-of-a-failure/

1) Enable debug mode and comment out server.sh in root crontab.
2) Change something in the zone. e.g. add a new A-Record for 'test' or something similar.
3) Run server.sh script as root and post the result that you get on the shell here in the forum.

djesys · Jul 8, 2022

o

Code:

08.07.2022-14:04 - DEBUG [plugins.inc:155] - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
08.07.2022-14:04 - DEBUG [server:177] - Found 3 changes, starting update process.
08.07.2022-14:04 - DEBUG [plugins.inc:118] - Calling function 'rr_update' from plugin 'bind_plugin' raised by event 'dns_rr_update'.
08.07.2022-14:04 - DEBUG [system.inc:2399] - safe_exec cmd: named-checkzone 'counter.party.' '/etc/bind/pri.counter.party' - return code: 0
08.07.2022-14:04 - DEBUG [bind plugin.inc:346] - Writing BIND domain file: /etc/bind/pri.counter.party
08.07.2022-14:04 - WARNING - DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
08.07.2022-14:04 - DEBUG [bind plugin.inc:592] - Writing BIND named.conf.local file: /etc/bind/named.conf.local
08.07.2022-14:04 - DEBUG [modules.inc:240] - Processed datalog_id 75
08.07.2022-14:04 - DEBUG [plugins.inc:118] - Calling function 'soa_update' from plugin 'bind_plugin' raised by event 'dns_soa_update'.
08.07.2022-14:04 - DEBUG [system.inc:2399] - safe_exec cmd: named-checkzone 'counter.party.' '/etc/bind/pri.counter.party' - return code: 0
08.07.2022-14:04 - DEBUG [bind plugin.inc:346] - Writing BIND domain file: /etc/bind/pri.counter.party
08.07.2022-14:04 - WARNING - DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
08.07.2022-14:04 - DEBUG [bind plugin.inc:592] - Writing BIND named.conf.local file: /etc/bind/named.conf.local
08.07.2022-14:04 - DEBUG [modules.inc:240] - Processed datalog_id 76
08.07.2022-14:04 - DEBUG [plugins.inc:118] - Calling function 'rr_insert' from plugin 'bind_plugin' raised by event 'dns_rr_insert'.
08.07.2022-14:04 - DEBUG [system.inc:2399] - safe_exec cmd: named-checkzone 'counter.party.' '/etc/bind/pri.counter.party' - return code: 0
08.07.2022-14:04 - DEBUG [bind plugin.inc:346] - Writing BIND domain file: /etc/bind/pri.counter.party
08.07.2022-14:04 - WARNING - DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
08.07.2022-14:04 - DEBUG [bind plugin.inc:592] - Writing BIND named.conf.local file: /etc/bind/named.conf.local
08.07.2022-14:04 - DEBUG [modules.inc:240] - Processed datalog_id 77
08.07.2022-14:04 - DEBUG [services.inc:56] - Calling function 'restartBind' from module 'dns_module'.
08.07.2022-14:04 - DEBUG [system.inc:2082] - Trying to use Systemd to restart service
08.07.2022-14:04 - DEBUG [system.inc:2399] - safe_exec cmd: systemctl is-enabled 'named' 2>&1 - return code: 0
08.07.2022-14:04 - DEBUG [server:217] - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
finished server.php.

Let me guess - remove the lock and install haveged ?

till · Jul 8, 2022

djesys said: ↑

Let me guess - remove the lock and install haveged ?
Click to expand...

yes. it seems as if you use a virtualized system that does not generate enough entropy to use dnssec. There is no lock, just install haveged, then do a change in the DNS zone, save that and check with server.sh if it works now.

djesys · Jul 8, 2022

I installed haveged, enabled it and rebooted the server. no change. i will look into haveged and report back.

Code:

[email protected]:/etc/bind# /usr/local/ispconfig/server/server.sh
08.07.2022-14:23 - DEBUG [plugins.inc:155] - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
08.07.2022-14:23 - DEBUG [server:177] - Found 2 changes, starting update process.
08.07.2022-14:23 - DEBUG [plugins.inc:118] - Calling function 'rr_delete' from plugin 'bind_plugin' raised by event 'dns_rr_delete'.
08.07.2022-14:23 - DEBUG [system.inc:2399] - safe_exec cmd: named-checkzone 'counter.party.' '/etc/bind/pri.counter.party' - return code: 0
08.07.2022-14:23 - DEBUG [bind plugin.inc:346] - Writing BIND domain file: /etc/bind/pri.counter.party
08.07.2022-14:23 - WARNING - DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
08.07.2022-14:23 - DEBUG [bind plugin.inc:592] - Writing BIND named.conf.local file: /etc/bind/named.conf.local
08.07.2022-14:23 - DEBUG [modules.inc:240] - Processed datalog_id 83
08.07.2022-14:23 - DEBUG [plugins.inc:118] - Calling function 'soa_update' from plugin 'bind_plugin' raised by event 'dns_soa_update'.
08.07.2022-14:23 - DEBUG [system.inc:2399] - safe_exec cmd: named-checkzone 'counter.party.' '/etc/bind/pri.counter.party' - return code: 0
08.07.2022-14:23 - DEBUG [bind plugin.inc:346] - Writing BIND domain file: /etc/bind/pri.counter.party
08.07.2022-14:23 - WARNING - DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
DNSSEC ERROR: We are low on entropy. Not generating new Keys for counter.party. Please consider installing package haveged.
08.07.2022-14:23 - DEBUG [bind plugin.inc:592] - Writing BIND named.conf.local file: /etc/bind/named.conf.local
08.07.2022-14:23 - DEBUG [modules.inc:240] - Processed datalog_id 84
08.07.2022-14:23 - DEBUG [services.inc:56] - Calling function 'restartBind' from module 'dns_module'.
08.07.2022-14:23 - DEBUG [system.inc:2082] - Trying to use Systemd to restart service
08.07.2022-14:23 - DEBUG [system.inc:2399] - safe_exec cmd: systemctl is-enabled 'named' 2>&1 - return code: 0
08.07.2022-14:23 - DEBUG [server:217] - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
finished server.php.

Code:

[email protected]:/etc/bind# systemctl status haveged
● haveged.service - Entropy Daemon based on the HAVEGE algorithm
     Loaded: loaded (/lib/systemd/system/haveged.service; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2022-07-08 14:22:24 BST; 1min 39s ago
       Docs: man:haveged(8)
             http://www.issihosts.com/haveged/
   Main PID: 520 (haveged)
      Tasks: 1 (limit: 2336)
     Memory: 3.5M
        CPU: 337ms
     CGroup: /system.slice/haveged.service
             └─520 /usr/sbin/haveged --Foreground --verbose=1

Jul 08 14:22:24 b0x systemd[1]: Started Entropy Daemon based on the HAVEGE algorithm.
Jul 08 14:22:24 b0x haveged[520]: haveged: command socket is listening at fd 3
Jul 08 14:22:25 b0x haveged[520]: haveged: ver: 1.9.14; arch: x86; vend: GenuineIntel; build: (gcc 10.2.1 ITV); collect: 128K
Jul 08 14:22:25 b0x haveged[520]: haveged: cpu: (L4 VC); data: 32K (L2 L4 V); inst: 32K (L2 L4 V); idx: 24/40; sz: 32154/54019
Jul 08 14:22:25 b0x haveged[520]: haveged: tot tests(BA8): A:1/1 B:1/1 continuous tests(B):  last entropy estimate 7.99827
Jul 08 14:22:25 b0x haveged[520]: haveged: fills: 0, generated: 0

till · Jul 8, 2022

Maybe haveged needs a bit to provide enough entropy. Please post the result of the command:

cat /proc/sys/kernel/random/entropy_avail

The available entropy should be 200+

djesys · Jul 8, 2022

till said: ↑

Maybe haveged needs a bit to provide enough entropy. Please post the result of the command:

cat /proc/sys/kernel/random/entropy_avail

The available entropy should be 200+
Click to expand...

256 and not going up

till · Jul 8, 2022

That should be enough as it is above 200. Try changing the zone again, e.g. change a TTL should be enough, and then see if you still get that error.

Log in or Sign up

DNS Problem - host not found: (SERVFAIL)

djesys Member

till Super Moderator Staff Member ISPConfig Developer

djesys Member

djesys Member

Taleman Well-Known Member HowtoForge Supporter

djesys Member

Taleman Well-Known Member HowtoForge Supporter

till Super Moderator Staff Member ISPConfig Developer

djesys Member

till Super Moderator Staff Member ISPConfig Developer

djesys Member

Taleman Well-Known Member HowtoForge Supporter

djesys Member

till Super Moderator Staff Member ISPConfig Developer

djesys Member

till Super Moderator Staff Member ISPConfig Developer

djesys Member

till Super Moderator Staff Member ISPConfig Developer

djesys Member

till Super Moderator Staff Member ISPConfig Developer

Share This Page

Log in or Sign up

DNS Problem - host not found: (SERVFAIL)

djesys Member

till Super Moderator Staff Member ISPConfig Developer

djesys Member

djesys Member

Taleman Well-Known Member HowtoForge Supporter

djesys Member

Taleman Well-Known Member HowtoForge Supporter

till Super Moderator Staff Member ISPConfig Developer

djesys Member

till Super Moderator Staff Member ISPConfig Developer

djesys Member

Taleman Well-Known Member HowtoForge Supporter

djesys Member

till Super Moderator Staff Member ISPConfig Developer

djesys Member

till Super Moderator Staff Member ISPConfig Developer

djesys Member

till Super Moderator Staff Member ISPConfig Developer

djesys Member

till Super Moderator Staff Member ISPConfig Developer

Share This Page

Useful Searches