Hi Support, I'm stuck trying to figure out why one domain (out of several) has failed to propagate to the internet and I when I query within the server I get no response. Maybe a fresh pair of eyes will see something I'm missing. I am running ISPConfig 3.0.5.4p9 on Ubuntu 14.04 (I'm aware it's old) /etc/bind/pri.clientdomain.com Code: $TTL 3600 @ IN SOA dns-30.srv.isp.com. techs.ispinternet.com. ( 2020020917 ; serial, todays date + todays serial # 28800 ; refresh, seconds 7200 ; retry, seconds 604800 ; expire, seconds 86400 ) ; minimum, seconds ; mail 86400 A 192.168.1.1 clientdomain.com. 86400 A 192.168.10.10 www 86400 A 192.168.10.11 www.clientdomain.com. 3600 CNAME clientdomain.com. clientdomain.com. 86400 MX 50 mail.clientdomain.com. clientdomain.com. 86400 MX 10 mailscan-10.srv.isp.com. clientdomain.com. 86400 MX 20 mailscan-11.srv.isp.com. clientdomain.com. 86400 NS dns-30.srv.isp.com. clientdomain.com. 86400 NS dns-20.srv.isp.com. Code: dig @localhost clientdomain.com ; <<>> DiG 9.9.5-3ubuntu0.19-Ubuntu <<>> @localhost clientdomain.com ; (2 servers found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 11812 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;clientdomain.com. IN A ;; Query time: 0 msec ;; SERVER: ::1#53(::1) ;; WHEN: Mon Feb 03 10:52:07 EAT 2020 ;; MSG SIZE rcvd: 45 resolve.conf file Code: # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 8.8.8.8 nameserver 192.168.2.2 nameserver 192.168.2.3 search srv.isp.com Here's an extract from the logs. 192.168.1.1 is the IP for their mail server. The rest of the IPs are attempted hacks I suppose. Code: Feb 3 10:40:54 dns-30 named[22272]: client 154.66.219.18#29783 (epdg.epc.mnc010.mcc641.pub.3gppnetwork.org): query (cache) 'epdg.epc.mnc010.mcc641.pub.3gppnetwork.org/A/IN' denied Feb 3 10:40:54 dns-30 named[22272]: client 172.253.12.1#58855 (mail.clientdomain.com): query (cache) 'mail.clientdomain.com/A/IN' denied Feb 3 10:40:54 dns-30 named[22272]: client 172.253.14.5#58663 (mail.clientdomain.com): query (cache) 'mail.clientdomain.com/A/IN' denied Feb 3 10:40:54 dns-30 named[22272]: client 41.89.93.136#64468 (epdg.epc.mnc010.mcc641.pub.3gppnetwork.org): query (cache) 'epdg.epc.mnc010.mcc641.pub.3gppnetwork.org/A/IN' denied Feb 3 10:40:54 dns-30 kernel: [33865544.279081] IN=p3p1.4094 OUT= MAC=ff:ff:ff:ff:ff:ff:00:c0:b7:52:a2:b4:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=64 ID=9352 PROTO=UDP SPT=68 DPT=67 LEN=308 Feb 3 10:40:55 dns-30 named[22272]: client 172.253.11.2#53191 (mail.clientdomain.com): query (cache) 'mail.clientdomain.com/A/IN' denied Feb 3 10:40:55 dns-30 named[22272]: client 13.94.131.105#63161 (clientdomain.com): query (cache) 'clientdomain.com/MX/IN' denied Feb 3 10:40:55 dns-30 named[22272]: client 197.221.151.154#49406 (mail.clientdomain.com): query (cache) 'mail.clientdomain.com/A/IN' denied Feb 3 10:40:56 dns-30 named[22272]: client 40.91.204.143#65255 (clientdomain.com): query (cache) 'clientdomain.com/MX/IN' denied Feb 3 10:40:56 dns-30 named[22272]: client 172.253.14.1#53180 (autodiscover.clientdomain.com): query (cache) 'autodiscover.clientdomain.com/A/IN' denied Feb 3 10:40:56 dns-30 named[22272]: client 192.168.1.1#53803 (mail.clientdomain.com): query (cache) 'mail.clientdomain.com/A/IN' denied Feb 3 10:40:56 dns-30 named[22272]: client 197.221.151.154#30707 (autodiscover.clientdomain.com): query (cache) 'autodiscover.clientdomain.com/A/IN' denied Feb 3 10:40:56 dns-30 named[22272]: client 197.221.151.154#40286 (mail.clientdomain.com): query (cache) 'mail.clientdomain.com/A/IN' denied Feb 3 10:40:56 dns-30 named[22272]: client 192.168.1.1#65493 (autodiscover.clientdomain.com): query (cache) 'autodiscover.clientdomain.com/A/IN' denied Feb 3 10:40:56 dns-30 named[22272]: client 192.168.1.1#38788 (mail.clientdomain.com): query (cache) 'mail.clientdomain.com/A/IN' denied Feb 3 10:40:56 dns-30 named[22272]: client 197.221.151.154#60301 (clientdomain.com): query (cache) 'clientdomain.com/A/IN' denied Feb 3 10:40:57 dns-30 named[22272]: client 172.253.12.5#47565 (_autodiscover._tcp.clientdomain.com): query (cache) '_autodiscover._tcp.clientdomain.com/SRV/IN' denied Feb 3 10:40:57 dns-30 named[22272]: client 172.253.12.3#36769 (_autodiscover._tcp.clientdomain.com): query (cache) '_autodiscover._tcp.clientdomain.com/SRV/IN' denied Feb 3 10:40:57 dns-30 named[22272]: client 172.253.211.7#39603 (clientdomain.com): query (cache) 'clientdomain.com/MX/IN' denied Feb 3 10:40:57 dns-30 named[22272]: client 197.221.151.154#21775 (_autodiscover._tcp.clientdomain.com): query (cache) '_autodiscover._tcp.clientdomain.com/SRV/IN' denied Feb 3 10:40:58 dns-30 named[22272]: client 74.125.190.153#43231 (clientdomain.com): query (cache) 'clientdomain.com/MX/IN' denied Feb 3 10:40:58 dns-30 named[22272]: client 13.94.135.205#56879 (clientdomain.com): query (cache) 'clientdomain.com/MX/IN' denied
This shows how to find what is wrong with the zone: https://www.howtoforge.com/tutorial/setting-up-your-own-name-service-with-ispconfig/#nbsptesting
Thank you however, I have set up this client just like the others before and they are resolving fine against the name servers. Comparison of two different domains Code: # host dashbank.com 192.168.10.11 Using domain server: Name: 192.168.10.11 Address: 192.168.10.11#53 Aliases: dashbank.com has address 10.10.10.10 dashbank.com mail is handled by 10 mail.dashbank.com. # host clientdomain.com 192.168.10.11 Using domain server: Name: 192.168.10.11 Address: 192.168.10.11#53 Aliases: Host clientdomain.com not found: 5(REFUSED)
If you followed all the troubleshooting instructions on the link I posted and no error was found, the situation is hopeless.
The cname + a-record combination looks a bit suspicious to me, is it intended to redirect www to two different ip's with two different record types? www 86400 A 192.168.10.11 www.clientdomain.com. 3600 CNAME clientdomain.com.
The CNAME should redirect to the A record when the prefix www is punched in. I have however temporarily remove the CNAM as this was added just last week so we could test it out.
Looks like service restored after removing the CNAME. I appreciate all your support, guys. Thank you.
that still leaves you with the domain and the www subdomain pointing to two different target IP's. clientdomain.com. 86400 A 192.168.10.10 www 86400 A 192.168.10.11 whilst that may be what you're after, it's certainly very unusual. especially since the cname record you tried adding would have directed back to the root domain's server ip, not the www subdomain's ip.
Hi, I apologize for the delayed response. I am running a multiserver setup so clientdomain.com points to the primary name server IP while www points to the web server IP. I hope this makes sense
that still seems odd to me. is http://clientdomain.com and http://www.clientdomain.com supposed to be a single website? I don't know exactly how you're configuring everything, but generally, the NS records point to your nameservers. eg Code: clientdomain.com. NS ns1.nameserverdomain.tld. clientdomain.com NS ns2.nameserverdomain.tld. if the nameservers happen to part of the same domain, then it would be eg Code: clientdomain.com. NS ns1.clientdomain.com. clientdomain.com NS ns2.clientdomain.com. and you would have A records for ns1 and ns2 pointing to the ip's of your primary and secondary domain name servers. then the root A record and the www A record would generally point to the webserver IP. whilst it is possible to have clientdomain.com and www.clientdomain.com display different pages/information, same with (http and https), clientdomain.com www.clientdomain.com could even be completely different vhosts, it's not really a common configuration.