Hi guys, Today i was setting somethings when i discovered my local dns servers runing ISPConfig dont have the control of my domains... I did some records, and waited at least 6 hours, and dindt see the results.... So, looking on the registrar, i checked my domain was on networksolutions with an * (wildcard), because this man setting i already have did, seems be done, but the wildcard was behind this... I clicked to point to my DNS server, and now nothing is working... My setup is: 1 Webserver 1 Mailserver 1 Databaseserver 2 DNS Servers My Netwroking: 1 Modem from ISP on bridge mode with pppoe 1 PC as server with 2 NICs 1 VMWare runing pfsense as firewall / router on the Server PC doing bridge on those 2 NICs All other servers on same Server PC, before point the dns for my local DNS Server was working fine. Some data from my dns server: name.con.default-zones named.conf.local named.conf.options pri.domain2.com Note: I Set all ips to my static public IP nslookup domain1.com i get this error: ** server can`t find domain.com: SERVFAIL Wheres i`missing?
run: dig @localhost domain1.com dig @localhost domain2.com dig @localhost domain3.com on the shell of your server (the one that runs the bind dns server) and post the output. If you get a failure, check the /var/log/syslog for named errors and post them. Common mistakes are that the A records for the NS records are missing. E.g. if domain1.com uses ns1.domain1.com. as NS record, then there must exist A record for ns1.domain1.com. as well, otherwise the ns record can not be resolved.
I addded the ns1 record like you sayed, not sure if is correct i did: ns1.domain1.com for domain1.com ns1.domain2.com for domain2.com ns1.domain3.com for domain3.com The answer: Same msg for all 3 domains, chaging ony the WHEN and id from query Runing same comand for the domain without @localhost , now i see the internal IP from the DNS server I need add another A record now for each server using the internal IP? Using nslookup domain1.com i get 192.168.0.1 is my pfsense working as fireway / gateway, i added an dns forwarder alias on him for be able to use: domain1.com domain2.com domain3.com Inside of my LAN. Before run the dig i did: cat /dev/null > /var/log/syslog After run dig i checked the logs and there only msgs from ispconfig cron jobs
According to your posting above, you use ns1.domain1.com as primary dns server for all domains (at least for domain 2), so you just j´have to add ns1.domain1.com as A-Record to domain1.com, there has nothing to be added in domain2 and domain3. the @localhost is required to get a proper result from the local dns server. The nsloookup output is not relevant as well as the output from dig without the @localhost as it queried the wrong server. Please just post the output of the dig command I asked you for, the only thing to be replaced is the domain name and dont remove the @localhost. Please take a look at the syslog file in /var/log and post the named errors like I suggested above, you will find the relevant error messages there.
The outupt from dig is same like previous post: I removed the extas ns1 A record from domain 2 and 3, and then some errors come on /var/log/syslog , the dig comand wasnt send errors to sys log
i dont know what this means: I have removed from ispconfig all other things: Kim key v=spf1 a mx ptr -all Letting only the default ones created by the wizard. Gonna look for an example of dns file to check the differ. Seems i need do an bind course I lost the control of my server, dindt run anything (offcourse i now bind is runing, but isnt only for answer queries?), i see this message on log now: Looking for the info about this message now. Should i get hacked?
Please send me the file /etc/bind/pri.domain1.com by pm without changing amnything in the file so I can take a look at it.
Snded Thanks for the help!!! Let me know please if i got hacked. I see this message now on syslog: But i havent did nothing, was looking on google for dns templates I have an snapshot of the servers to restore just in case any problem.
Thats fine, not related to any hacking attempts. This is the spam filtering system that uses antispam RBL's.
I found an command to check the zone files: named-checkzone daomain1.com /etc/bind/pri.domain1.com then i followed to file and removed the line 14 Check runing ok Gonna try add more things, and check for errors
After test many combinations, i have isolated the problems errors occours when i enable on ISPConfig: mail XXX.XXX.XXX.XXX RP admin.domain1.com. Without enable those the named-checkzone says: Looking on google for check if there an specific template to RP and mail field
