ISPCONFIG 3.0.3 DNS cannot resolve

Hi,

I installed ispconfig 3.0.3 base on http://www.howtoforge.com/perfect-server-centos-5.5-x86_64-ispconfig-3

[root@dns1 ~[10:24 PM]]#dig @localhost any mekeylife.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> @localhost any mekeylife.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31659
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 2

;; QUESTION SECTION:
;mekeylife.com. IN ANY

;; ANSWER SECTION:
mekeylife.com. 86400 IN A 203.185.50.236
mekeylife.com. 86400 IN MX 20 mail2.mekeylife.com.
mekeylife.com. 86400 IN MX 10 mail.mekeylife.com.
mekeylife.com. 86400 IN NS ns1.hongkefty.com.
mekeylife.com. 86400 IN NS ns2.hongkefty.com.
mekeylife.com. 86400 IN SOA ns1.hongkefty.com. root.mekeylife.com. 2010101406 28800 7200 604800 86400

;; ADDITIONAL SECTION:
mail.mekeylife.com. 86400 IN A 203.185.50.236
mail2.mekeylife.com. 86400 IN A 203.185.50.236

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Oct 14 22:25:29 2010
;; MSG SIZE rcvd: 209


[root@dns1 ~[10:25 PM]]#dig any mekeylife.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> any mekeylife.com
;; global options: printcmd
;; connection timed out; no servers could be reached
[root@dns1 ~[10:26 PM]]#

Do you have idea ?

 

Hi,

Bind seems to be down. Restart bind and check the log file. Bind listen on localhost only?

 

[root@dns1 ~[10:45 PM]]#/etc/init.d/named status
number of zones: 4
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/1000
tcp clients: 0/100
server is up and running
named (pid 6377) is running...
[root@dns1 ~[10:46 PM]]#

The bind is running. Log is no error. everything is fine.

 

Hello, try to add a A record for the DNS in the local system "ns1.hongkefty.com."

 

named.conf file is on below:


//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named/chroot/var/named";
dump-file "/var/named/chroot/var/named/data/cache_dump.db";
statistics-file "/var/named/chroot/var/named/data/named_stats.txt";
memstatistics-file "/var/named/chroot/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
recursion yes;
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.root";
};
include "/var/named/chroot/etc/named.conf.local";

zone file:

$TTL 86400
@ IN SOA ns1.hongkefty.com. root.hongkefty.com. (
2010101407 ; serial, todays date + todays serial #
28800 ; refresh, seconds
7200 ; retry, seconds
604800 ; expire, seconds
86400 ) ; minimum, seconds
;

drupal A 203.185.50.236
gallery A 203.185.50.236
hongkefty.com. A 203.185.50.236
hongkefty.com. MX 10 mail.hongkefty.com.
hongkefty.com. NS ns1.hongkefty.com.
hongkefty.com. NS ns2.hongkefty.com.
joomla A 203.185.50.236
mail A 203.185.50.236
mail2 CNAME szkw.8866.org.
www A 203.185.50.236
ns1 A 203.185.50.236

[root@dns1 /var/named/chroot/var/named[07:33 AM]]#dig @localhost hongkefty.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> @localhost hongkefty.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17229
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1

;; QUESTION SECTION:
;hongkefty.com. IN A

;; ANSWER SECTION:
hongkefty.com. 86400 IN A 203.185.50.236

;; AUTHORITY SECTION:
hongkefty.com. 86400 IN NS ns2.hongkefty.com.
hongkefty.com. 86400 IN NS ns1.hongkefty.com.

;; ADDITIONAL SECTION:
ns1.hongkefty.com. 86400 IN A 203.185.50.236

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Oct 15 07:33:46 2010
;; MSG SIZE rcvd: 99

[root@dns1 /var/named/chroot/var/named[07:33 AM]]#dig hongkefty.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> hongkefty.com
;; global options: printcmd
;; connection timed out; no servers could be reached
[root@dns1 /var/named/chroot/var/named[07:34 AM]]#

A record is already added .

 

What's the output of

Code:

netstat -tap

?

 

[root@dns1 ~[06:35 AM]]#netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 dns1.hongkefty.com:2208 *:* LISTEN 2655/hpiod
tcp 0 0 dns1.hongkefty.com:10024 *:* LISTEN 2855/amavisd (maste
tcp 0 0 dns1.hongkefty.com:10025 *:* LISTEN 2943/master
tcp 0 0 *:mysql *:* LISTEN 2799/mysqld
tcp 0 0 *:hylafax *:* LISTEN 3093/hfaxd
tcp 0 0 *:sunrpc *:* LISTEN 2330/portmap
tcp 0 0 *:ndmp *:* LISTEN 3230/perl
tcp 0 0 dns1.hongkefty.com:domain *:* LISTEN 15020/named
tcp 0 0 *:ftp *:* LISTEN 2993/pure-ftpd (SER
tcp 0 0 dns1.hongkefty.com:ipp *:* LISTEN 2692/cupsd
tcp 0 0 *:856 *:* LISTEN 2370/rpc.statd
tcp 0 0 dns1.hongkefty.com:rndc *:* LISTEN 15020/named
tcp 0 0 *:smtp *:* LISTEN 2943/master
tcp 0 0 dns1.hongkefty.com:2207 *:* LISTEN 2660/python
tcp 0 0 dns1.hongkefty.com:52056 dns1.hongkefty.com:mysql ESTABLISHED 3159/amavisd (ch4-a
tcp 0 0 dns1.hongkefty.com:mysql dns1.hongkefty.com:52056 ESTABLISHED 2799/mysqld
tcp 0 0 dns1.hongkefty.com:39609 dns1.hongkefty.com:mysql ESTABLISHED 3158/amavisd (ch6-a
tcp 0 0 dns1.hongkefty.com:mysql dns1.hongkefty.com:39609 ESTABLISHED 2799/mysqld
tcp 0 0 dns1.hongkefty.com:35682 dns1.hongkefty.com:domain TIME_WAIT -
tcp 0 0 dns1.hongkefty.com:53913 dns1.hongkefty.com:ftp TIME_WAIT -
tcp 0 0 dns1.hongkefty.com:45628 dns1.hongkefty.com:http TIME_WAIT -
tcp 0 0 *:imaps *:* LISTEN 2874/couriertcpd
tcp 0 0 *op3s *:* LISTEN 2886/couriertcpd
tcp 0 0 *op3 *:* LISTEN 2880/couriertcpd
tcp 0 0 *:imap *:* LISTEN 2867/couriertcpd
tcp 0 0 *:webcache *:* LISTEN 2976/httpd
tcp 0 0 *:http *:* LISTEN 2976/httpd
tcp 0 0 *:tproxy *:* LISTEN 2976/httpd
tcp 0 0 localhost6.localdoma:domain *:* LISTEN 15020/named
tcp 0 0 *:ftp *:* LISTEN 2993/pure-ftpd (SER
tcp 0 0 *:ssh *:* LISTEN 2678/sshd
tcp 0 0 localhost6.localdomain:rndc *:* LISTEN 15020/named
tcp 0 0 *:https *:* LISTEN 2976/httpd
tcp 0 3256 dns1.hongkefty.com:ssh ::ffff:192.168.116.40:2208 ESTABLISHED 16104/0
[root@dns1 ~[06:36 AM]]#

 

[root@dns1 ~[06:40 AM]]#nmap localhost

Starting Nmap 5.21 ( http://nmap.org ) at 2010-10-16 06:46 HKT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.0000040s latency).
rDNS record for 127.0.0.1: dns1.hongkefty.com
Not shown: 982 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
110/tcp open pop3
111/tcp open rpcbind
143/tcp open imap
443/tcp open https
631/tcp open ipp
993/tcp open imaps
995/tcp open pop3s
3306/tcp open mysql
8080/tcp open http-proxy
8081/tcp open blackice-icecap
10000/tcp open snet-sensor-mgmt
10024/tcp open unknown
10025/tcp open unknown

Nmap done: 1 IP address (1 host up) scanned in 0.11 seconds
[root@dns1 ~[06:46 AM]]#dig hongkefty.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> hongkefty.com
;; global options: printcmd
;; connection timed out; no servers could be reached
[root@dns1 ~[06:46 AM]]#

 

I'd remove

Code:

listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };

from named.conf. Also make sure that port 53 UDP is open in the firewall as well!

 

I removed above two line from named.conf and opened port 53 udp firewall from my router.

[root@dns1 /var/named/chroot/var/named/data[10:13 PM]]#dig any hongkefty.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> any hongkefty.com
;; global options: printcmd
;; connection timed out; no servers could be reached
[root@dns1 /var/named/chroot/var/named/data[10:20 PM]]#

do you have any solution?

 

http://www.intodns.com/hongkefty.com

Are 203.185.50.236 and 203.185.50.237 the correct IPs?
Do you have A records for ns1 and ns2? What's the output of

Code:

ifconfig

?

 

Thank you for your help. The dns server is working now.

 

[root@dns1 ~[10:06 PM]]#ifconfig
eth1 Link encap:Ethernet HWaddr 00:11:6B:62:3A:4F
inet addr:192.168.126.180 Bcast:192.168.126.255 Mask:255.255.255.0
inet6 addr: fe80::211:6bff:fe62:3a4f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:22892 errors:0 dropped:0 overruns:0 frame:0
TX packets:17215 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5651947 (5.3 MiB) TX bytes:2611666 (2.4 MiB)
Interrupt:177 Base address:0x2400

eth1:0 Link encap:Ethernet HWaddr 00:11:6B:62:3A:4F
inet addr:192.168.126.190 Bcast:192.168.126.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:177 Base address:0x2400

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:19656 errors:0 dropped:0 overruns:0 frame:0
TX packets:19656 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1793401 (1.7 MiB) TX bytes:1793401 (1.7 MiB)

[root@dns1 ~[10:06 PM]]#dig @ns1.hongkefty.com any mekeylife.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> @ns1.hongkefty.com any mekeylife.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 48145
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mekeylife.com. IN ANY

;; Query time: 1 msec
;; SERVER: 203.185.50.236#53(203.185.50.236)
;; WHEN: Mon Oct 18 22:07:16 2010
;; MSG SIZE rcvd: 31

[root@dns1 ~[10:07 PM]]#dig any mekeylife.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> any mekeylife.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56519
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 3

;; QUESTION SECTION:
;mekeylife.com. IN ANY

;; ANSWER SECTION:
mekeylife.com. 86400 IN A 203.185.50.236
mekeylife.com. 86400 IN MX 10 mail.mekeylife.com.
mekeylife.com. 86400 IN MX 20 mail2.mekeylife.com.
mekeylife.com. 86400 IN NS ns2.hongkefty.com.
mekeylife.com. 86400 IN NS ns1.hongkefty.com.
mekeylife.com. 86400 IN SOA ns1.hongkefty.com. root.mekeylife.com. 2010101406 28800 7200 604800 86400

;; ADDITIONAL SECTION:
mail.mekeylife.com. 86400 IN A 203.185.50.236
mail2.mekeylife.com. 86400 IN A 203.185.50.236
ns1.hongkefty.com. 86400 IN A 203.185.50.236

;; Query time: 0 msec
;; SERVER: 192.168.126.180#53(192.168.126.180)
;; WHEN: Mon Oct 18 22:07:37 2010
;; MSG SIZE rcvd: 225


nano /etc/resolv.conf

domain hongkefty.com
nameserver 192.168.126.180

The DNS server still cannot resolve from outside. Please help

 

Does your router forward port 53 (TCP and UDP) to your DNS server?

 

Could you check your /etc/bind/named.conf.options?

It seems that bind is only listening in localhost...


options {
directory "/var/cache/bind";
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; }; #only that
};

hope that helps