ISPConfig 3 DNS not working for remote domains

I'm getting Query Status: REFUSED for some reason. Ideas?


Plain dig shows root servers don't show up

Code:

ns4:~# dig

; <<>> DiG 9.5.1-P1 <<>>
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 8802
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;.				IN	NS

;; Query time: 0 msec
;; SERVER: 65.170.133.11#53(65.170.133.11)
;; WHEN: Wed Mar 18 10:53:15 2009

dig for google.com gives no answer

Code:

ns4:~# dig google.com

; <<>> DiG 9.5.1-P1 <<>> google.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 4673
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;google.com.			IN	A

;; Query time: 0 msec
;; SERVER: 65.170.133.11#53(65.170.133.11)
;; WHEN: Wed Mar 18 10:53:56 2009
;; MSG SIZE  rcvd: 28

dig for one of the domains set up on the MyDNS server returns proper answer

Code:

ns4:~# dig sysmatrix.net

; <<>> DiG 9.5.1-P1 <<>> sysmatrix.net
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6895
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;sysmatrix.net.			IN	A

;; ANSWER SECTION:
sysmatrix.net.		38400	IN	A	65.170.133.11

;; AUTHORITY SECTION:
sysmatrix.net.		38400	IN	NS	ns1.sysmatrix.net.
sysmatrix.net.		38400	IN	NS	ns2.sysmatrix.net.
sysmatrix.net.		38400	IN	NS	ns3.sysmatrix.net.

;; ADDITIONAL SECTION:
ns1.sysmatrix.net.	38400	IN	A	65.170.133.21
ns2.sysmatrix.net.	38400	IN	A	65.170.133.41
ns3.sysmatrix.net.	38400	IN	A	65.170.133.54

;; Query time: 1 msec
;; SERVER: 65.170.133.11#53(65.170.133.11)
;; WHEN: Wed Mar 18 10:54:29 2009
;; MSG SIZE  rcvd: 149

;; MSG SIZE rcvd: 17
[/code]

Code:

 

Can I use BIND9 not Mydns for perfect debian 5.0 setup with ispconfig and not install webmail?

 

That's ... annoying.

As an ISP we need to provide a fully functional nameserver for our customers. So, the only way to do that is to run a separate instance of bind9 on another server as an in-house resolver --- or steal someone else' DNS bandwidth to use them as a resolver.

I suppose we can set up ISPConfig with MyDNS on the master ISPC server and run bind9 in slave mode on other servers with zone transfers enabled to have fully functioning nameserver(s) available for our customers.

 

DNSmasq installed, DNS not resolving

Hello,

I installed DNSmasq.. Then I broke something and had to adjust some settings in my named.conf.options file so that DNSmasq would not return error: "failed to bind".

Details:

auth-nxdomain no; # conform to RFC1035
listen-on { 98.142.210.0/24; }; #attempt to fix dnsmasq
listen-on-v6 { ip6-localhost; };
(from http://tjworld.net/wiki/Linux/DnsMasqAddressAlreadyInUse)

So now DNSmasq runs without error, but when I set hosteddomain.tld to ns1.serverdomain.tld and ns2.serverdomain.tld, I get a Page Load Error like the domain isn't resolving. I believe I've done everything I can to configure properly:

1.) Installed DNSmasq per
www.howtoforge.com/mydns_mydnsconfig_dnsmasp_on_ubuntu_edgy
(have double checked all config files)

2.) Setup host summary at GoDaddy per
http://www.howtoforge.com/ispconfig_dns_godaddy

2.) Set up DNS in ISPconfig 3 per screen shots in
http://www.howtoforge.com/forums/showthread.php?t=27030

4.) Setup hosteddomain.tld in 'Sites'.

3.) Now, when I..
dig @ns1.serverdomain.tld any hosteddomain.tld

Returns:

; <<>> DiG 9.5.1-P2 <<>> @ns1.serverdomain.tld any hosteddomain.tld
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 57766
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;hosteddomain.tld. IN ANY

;; Query time: 16 msec
;; SERVER: *serverip*#53(*serverip*)
;; WHEN: Tue Jul 7 22:07:31 2009
;; MSG SIZE rcvd: 37

This appears to not answer? Domain does not resolve. I think I'm out of things to configure, and I believe I've configured everything properly. Should this work or am I off base completely on running DNS in ISPconfig 3?

I know this is strictly DNS related because if I switch to use GD default nameservers the site resolves.

Thanks, I have found all the support here to be incredibly helpful.

 

netstat -tap | grep dns

server1:~# netstat -tap | grep dns
tcp 0 0 localhost.locald:domain *:* LISTEN 3115/dnsmasq

I've been on this for a couple of days, so my head is kind of spinning, but this looks like I haven't configured myDNS properly?

 

myDNS not really starting

Thanks for showing me where the issue is! For some reason, even though /etc/init.d/mydns start/restart/stop appears to work, when I check my active processes, I don't see myDNS anywhere. I reconfigured with the newest version, and although myDNS will say it's starting, it doesn't, so I'm attempting to work that out. At least I don't have to focus on dnsmasq or the way I've set my configurations, now that I know the problem lies with myDNS. Any additional suggestions would also be appreciated, though I'm currently researching what may cause this behavior now.

 

Are there any errors in your logs? Did you configure MyDNS to not listen on localhost.localdomain (since dnsmasq is listening there)?

 

Reverse Dns

Yes, I configured myDNS to not listen when I was setting up dnsmasq. I think I've been barking up the wrong tree, though. I reinstalled Debian 5.0 and set everything up from scratch, and I still ran into the same issue. Then it occurred to me, that I never submitted a request to get Reverse Dns setup with my host, which I've now done. I check logs and saw no errors with myDNS. I'm correct in that Reverse DNS must be setup for nameservers to resolve properly, right? Thanks for all your help, and I'm pretty sure that everything was setup correctly per your many tutorials and that this was just an oversight on my part, though it will take awhile for Reverse DNS to propagate so that I know.

 

Query status refused problem

Hi,

I cannot get mydns to work. I have latest ispconfig3. I include below if someone can please help me. I am a newbie. Thanks in advance.

server1:~# dig @localhost www.[I]mydomain[/I].com

; <<>> DiG 9.5.1-P3 <<>> @localhost www.[I]mydomain[/I].com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 40819
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.[I]mydomain[/I].com. IN A

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Sep 29 18:09:30 2009
;; MSG SIZE rcvd: 36


server1:~# netstat -tap | grep dns
getnameinfo failed
tcp 0 0 server1.mydomain:domain *:* LISTEN 1792/mydns
tcp 0 0 localhost.locald:domain *:* LISTEN 1191/dnsmasq
tcp6 0 0 [UNKNOWN]:domain [::]:* LISTEN 1792/mydns

 

I have tried with ip address and this is what I got

server1:~# dig @IPADDRESS www.mydomain.com

; <<>> DiG 9.5.1-P3 <<>> @IPADDRESS www.mydomain.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 31506
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: Messages has 476 extra bytes at end

;; QUESTION SECTION:
;www.mydomain.com. IN A

;; Query time: 0 msec
;; SERVER: IPADDRESS#53(IPADDRESS)
;; WHEN: Tue Sep 29 20:17:12 2009
;; MSG SIZE rcvd: 512

 

I have started over and done complete reinstall. I see something funny here: tcp6 0 0 ::1%3217472056:domain. I also keep getting REFUSED when using dig to check my server. I don't know where I go wrong as I follow the tutorials and do not get any errors during the install. I have also added the ns1 and ns2 entries at my domain registrar pointing to the server ip address. I have added reverse dns pointing to mydomain.com.

It seems that I cannot make queries to my own server? I think I do not have the experience to see what's wrong. I'm stuck. Till can you please help me. Where to from here. I moved from shared hosting to vps and my site is down.

tcp 0 0 server1.mydomain:domain *:* LISTEN
13200/mydns
tcp 0 0 localhost.locald:domain *:* LISTEN
13200/mydns
tcp6 0 0 ::1%3217472056:domain [::]:* LISTEN
13200/mydns

I can dig google ok. Nothing works for the domain that I added tho. Have tried dig with ip address also.

server1:~# dig @localhost mydomain.com

; <<>> DiG 9.5.1-P3 <<>> @localhost mydomain.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 13195
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;mydomain.com. IN A

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Sep 30 14:23:26 2009
;; MSG SIZE rcvd: 32

 

I managed to get it fixed.

Thank you

 

why *.*.tld?

*.*.com. or *.com. is right... ?