issues with dns not resolving

Discussion in 'Installation/Configuration' started by robbo007, Aug 7, 2024.

Page 1 of 2
  1. robbo007

    robbo007 New Member

    Hi guys,
    I've migrated my server from I-MSCP to ISPconfig. I've built a new Ubuntu server on new hardware and installed ISPConfig 3.2. All data was copied across and I've configured all the domains.

    On my old I-MSCP server my DNS records were using my external fixed IP address. I-MSCP control panel was setup with at that external address though the server is on an internal 192.168.10.2 ip address. My firewall is port forwarding to the server. The Bind dns entries for each virtual domain used the external IP and not the internal one.

    Can I do the same with ISPConfig? At present its all configured on an internal ip. I think this is the reason why my DNS is not resolving.
    Please advise.
    Thanks,
     
    robbo007, Aug 7, 2024
    #1
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Sure, you do exactly the same in ISPConfig. External IP is used in DNS records and internal IP would be used for websites, but as you use * today for sites (which is the default), the internal IP is not needed at all in ISPConfig.

    Then, you entered the wrong IP when creating the DNS records. You must use the external IP there, so exactly the same as in your old panel.
     
    till, Aug 7, 2024
    #2
  3. robbo007

    robbo007 New Member

    ok thanks.
    On the Control pannel:
    Do I need to change under System, Server the IP to the external one?
    Do I need to change under Syste, Server IP address to the external one?
     
    robbo007, Aug 7, 2024
    #3
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    No. Leave it as it is by default.

    No. Leave it as it is by default.

    When you create a DNS record, just enter your external IP address.
     
    till, Aug 7, 2024
    #4
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    Btw. The most common mistake users make when creating a DNS record is that they forget to add a dot of the end of any fully qualified domain, and the other issue is that when the nameserver of a zone is a subdomain of the same zone, then you must have an A-Record for that subdomain as well. E.g. when you have the zone example.com and the NS record of it is ns1.example.com and ns2.example.com, then you must have A-Records for NS1 and NS2 as well. But that's all explained in detail in the iSPConfig DNS tutorial from @Taleman https://www.howtoforge.com/tutorial/setting-up-your-own-name-service-with-ispconfig/
     
    till, Aug 7, 2024
    #5
    ahrasis and Taleman like this.
  6. robbo007

    robbo007 New Member

    thanks for the help. I've read through the how to for DNS and think I have everything correctly setup but its not working.

    Under the Zone settings on ISPConfig I have the NS set as:
    ns1.mydomain.com.

    Under the DNS on ISPConfig I have an A entry setup as:
    ns1.mydomain.com.
    xxx.xxx.xxx.xxx (my external IP)

    Under the NS record on ISPConfig I have
    mydomain.com.
    xxx.xxx.xxx.xxx (my external IP)
    I used to the wizard to create the records. That should resolve right? Not sure what I'm missing?
    Regards,
     
    robbo007, Aug 7, 2024
    #6
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    Post a screenshot of the records tab of the zone and also of the first tab., and take care you tested correctly if it works; this is done with the dig command. Run this on the shell of your DNS server:

    dig @localhost yourdomain.tld
     
    till, Aug 7, 2024
    #7
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    I just saw in your response that your NS Records points to an IP. NS Records always point to a name, so you have ns1.yourdomain.tld. in the data field of the NS record and your domain.tld. in the name field of the NS record. That's all not ISPConfig specific, by the way. You should have seen that in your old panel, too.
     
    till, Aug 7, 2024
    #8
  9. robbo007

    robbo007 New Member

    sosaria:~# dig @locahost robcraig.com
    dig: couldn't get address for 'locahost': failure
    root@sosaria:~# dig @localhost robcraig.com
    ;; communications error to ::1#53: timed out

    ; <<>> DiG 9.18.28-0ubuntu0.24.04.1-Ubuntu <<>> @localhost robcraig.com
    ; (2 servers found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 43200
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 1232
    ; COOKIE: ba1203aa350cc4810100000066b36ab6798ca1146ed90e2b (good)
    ;; QUESTION SECTION:
    ;robcraig.com. IN A

    ;; Query time: 4995 msec
    ;; SERVER: ::1#53(localhost) (UDP)
    ;; WHEN: Wed Aug 07 14:38:14 CEST 2024
    ;; MSG SIZE rcvd: 69
     

    Attached Files:

    robbo007, Aug 7, 2024
    #9
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    You have a typo in your query, its localhost and not locahost.
     
    till, Aug 7, 2024
    #10
  11. till

    till Super Moderator Staff Member ISPConfig Developer

    And your records are wrong. First, the second NS record is missing. Additionally, the existing NS record is wrong. The zone has not been created by the DNS wizard like this as the wizard always creates two NS records plus it does not set an IP address as data for the NS record, which is invalid and therefore rejected by BIND. You should reread the DNS tutorial I posted the link to.
     
    till, Aug 7, 2024
    #11
  12. robbo007

    robbo007 New Member

    Right deleted it all off and recreated following the guide more closely. How does this look now?
    Dig still gives me an error:
    sosaria:~# dig @localhost robcraig.com
    ;; communications error to ::1#53: timed out

    ; <<>> DiG 9.18.28-0ubuntu0.24.04.1-Ubuntu <<>> @localhost robcraig.com
    ; (2 servers found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 17695
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 1232
    ; COOKIE: 64307db09ccf6cd60100000066b37b3b9f7a2e77bd118f3f (good)
    ;; QUESTION SECTION:
    ;robcraig.com. IN A

    ;; Query time: 4994 msec
    ;; SERVER: ::1#53(localhost) (UDP)
    ;; WHEN: Wed Aug 07 15:48:43 CEST 2024
    ;; MSG SIZE rcvd: 69
     

    Attached Files:

    robbo007, Aug 7, 2024
    #12
  13. till

    till Super Moderator Staff Member ISPConfig Developer

    It looks better, but you missed adding the A-Record for ns2.
     
    till, Aug 7, 2024
    #13
  14. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    You do not have A record for ns2.
     
    Taleman, Aug 7, 2024
    #14
  15. robbo007

    robbo007 New Member

    I dont have a secondary NS server yet. Its running off one only. Don't think that should affect it not resolving ? I've added the entry to the same IP as NS1.
     
    robbo007, Aug 7, 2024
    #15
  16. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    If zone configuration is loaded despite this error, it should work.
     
    Taleman, Aug 7, 2024
    #16
  17. robbo007

    robbo007 New Member

    Dig is still failing.
    dig @localhost robcraig.com
    ;; communications error to ::1#53: timed out
     
    robbo007, Aug 7, 2024
    #17
  18. till

    till Super Moderator Staff Member ISPConfig Developer

    Post a screenshot so we can see which records you have now.
     
    till, Aug 7, 2024
    #18
  19. robbo007

    robbo007 New Member

    Here you go.
     

    Attached Files:

    robbo007, Aug 7, 2024
    #19
  20. robbo007

    robbo007 New Member

    I was checking my old imscp server bind config. Its running Ubuntu but an earlier version. The layout is very different :

    Code:
    $ORIGIN robcraig.com.
@    IN    SOA    ns1.robcraig.com. hostmaster.robcraig.com. (
    2024072805; Serial
    3H; Refresh
    1H; Retry
    2W; Expire
    1H; Minimum TTL
)
@        IN    NS    ns1
@        IN    A    185.237.182.250
ns1    IN    A    185.237.182.250
www        IN    CNAME    @
ftp        IN    A    185.237.182.250
@        IN    MX    10    mail
@        IN    TXT    "v=spf1 a mx -all"
mail    IN    A    185.237.182.250
imap    IN    A    185.237.182.250
pop        IN    A    185.237.182.250
pop3    IN    A    185.237.182.250
relay    IN    A    185.237.182.250
smtp    IN    A    185.237.182.250
; sub entries BEGIN
; sub [drwho.robcraig.com] entry BEGIN
$ORIGIN drwho.robcraig.com.
drwho.robcraig.com.    IN    MX    10 mail
drwho.robcraig.com.    IN    TXT    "v=spf1 include:robcraig.com -all"
mail.drwho.robcraig.com.    IN    A    185.237.182.250
imap.drwho.robcraig.com.    IN    A    185.237.182.250
pop.drwho.robcraig.com.    IN    A    185.237.182.250
pop3.drwho.robcraig.com.    IN    A    185.237.182.250
relay.drwho.robcraig.com.    IN    A    185.237.182.250
smtp.drwho.robcraig.com.    IN    A    185.237.182.250
drwho.robcraig.com.    IN    A    185.237.182.250
; sub OPTIONAL entries BEGIN
www.drwho.robcraig.com.    IN    CNAME    drwho.robcraig.com.
ftp.drwho.robcraig.com.    IN    A    185.237.182.250
; sub OPTIONAL entries ENDING
; sub [drwho.robcraig.com] entry ENDING
; sub [apple2.robcraig.com] entry BEGIN
$ORIGIN apple2.robcraig.com.
apple2.robcraig.com.    IN    MX    10 mail
apple2.robcraig.com.    IN    TXT    "v=spf1 include:robcraig.com -all"
mail.apple2.robcraig.com.    IN    A    185.237.182.250
imap.apple2.robcraig.com.    IN    A    185.237.182.250
pop.apple2.robcraig.com.    IN    A    185.237.182.250
pop3.apple2.robcraig.com.    IN    A    185.237.182.250
relay.apple2.robcraig.com.    IN    A    185.237.182.250
smtp.apple2.robcraig.com.    IN    A    185.237.182.250
apple2.robcraig.com.    IN    A    185.237.182.250
; sub OPTIONAL entries BEGIN
www.apple2.robcraig.com.    IN    CNAME    apple2.robcraig.com.
ftp.apple2.robcraig.com.    IN    A    185.237.182.250
; sub OPTIONAL entries ENDING
; sub [apple2.robcraig.com] entry ENDING
; sub [sosaria.robcraig.com] entry BEGIN
$ORIGIN sosaria.robcraig.com.
@    IN    MX    10 mail
@    IN    TXT    "v=spf1 include:robcraig.com -all"
mail    IN    A    185.237.182.250
imap    IN    A    185.237.182.250
pop        IN    A    185.237.182.250
pop3    IN    A    185.237.182.250
relay    IN    A    185.237.182.250
smtp    IN    A    185.237.182.250
@    IN    A    185.237.182.250
; sub OPTIONAL entries BEGIN
www    IN    CNAME    @
ftp    IN    A    185.237.182.250
; sub OPTIONAL entries ENDING
; sub [sosaria.robcraig.com] entry ENDING
; sub [{SUBDOMAIN_NAME}] entry BEGIN
; sub [{SUBDOMAIN_NAME}] entry ENDING
; sub entries ENDING
     
    Last edited: Aug 7, 2024
    robbo007, Aug 7, 2024
    #20
Page 1 of 2

Share This Page