So I can't get my custom DNS working and purchased priority support. This is my zone file: Code: $TTL 3600 @ IN SOA ns1.mydomain.com. some.otherdomain.com. ( 2017081626 ; serial, todays date + todays serial # 7200 ; refresh, seconds 540 ; retry, seconds 604800 ; expire, seconds 3600 ) ; minimum, seconds ; mydomain.com. 3600 A 1.2.3.4 mail 3600 A 1.2.3.4 ns1 3600 A 1.2.3.4 ns2 3600 A 1.2.3.4 www 3600 A 1.2.3.4 mydomain.com. 3600 MX 10 mail.mydomain.com. mydomain.com. 3600 NS ns1.mydomain.com. mydomain.com. 3600 NS ns2.mydomain.com. named-checkzone says I'm OK. Glue records should be fine (ns1/2 pointing to the IP).
Hi Till, No, it wasn't. I opened /etc/bind/named.conf.local and added include "/etc/bind/pri.mydomain.com"; (ISPConfig generated that file so I included it) Then I did /etc/init.d/bind9 restart (Edit: I rebooted the whole machine). Still no effect though. named.conf.local is included in named.conf too. Not sure if you do this around here but I can PM you, then I can write a full how-to.
You should not add that line manually, I just asked if it was there, there are good reasons when it is not added The line is not added when BND rejected the DNS tone that you created. Please undo your manual change. Just a guess, you enabled dnssec but your server does not have enough entropy to create the dnssec key. Install the Linux package 'haveged' on your server (with apt / yum), then change something in the zone like adding another A-record in ISPConfig and press save. Wait 2 minutes and check if the zone works now.
Then you can use the debug mode to find out why the zone can't be enabled. https://www.faqforge.com/linux/debugging-ispconfig-3-server-actions-in-case-of-a-failure/
Indeed it says I'm low on entropy and I should install haveged. Looking at your Git, I should probably mention that my version is 3.1.5.
There are no issues with that function in 3.1.5. Start or restart haveged, then edit sometjing in the zone and check if it gets created now.
I made sure that haveged is enabled by executing systemctl enable haveged && systemctl start haveged. Still I'm getting the error though (DNSSEC ERROR: We are low on entropy. Not generating new Keys for [domain]. Please consider installing package haveged.) I disabled DNSSEC temporarily but this doesn't seem to resolve the issue.
Now it gets included in named.conf.local. But MX Toolbox still reports a loop and the site still doesn't work.
DNS: Use intodns.com to check the dns for this domain. Email: To check the email system, login to the mailbox of this domain that you created in ISPConfig with webmail and send an email to the same address. It should arrive within 1 minute inside webmail. If thats the case, then the mail system is working properly on the server itself.
I am not concerned with MX specifically, my trouble is that my website is not working. MXToolbox can output that message for any kind of checks, not just MX. Essentially I have 2 child NS, both pointing to the same IP. On my server, I have A and NS records for my domain with the correct values (to my knowledge, which you confirmed after the first post). dig is acting up weird now. root@withheld:~# dig @localhost mydomain.com ; <<>> DiG 9.10.3-P4-Ubuntu <<>> @localhost mydomain.com ; (1 server found) ;; global options: +cmd ;; connection timed out; no servers could be reached IntoDNS shows way too much things I don't want to believe, such as my server not being responsive while I can open some pages on it I recently switched from my old control panel to ISPConfig and I'm still trying to get ahold of things. Thank you for being so patient with me.
Ok, that was pretty obvious, and no, it wasn't started. I added it to my startup. Things seem to be working now. I've anonymized the domains and IPs in the thread. Thanks so much for helping out, thread resolved.
