Hi There, My old provider, "Plusnet" has now stopped its business side, and I have had to go with a new provider. Unfortunately, the block of IP addresses has also changed. I am running my own nameservers and have changed the corresponding DNS records as required. I have had my domain registrar alter my glue records to correspond to my new ns1 and ns2 IP addresses. I have redirected all incoming traffic into my router to the appropriate local server IP address. But still, when I do a dig command, I get the old IP address, and the site name is not resolving. However, I can reach my server using the public IP address. Have I missed something that I should change to get it all working again? Many thanks
How long ago did you change your dns records and glue records? It can take up to 24 to 48 hours for these changes to take effect.
Try dig command with specifying what name server it gets the data from. Then check what name server the host where you use dig uses by default. My signature has link to DNS tutorial, it explains troubleshooting name service issues.
Unfortunately, you didn't reveal, how exactly the dns records were changed. As i know, the main issue: - to delete completely previous binding of the pair: ns1 - <your-ip>, ns2 - <your-ip>, - on the registrar side. Which Registrar are you mentioning? Moreover, be sure of a proper configuration on side of the server for: (centos 7 example) /etc/resolv.conf /etc/hosts /etc/hostname {new_server.domain.name} cd /var/named (for descriptive reasons) dns1, dns2 - previous records; ns1, ns2 - new records. sed -i 's|dns1.domain.name|ns1.domain.name|' ./pri.* sed -i 's|dns2.domain.name|ns2.domain.name|' ./pri.* sed -i 's|old_server.domain.name|new_server.domain.name|' ./pri.* /etc/httpd/conf/httpd.conf: (Apache) ServerAdmin ServerName Additionally /etc/postfix/main.cf verify, that it was updated should be changed automatically myhostname = mydestination = /etc/amavisd/amavisd.conf: $mydomain $myhostname /etc/mailman/mm_cfg.py: DEFAULT_EMAIL_HOST DEFAULT_URL_HOST
Hi Taleman. Thank you for the info. Sorry for the delay in response. My domain provider's DNS is 156.154.100.3, and when I do a dig using their servers dig @156.154.100.3 myhost.com, it gives the correct information. But when I do a dig command any using other DN servers, @8.8.8.8 myhost.com, I get the incorrect info b. I'm convinced that my internet supplier had incorrectly routed my new IP addresses via my old IP addresses. So, in an attempt to fix it, THEY have decided to issue me with a new set of IP addresses to see if that fixes the problem. I will keep this thread informed.
UPDATE: SEEMS, you have just showed namely ip address of the hosting company... Anyway, i recommend you use traceroute to understand, which step goes falsy. And trying to make a query from your own server will execute just a domestic lookup. <end_of_update> Sorry, that interfere (because i am not the Taleman). You will always get correct reply whilst querying from your own server. Try to use any other unrelated server. Having used 'nslookup', i do receive: nslookup 156.154.100.3 Code: 3.100.154.156.in-addr.arpa name = nsa.nic.uk. Authoritative answers can be found from: 100.154.156.in-addr.arpa nameserver = pdns5.ultradns.info. 100.154.156.in-addr.arpa nameserver = pdns6.ultradns.co.uk. 100.154.156.in-addr.arpa nameserver = pdns1.ultradns.net. 100.154.156.in-addr.arpa nameserver = pdns2.ultradns.net. 100.154.156.in-addr.arpa nameserver = pdns3.ultradns.org. 100.154.156.in-addr.arpa nameserver = pdns4.ultradns.org. Then, Expand: traceroute nsa.nic.uk traceroute to nsa.nic.uk (156.154.100.3), 30 hops max, 60 byte packets 1 static.my.back.order.ip.clients.your-server.de (in.direct.order.ip) 0.380 ms 0.362 ms 0.344 ms 2 213-239-252-197.clients.your-server.de (213.239.252.197) 0.389 ms 0.347 ms 1.652 ms 3 core3.sto.hetzner.com (213.239.252.226) 6.452 ms core3.sto.hetzner.com (213.239.224.17) 8.303 ms 8.291 ms 4 netnod-ix-ge-b-sth-1500.llnw.com (194.68.128.167) 6.128 ms 6.373 ms netnod-ix-ge-a-sth-1500.llnw.com (194.68.123.167) 16.014 ms 5 ve5.fr3.arn1.llnw.net (69.28.172.129) 6.743 ms ultradns.p1-13-10g.fr3.arn1.llnw.net (87.248.192.47) 6.630 ms ve5.fr3.arn1.llnw.net (69.28.172.129) 6.623 ms 6 * * ultradns.p1-13-10g.fr3.arn1.llnw.net (87.248.192.47) 7.464 ms 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * * Expand: traceroute 156.154.100.3 traceroute to 156.154.100.3 (156.154.100.3), 30 hops max, 60 byte packets 1 static.my.back.order.ip.clients.your-server.de (in.direct.order.ip) 0.430 ms 0.429 ms 0.414 ms 2 213-239-252-197.clients.your-server.de (213.239.252.197) 0.478 ms hos-tr4.ex3k51.rz6.hetzner.de (213.239.252.193) 5.351 ms 213-239-252-197.clients.your-server.de (213.239.252.197) 0.348 ms 3 core3.sto.hetzner.com (213.239.245.70) 7.477 ms 7.503 ms core3.sto.hetzner.com (213.239.252.226) 6.634 ms 4 netnod-ix-ge-b-sth-1500.llnw.com (194.68.128.167) 6.427 ms 6.418 ms netnod-ix-ge-a-sth-1500.llnw.com (194.68.123.167) 8.004 ms 5 ve5.fr3.arn1.llnw.net (69.28.172.129) 7.002 ms ultradns.p1-13-10g.fr3.arn1.llnw.net (87.248.192.47) 7.731 ms ve5.fr3.arn1.llnw.net (69.28.172.129) 7.331 ms 6 * * ultradns.p1-13-10g.fr3.arn1.llnw.net (87.248.192.47) 8.076 ms 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * * As i understand, after the step with your hoster ultradns.p1-13-10g.fr3.arn1.llnw.net (87.248.192.47) 8.076 ms it's unable to find out a proper route, where your records reside.
correctly executed request would be looking like: traceroute some.my.working.server_ip Code: traceroute to <my_ip> (<my_ip>), 30 hops max, 60 byte packets 1 static.my.back.order.ip.clients.your-server.de (in.direct.order.ip) 0.332 ms 0.314 ms 0.298 ms 2 hos-tr4.ex3k51.rz6.hetzner.de (213.239.252.193) 0.396 ms 0.331 ms 213-239-252-197.clients.your-server.de (213.239.252.197) 0.303 ms 3 core40.sto.hetzner.com (213.239.224.58) 6.163 ms core3.sto.hetzner.com (213.239.224.22) 6.153 ms core40.sto.hetzner.com (213.239.224.62) 6.134 ms 4 core10.ams.hetzner.com (213.239.252.217) 28.217 ms core2.ams.hetzner.com (213.239.245.173) 27.864 ms core10.ams.hetzner.com (213.239.252.217) 28.193 ms 5 core7.lon.hetzner.com (213.239.245.222) 43.353 ms 43.416 ms 43.409 ms 6 * * * 7 i-1001.ulhc-core02.telstraglobal.net (202.84.178.70) 35.379 ms 37.369 ms i-1008.ulcn-core01.telstraglobal.net (202.84.178.13) 35.221 ms 8 * * i-1000.sgcn-core01.telstraglobal.net (202.84.140.141) 270.413 ms 9 i-1000.sgcn-core01.telstraglobal.net (202.84.140.141) 270.387 ms 202.84.244.41 (202.84.244.41) 262.873 ms 264.848 ms 10 * * i-92.sggs01.telstraglobal.net (202.84.219.173) 267.808 ms 11 * * * 12 * * * 13 * * * 14 sin-sgcs2-g2-nc5.sgp.asia (103.5.15.17) 180.697 ms * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * <reversed_tracerouted_ip> (<tracerouted_ip>) 181.354 ms
Verify the name servers of your domain are correctly registered (see dns tutorial, link in my signature). Use for example command whois, and read the name server lines. For example: Code: whois howtoforge.com
I have a new set of IP addresses I have asked my domain provider to implement the new changes domain = gregson.me.uk IP =72.27.140.48 ns1=gregson.me.uk IP 72.27154.49 ns1=gregson.me.uk IP 72.27154.50 However, it's still not propagating. I thought it might have something to do with 13 (ECDSAP256SHA256) setting, but the DNSSEC DS-Data for registry entry is showing blank. I've tried following Th0m's tutorial to change my current Algorithms but these settings are beyond my understanding, I am informed this is where all DNSSEC Algorithms are heading. I can get a result from dig @156.154.103.3 gregson.me.uk but nothing from any other server i.e. 8.8.8.8 --- As before, all A records have been altered in the DNS zones. PS Many thanks to Taleman AND Alex
Looks like your dns servers are unresponsive. Which more or less results in your domain being non-existent on the internet. Trying to connect using nslookup times out. Did you open the proper ports in your firewall (network and if applicable server)? Is the dns service running without errors?
Looked a bit further into it. Because your nameservers have hostnames within your own domain you need glue records. Are those created in me.uk? If not then it will never work. Btw. I tried nslookup using the ip, not hostname. Nslookup can't connect so there's something wrong there. Traceroute has no problems so it's not a routing issue.
Glue records do exist Code: # dig +short me.uk. NS nsa.nic.uk. nsb.nic.uk. nsc.nic.uk. nsd.nic.uk. dns1.nic.uk. dns2.nic.uk. dns3.nic.uk. dns4.nic.uk. # dig +noall +authority +additional +norecurse @dns1.nic.uk. NS gregson.me.uk. gregson.me.uk. 172800 IN NS ns1.gregson.me.uk. gregson.me.uk. 172800 IN NS ns2.gregson.me.uk. ns1.gregson.me.uk. 172800 IN A 72.27.140.49 ns2.gregson.me.uk. 172800 IN A 72.27.140.50 But your nameservers fail Code: # dig +noall +authority +additional +norecurse @ns1.gregson.me.uk. NS gregson.me.uk. dig: couldn't get address for 'ns1.gregson.me.uk.': failure # dig +noall +authority +additional +norecurse @72.27.140.49 NS gregson.me.uk. ;; connection timed out; no servers could be reached # dig +noall +authority +additional +norecurse @ns2.gregson.me.uk. NS gregson.me.uk. dig: couldn't get address for 'ns2.gregson.me.uk.': failure # dig +noall +authority +additional +norecurse @72.27.140.50 NS gregson.me.uk. ;; connection timed out; no servers could be reached So your problem is that your dns ports are closed or not responding properly.
I saw you looking into several dnssec posts. That's not where your problem is. Your nameservers cannot be reached / aren't responding at all. Regarding dnssec: No DS records exist in me.uk for your domain. So if you have dnssec enabled you might as well disable it or make sure the correct DS records are created in me.uk. But again, that won't solve any of your current problems.
Hi remkoh Thank you for the effort you have put into this. This is only a hobby for me, so I don't mind telling you I'm in over my head. Before I changed my internet provider, this was all working fine. All I have done is change my IP address. Although I have changed my A records etc and glue records etc.. I'm still no further forward. Would deleting the DNS zone and recreating it help? I would hope that deleting any wrongly created DNS records will be removed, and recreating them will resolve the issue. What do you think?
Even if your DNS zone would be incorrect your server should stil be reachable. Which it is not currently. Isn't it as simple as the service not listening on the correct ip? Just listening on 127.0.0.1 only instead of 0.0.0.0 (all ip's) for example.
What is the output of this? Code: netstat -nap|grep 'named' (assuming you're using bind/named as DNS service)
~# netstat -nap|grep 'named' tcp 0 0 192.168.61.70:53 0.0.0.0:* LISTEN 526/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 526/named tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 526/named tcp6 0 0 :::53 :::* LISTEN 526/named tcp6 0 0 ::1:953 :::* LISTEN 526/named udp 0 0 192.168.61.70:53 0.0.0.0:* 526/named udp 0 0 127.0.0.1:53 0.0.0.0:* 526/named udp6 0 0 :::53 :::* 526/named unix 2 [ ] DGRAM 16626 526/named
