[SOLVED]Novice DNS information Hi All, After successfully following instructions to install Debian Wheezy with ISPConfig 3 with one of the Perfect server guides I'm hitting a roadblock. We're hosted at digitalocean (with 1 public IP) and would like to act as a hosting provider (website, email, ftp mainly) I'd like to point out for this question I'm talking about mymaintestdomain.com and a client domain say - clientdomain.com I'm also talking about a test droplet on digital ocean (199.199.0.1) and what's to become a production droplet (199.199.0.2) After setting up I changed the domain ns servers (on godaddy) from Godaddy's default to ns1.digitalocean.com and ns2.digitalocean.com This worked great for a single website with 1 domain (on the test droplet). We'd like to have several websites (/ domains) on the one digital ocean droplet (hence IP) So I created a 2nd droplet (without assigning a domain to it), configured ISPconfig 3. (nginx) I created a site for the test client (assigning mymaintestdomain.com ) to it. I created a custom host on Goddaddy pointing to our IP. Let's say ns1 and ns2 both pointing towards our IP add (2nd droplet: 199.199.0.2) Then set Godaddy's ns servers to ns1.mymaintestdomain.com and ns2.mymaintestdomain.com I waited 8, 24, 48hrs and more and eventually mymaintestdomain.com stopped responding. Even pings failed. I could not ping ns1.mymaintestdomain.com (or ns2) either. So I'm trying to understand where the fault lies (or I forgot something) Can someone tell me also if I understood correctly how the dns works accessing domain.com -> check ns of domain.com -> forward as appropriate to proper server in dns records -> server with ispconfig receive request -> checks domain asked for and redirects to the files in the proper client/site structure ? Thanks Code: ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** IP-address(es) (as per ifconfig): ***.***.***.***, ***.***.***.*** [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.0.5.4p3 ##### VERSION CHECK ##### [INFO] php (cli) version is 5.4.4-14+deb7u14 ##### PORT CHECK ##### [WARN] Port 443 (Webserver SSL) seems NOT to be listening ##### MAIL SERVER CHECK ##### ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Nginx (PID 4366) [INFO] I found the following mail server(s): Postfix (PID 3823) [INFO] I found the following pop3 server(s): Dovecot (PID 3452) [INFO] I found the following imap server(s): Dovecot (PID 3452) [INFO] I found the following ftp server(s): PureFTP (PID 3865) ##### LISTENING PORTS ##### (only () Local (Address) [anywhere]:110 (3452/dovecot) [anywhere]:143 (3452/dovecot) [anywhere]:8080 (4366/nginx) [anywhere]:80 (4366/nginx) [anywhere]:8081 (4366/nginx) [anywhere]:465 (3823/master) [anywhere]:21 (3865/pure-ftpd) ***.***.***.***:53 (2275/named) ***.***.***.***:53 (2275/named) [localhost]:53 (2275/named) [anywhere]:22 (3879/sshd) [anywhere]:25 (3823/master) [localhost]:953 (2275/named) [anywhere]:993 (3452/dovecot) [anywhere]:995 (3452/dovecot) [localhost]:10024 (2207/amavisd-new) [localhost]:10025 (3823/master) [anywhere]:3306 (3342/mysqld) [anywhere]:587 (3823/master) [localhost]:11211 (2976/memcached) [localhost]10 (3452/dovecot) [localhost]43 (3452/dovecot) *:*:*:*::*:465 (3823/master) *:*:*:*::*:21 (3865/pure-ftpd) *:*:*:*::*:53 (2275/named) *:*:*:*::*:22 (3879/sshd) *:*:*:*::*:25 (3823/master) *:*:*:*::*:953 (2275/named) *:*:*:*::*:993 (3452/dovecot) *:*:*:*::*:995 (3452/dovecot) *:*:*:*::*:587 (3823/master) ##### IPTABLES ##### Chain INPUT (policy ACCEPT) target prot opt source destination fail2ban-dovecot-pop3imap tcp -- [anywhere]/0 [anywhere]/0 multiport dports 110,995,143,993 fail2ban-pureftpd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 21 fail2ban-sasl tcp -- [anywhere]/0 [anywhere]/0 multiport dports 25 fail2ban-ssh tcp -- [anywhere]/0 [anywhere]/0 multiport dports 22 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain fail2ban-dovecot-pop3imap (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain fail2ban-pureftpd (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain fail2ban-sasl (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain fail2ban-ssh (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0
Most likely a issue in the zonefile of mymaintestdomain.com. Please run this command on the server where you host the dns for mymaintestdomain.com: dig @localhost mymaintestdomain.com a common mistake is that no a-records for ns1.mymaintestdomain.com and ns2.mymaintestdomain.com were added in the zone mymaintestdomain.com. These a-records are nescessary when you use subdomains of the same zone as ns records. so they are not required when you used the digitalocean dns servers but you need them when you run your own dns.
Hi, Thanks for the incredibly fast reply. In the mean time i switched the ns back to ns1.digitalocean.com and ns2.digitalocean.com just to see if there was something else that had changed. Upon doing so it's now pointing to a totally seperate droplet than the one intended. I'll switch it back to ns1.mymaintestdomain.com and ns2.mymaintestdomain.com Here's the dig you asked from I think you're right I don't recall an A record before the switch back to ns1.digitalocean.com Should my next steps be: 1. Switch back to ns1/ns2.mytestdomain.com 2. Add A records pointing to the IP of my droplet? Where should I add the A records? In Godaddy it says that the zone file isn't accessible because of the custom NS Should it be done on ISPConfig's 3 DNS>Add new DNS zone with wizard (adding mytestdomain.com) > edit same domain adding a A record? Currently there already are dns records with A names too in there. Or should it be done on digitalocean for the droplet hosting ISPconfig3? Please see ISPConfig current DNS zone file. Code: ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @localhost mymaintestdomain.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36393 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;mymaintestdomain.com. IN A ;; ANSWER SECTION: mymaintestdomain.com. 1800 IN A 1##.###.16.221 ;; AUTHORITY SECTION: mymaintestdomain.com. 157878 IN NS ns2.digitalocean.com. mymaintestdomain.com. 157878 IN NS ns1.digitalocean.com. ;; ADDITIONAL SECTION: ns1.digitalocean.com. 157878 IN A 1##.###.58.51 ns2.digitalocean.com. 157878 IN A 1##.###.59.41 ;; Query time: 101 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Sep 2 10:27:04 2014 ;; MSG SIZE rcvd: 128
The next steps should be: 1) Add the two missing a-records for ns1 and ns2 inside of this zone in ispconfig. bind will not losd the current config as its incomplete and therefor it did not work the last time. 2) then wait 1 minute until ispconfig has written down the new config and check again with the dig command. it should return your own ns servers then. If thats ok, then you can switch the dns server at the domain registry.
I'm sorry I'm requiring so much handholding. I appreciate your help a lot. To be sure. should I add a A record in ISPconfig mapping ns1.mytestdomain.com. and ns2.mytestdomain.com. (trailing . ) to ###.###.###.### (the IP of the droplet hosting ISPconfig) I did it as per attached file. I'll gave it a few mins and it indeed is showing ns1/2.mytestdomain.com pointing to the droplet IP. Now for the final test... changing my NS to ns1/2.mytestdomain.com on Godaddy and waiting hours/days for propagation. I'll update as and when that happens
Hi, Good news all is working thanks to you. <3 Now I'd like to point out something: When I was setting up new sites apparently nginx was not setting up properly. Until I changed (rather uncommented) in /etc/nginx/nginx.conf Code: [...] server_names_hash_bucket_size 64; [...] Is that ok to do? I followed the instructions scrupulously but this was missing. Before that change I got this error: Code: # nginx did not start after modifying this vhost file. # Please check file /etc/nginx/sites-available/mytestdomain.com.vhost.err for synta x errors. After uncommenting the line and reloading nginx my server was no longer serving any webpages. Be it on port 80, 8080, 8081. I had to issue a reboot of the server for it to work again. I realise this is a bit off topic. But do you think this will have a consequence down the line? Do you know why I had to uncomment that line? Thanks
