Sub domain under ispconfig

Discussion in 'General' started by Oitsuki, Jul 6, 2018.

Tags:
  1. Oitsuki

    Oitsuki Member

    I'm trying to create a sub domain under ispconfig 3
    My process : In website I created a new website with this element
    Domain : demo2.mydomain.com
    Auto-Subdomain : none


    My DNS I Added in mydomain.com

    type : A
    Hostname : demo2.mydomain.com.
    my ip : server ip
    TTL : 3600
    active

    Where is my error because I tried to access at subdomain https://demo2.mydomain.com but I have nothing it'ds like the subdomain does'nt exist.

    Tk
     
    Last edited: Jul 7, 2018
  2. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    Did you put A record for demo.mydomain.com in your mydomain.com dns settings? Try to dig demo.mydomain.com and see whether its A record has been properly resolved.
     
  3. Oitsuki

    Oitsuki Member

    yes my sub domainis under A record for th dns
    A : demo2.mydomain.com
    A : mydomain.com

    Auto-Subdomain : none is correct ?
    How to know A record has been properly resolved ?
    I tested with that : https://dnschecker.org/ ==> nothing ; It's like it does'nt want to send information
     
    Last edited: Jul 7, 2018
  4. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

     
  5. Oitsuki

    Oitsuki Member

    the result


    dig demo2.mydomain.com

    ; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> demo2.mydomain.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11111
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ; COOKIE: 261d75796009faf126a304235b402673d3b2f4383141fe86 (good)
    ;; QUESTION SECTION:
    ;demo2.mydomain.com. IN A

    ;; AUTHORITY SECTION:
    mydomain.com. 3600 IN SOA nsxxxx.ip-XX-XX-XXX.eu. xxx.xxxxxxx1.xxxxx.fr. 2018063001 7200 540 604800 86400

    ;; Query time: 1 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Sat Jul 07 02:33:23 UTC 2018
    ;; MSG SIZE rcvd: 160
     
  6. Oitsuki

    Oitsuki Member

    Well if someone can help, it will be great.
    Tk

    I changed in etc/bind9
    Code:
    nano.pri.mydomain.com
    and add
    Code:
    demo2.mydomain.com. 3600  NS        94.xx.xxx.34.
    
    and
    Code:
    /etc/init.d/bind 9 restart
    also in ipsconfig I changed in website / mydomain.com
    Code:
    Auto-Subdomain : .*[code]
    
    make resync on DNS also.
    
    But it does not find https://demo2.mydomain.com
    
    other information with dig
    [code]
    dig mydomain.com
    
    root@nsxxx677:/etc/bind# dig dmydomain.com
    ; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> mydomain.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44807
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ; COOKIE: 89b964d26663b0b5a804e5575b437da4f9e1a9e11b62edbf (good)
    ;; QUESTION SECTION:
    ;mydomain.com.       IN   A
    
    ;; ANSWER SECTION:
    mydomain.com.   3600   IN   A   94.xx.xxx.34
    
    ;; AUTHORITY SECTION:
    mydomain.com.   3600   IN   NS   ns.kimsufi.com.
    mydomain.com.   3600   IN   NS   94.xx.xxx.34.
    
    ;; Query time: 0 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Mon Jul 09 15:22:12 UTC 2018
    ;; MSG SIZE  rcvd: 143
    
    root@nsxxx677:/etc/bind# dig demo2.mydomain.com
    
    ; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> demo2.mydomain.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 54232
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ; COOKIE: 8d67469374112602b8818ea45b437db53f87e5b87d723369 (good)
    ;; QUESTION SECTION:
    ;demo2.mydomain.com.       IN   A
    
    ;; Query time: 0 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Mon Jul 09 15:22:29 UTC 2018
    ;; MSG SIZE  rcvd: 79
    
    
     
  7. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    If you are using httpS://, have you created a certificate for the website?
    Does the website work with plain http://?
    Is name service working? What does host command show?
    Code:
    host demo2.mydomain.com
    Is demo2 also the name server, or was that NS line just placeholder?
    If it is name server, what shows
    Code:
    host demo2.mydomain.com demo2.mydomain.com
    If you run
    Code:
    whois mydomain.com
    what does it show to be the name servers for your domain?
     
  8. Oitsuki

    Oitsuki Member

    Thank you for your help

    if you are using httpS://, have you created a certificate for the website? I troto create an https but it does'nt want : Let's Encrypt SSL and SSL are always uncoched.
    Does the website work with plain http://? No does'ntwork
    Code:
    host demo2.mydomain.com
    Host demo2.mydomain.com not found: 2(SERVFAIL)
    
    If it is name server, what shows
    Code:
    host demo2.mydomain.com demo2.mydomain.com
    host: couldn't get address for 'demo2.mydomain.com': failure
    
    whois mydomain.com
    Code:
    Domain Name: MYDOMAIN.COM
    Registry Domain ID: D154022447-LROR
    Registrar WHOIS Server: whois.ovh.net
    Registrar URL: http://www.ovh.com
    Updated Date: 2018-05-18T00:27:08Z
    Creation Date: 2008-09-08T12:48:26Z
    Registry Expiry Date: 2018-09-08T12:48:26Z
    Registrar Registration Expiration Date:
    Registrar: OVH
    Registrar IANA ID: 433
    Registrar Abuse Contact Email: [email protected]
    Registrar Abuse Contact Phone: +33.972101007
    Reseller:
    Domain Status: clientDeleteProhibited http://icann.org/epp#clientDeleteProhibited
    Domain Status: clientTransferProhibited http://icann.org/epp#clientTransferProhibited
    Registrant Organization: e-imaginis
    Registrant State/Province:
    Registrant Country: FR
    Name Server: NS.KIMSUFI.COM
    Name Server: NS304677.IP-94-XX-XXX.EU
    DNSSEC: unsigned
    URL of the ICANN Whois Inaccuracy Complaint Form: http://www.icann.org/wicf/
    >>> Last update of WHOIS database: 2018-07-09T22:22:05Z <<<
    
    For more information on Whois status codes, please visit https://icann.org/epp
    
    Access to Public Interest Registry WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Public Interest Registry registry database. The data in this record is provided by Public Interest Registry for informational purposes only, and Public Interest Registry does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to (a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.
    
    Please query the RDDS service of the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Tech contact of the queried domain name.
    
    [code]
     
  9. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    I think your problem is with your dns and not https.

    Firstly, you should not change the files in /etc/bind manually unless you follow it with resync, otherwise your dns may not work and may be overwritten.

    By the way, are you sure you are handling your mydomain.com dns via your ISPConfig dns server or there is other dns server managing it?

    Note that all nameservers for mydomain.com must be pointed to your ISPConfig dns server for it to be able manage mydomain.com fully.
     
  10. Oitsuki

    Oitsuki Member

    I think your problem is with your dns==> yes same opinion
    Firstly, you should not change the files in .. Com back to the original situation, restart bind9 and resync by ispconfig
    All other dns works perferly, just the pb come from the subdomain. When I make it, nothing happen.

    restart the element above :
    Code:
    host demo2.mydomain.com
    Host demo2.mydomain.com not found: 3(NXDOMAIN)
    
    host demo2.mydomain.com demo2.mydomain.com
    host: couldn't get address for 'demo2.mydomain.com': not found
    
    My dns inside ispconfig
    Code:
    Yes A mydomaine.com. 94.23.xxx.34 0 3600 
    Yes A demo2.mydomaine.com. 94.23.xxx.34 0 3600 
    Yes A mail 94.23.xxx.34 0 3600 
    Yes A www 94.23.xxx.34 0 3600 
    Yes MX mydomaine.com. mail.mydomaine.com. 10 3600 
    Yes NS mydomaine.com. 94.23.xxx.34. 0 3600 
    Yes NS mydomaine.com. ns.kimsufi.com. 0 3600 
    Yes TXT ._domainkey.mydomaine.com. v=DKIM1; t=s; p= 0 3600 
    Yes TXT mydomaine.com. google-site-verification=rIEPNKsNc69itld1QWnhs818pLs_xDFSzpWdnraakwc 0 3600 
    Yes TXT mydomaine.com. v=spf1 mx a -all 0 3600 
    Yes TXT _dmarc.mydomaine.com. v=DMARC1; p=reject; rua=mailto:[email protected]; ruf=mailto:[email protected]; fo=0:1:d:s 0 3600
    
     
  11. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    I think you put your subdomain wrongly in the dns setting. If it is on its own, then setting it as demo2.mydomain.com. is right, but since it is under mydomain.com then it should be just demo2. What do you think?
     
  12. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    That "My dns inside ispconfig" is hard to read, but it may be correct.
    But how does ns.kimsufi.com get the name service data from your ISPConfig? Is the host there, check with
    Code:
    host demo2.mydomain.com ns.kimsufi.com
    And since name resolving does not work for demo2, check your own name server with
    Code:
    host demo2.mydomain.com 94.23.xxx.34
    
    If you are setting up name service, you really should study the field, like from a book, https://www.amazon.com/DNS-BIND-5th-Cricket-Liu/dp/0596100574 . At least read DNS troubleshooting from web pages, save you a lot of time and nerves.
     
  13. Oitsuki

    Oitsuki Member

    Code:
    host demo2.mydomain.com ns.kimsufi.com
    Using domain server:
    Name: ns.kimsufi.com
    Address: 2001:41d0:3:1c7::1#53
    Aliases:
    
    Host demo2.mydomain.com not found: 5(SERVFAIL)
    
    Code:
    host demo2.mydomain.com 94.23.xxx.34
    Using domain server:
    Name: 94.23.xxx34
    Address: 94.23.xxx.34#53
    Aliases:
    
    Host demo2.mydomain.com not found: 3(NXDOMAIN)
    
    I tried also to create another sub domain (with the same domain), I have the same problem.
     
    Last edited: Jul 10, 2018
  14. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    In case you don't get it clearly, change this part:
    Code:
    Yes A demo2.mydomaine.com. 94.23.xxx.34 0 3600
    
    To be this:
    Code:
    Yes A demo2 94.23.xxx.34 0 3600
    
    Resync, wait for it to be processed and propagated and then run "dig demo2.mydomain.com" to check.

    Remember that propapagation may take up to 72 hours.
     
  15. Oitsuki

    Oitsuki Member

    Ok,
    demo2 with or without . inside DNS A ?

    The result :
    Code:
    dig demo2.mydomain.com
    ; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> demo2.mydomain.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4459
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ; COOKIE: c181f9773ae6c6b93935b30a5b44b495bd6cf1690bc5dceb (good)
    ;; QUESTION SECTION:
    ;demo2.clicshopping.org.       IN   A
    
    ;; AUTHORITY SECTION:
    mydomain.com.   3600   IN   SOA   ns.kimsufi.com. toto.gmail.com. 2018070808 7200 540 604800 3600
    
    ;; Query time: 0 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Tue Jul 10 13:28:53 UTC 2018
    ;; MSG SIZE  rcvd: 149
    
     
  16. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    One other note, you might check if there are any .err files created, as if ispconfig can't generate new config files (because of some error in them that causes named to not load them), no changes you make will be reflected in live dns. (and that may not be your issue, but do check)
     
  17. Oitsuki

    Oitsuki Member

    nano pri.mydomain.com.err
    Code:
    $TTL        3600
    @       IN      SOA     ns.kimsufi.com. test.gmail.com. (
                            2018071011       ; serial, todays date + todays serial #
                            7200              ; refresh, seconds
                            540              ; retry, seconds
                            604800              ; expire, seconds
                            3600 )            ; minimum, seconds
    ;
    
    mydomain.com. 3600 A        94.23.xxx.34
    demo2 3600 A        94.23.xxx.34   ===> test
    demo4. 3600 A        94.23.xxx.34   ===> other test
    mail 3600 A        94.23.xxx.34
    www 3600 A        94.23.xxx.34
    mydomain.com. 3600      MX    10   mail.mydomain.com.
    mydomain.com. 3600      NS        94.23.xxx.34.
    mydomain.com. 3600      NS        ns.kimsufi.com.
    ._domainkey.mydomain.com. 3600      TXT        "v=DKIM1; t=s; p="
    mydomain.com. 3600      TXT        "google-site-verification=rIEPNKsNc69itl$
    v. 3600      TXT        "v=spf1 mx a -all"
    _dmarc.mydomain.com. 3600      TXT        "v=DMARC1; p=reject; rua=mailto:a$
    
     
  18. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    NS records must be set to a hostname, not an ip address. For any further troubleshooting, you can rename that .err file to pri.mydomain.com (save the current file first) and reload bind .. it will fail, and give you a specific error to work from. (then put back the valid file you saved so you can restart bind again)
     
  19. Oitsuki

    Oitsuki Member

    the new file
    nano pri.mydomain.com
    $TTL 3600
    @ IN SOA ns.kimsufi.com. test.gmail.com. (
    2018070807 ; serial, todays date + todays serial #
    7200 ; refresh, seconds
    540 ; retry, seconds
    604800 ; expire, seconds
    3600 ) ; minimum, seconds
    ;

    mydomain.com. 3600 A 94.23.xxx.34
    mail 3600 A 94.23.xxx.34
    www 3600 A 94.23.xxx.34
    mydomain.com. 3600 MX 10 mail.clicshopping.org.
    mydomain.com. 3600 NS ns304xxx.ip-94-23-xxx.eu.
    mydomain.com. 3600 NS ns.kimsufi.com.
    mydomain.com. 3600 TXT "google-site-verification=rIEPNKsNc69itl$
    mydomain.com. 3600 TXT "v=spf1 mx a -all"
     
  20. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    That looks better for the NS record. Right now ns.kimsufi.com is not answering dns (firewall problem?), but the other server seems to be answering just fine. You no longer have your demo2 hostname defined, but I imagine if you did that it I'd be able to query it.

    As @Taleman asked above, how do the 2 nameservers get dns info from your ispconfig server? Maybe one or both are running ispconfig, connected to your control panel as ispconfig master? If not, more info is needed ...
     

Share This Page