Hello, I am trying to deploy multi-server setup, following guide https://www.howtoforge.com/tutorial/ispconfig-multiserver-setup-debian-ubuntu - I am using Debian (Bullseye). I am not getting by the local dns resolve: Code: [INFO] Stopping Rspamd. [INFO] (Re)starting unbound. [INFO] Disabling spamassassin daemon. [INFO] Checking local dns resolver. [ERROR] Exception occured: ISPConfigOSException -> Command nslookup denic.de | grep Server failed. (/ispconfig.ai.php:15) Anyway, I tried to load systemd-resolve, tried to do manual config file update... no luck. With local unbound resolver having issues, I am pretty much stalled with deploy. Any guidance please? Thank you!
no luck, the response is same: Code: root@mb1:~# nslookup denic.de ;; connection timed out; no servers could be reached
Does the host has internet access at all? Can you ping 8.8.8.8? What is set in /etc/resolve.conf? What does "systemctl status unbound" return?
Here is the result: Code: root@mb1:~# ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=116 time=18.8 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=116 time=19.6 ms ^C --- 8.8.8.8 ping statistics --- 3 packets transmitted, 2 received, 33.3333% packet loss, time 2004ms rtt min/avg/max/mdev = 18.757/19.161/19.565/0.404 ms root@mb1:~# cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN # 127.0.0.53 is the systemd-resolved stub resolver. # run "resolvectl status" to see details about the actual nameservers. nameserver 127.0.0.1 nameserver 127.0.0.1 root@mb1:~# systemctl status unbound ● unbound.service - Unbound DNS server Loaded: loaded (/lib/systemd/system/unbound.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2023-02-21 23:48:04 GMT; 9h ago Docs: man:unbound(8) Process: 34224 ExecStartPre=/usr/lib/unbound/package-helper chroot_setup (code=exited, status=0/SUCCESS) Process: 34227 ExecStartPre=/usr/lib/unbound/package-helper root_trust_anchor_update (code=exited, status=0/SUCCESS) Main PID: 34231 (unbound) Tasks: 1 (limit: 4641) Memory: 8.6M CPU: 508ms CGroup: /system.slice/unbound.service └─34231 /usr/sbin/unbound -d -p Feb 21 23:48:04 mb1.sidk.email systemd[1]: Starting Unbound DNS server... Feb 21 23:48:04 mb1.sidk.email unbound[34231]: [34231:0] notice: init module 0: subnet Feb 21 23:48:04 mb1.sidk.email unbound[34231]: [34231:0] notice: init module 1: validator Feb 21 23:48:04 mb1.sidk.email unbound[34231]: [34231:0] notice: init module 2: iterator Feb 21 23:48:04 mb1.sidk.email unbound[34231]: [34231:0] info: start of service (unbound 1.13.1). Feb 21 23:48:04 mb1.sidk.email systemd[1]: Started Unbound DNS server.
This is not correct. It should define the resolver as 127.0.0.1:53 to use the local unbound dns resolver like this: Code: /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN # 127.0.0.53 is the systemd-resolved stub resolver. # run "resolvectl status" to see details about the actual nameservers. nameserver 127.0.0.1 nameserver 127.0.0.1 Did you change any settings manually?
No settings have been changed manually - before I started installation, the resolv.conf file had only one entry, that was passed from DHCP - it had beed an ipv4 address of router itself. After the script failed, I noticed this entries. No manual installations or file modifications have been done (I tried to edit the resolv.conf file but it got overwritten again after I ran the script).
Hmm, but he has: Code: root@mb1:~# cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN # 127.0.0.53 is the systemd-resolved stub resolver. # run "resolvectl status" to see details about the actual nameservers. nameserver 127.0.0.1 nameserver 127.0.0.1 which would be fine as far as I see. At least on my systems, I do not have to specify the port at the end of the IP address like 127.0.0.1:53 in the resolv.conf file.
The port was not intentional. I totally missed the nameserver lines in his output, i thought it was missing.
hence my predicament - I have "correct" settings and it is not working, blocking my further deployment... we are hoping to use this solution for multi-server deployment for email and dns (we are not interested in web) - I really hope we will be able to get past this.. any other thoughts? I will re-try it from scratch, perhaps use ubuntu but I am really partial to Debian
initially i started with Code: wget -O - https://get.ispconfig.org | sh -s -- --no-dns --no-roundcube --no-mailman --use-php=system --use-unbound --interactive I followed exactly point 4.2 from https://www.howtoforge.com/tutorial/ispconfig-multiserver-setup-debian-ubuntu/3/
I just did a test install using this exact command on a minimal base system installed as described din this guide, and it works without issues. So there must be something special with your base system which causes it to fail to resolve dns.
you used minimal debian? ok then i will manually install minimal debian, not using our minimal template for VM cloning deployment...
Make sure you Install the "Basic Systemutilities" by selecting it in the Installer. This has caused me alot of headaches when missing it //Edit: this is what i refer to: https://csmojo.com/posts/what-debian-standard-system-utilities-include.html
So even with installing Debian 11 from scratch including system utilities, no luck - same error. I switched to Ubuntu 20.04 LTS and basically, it worked OOTB without any modifications. I am using Ubuntu for ISPConfig3 servers until I have time to look up why it would not work properly. Thank you for all your help, suggestion, and patience. I will be back with questions, I already have other issues
