DNS Problems (NIGHTMARES!) with BIND and Virtualmin
Posted
by
Nyxynyx
on Server Fault
See other posts from Server Fault
or by Nyxynyx
Published on 2012-10-11T14:52:24Z
Indexed on
2012/10/11
15:38 UTC
Read the original article
Hit count: 386
I have a webserver (Ubuntu 12.04 with LAMP) using Virtualmin / Webmin. Because I just moved from a Cpanel system, I am having a nightmare configuring the DNS!
Using intoDNS.com, the failed reports are:
Mismatched NS records WARNING: One or more of your nameservers did not return any of your NS records.
DNS servers responded ERROR: One or more of your nameservers did not respond: The ones that did not respond are: 123.123.123.123 213.251.188.141x
Multiple Nameservers ERROR: Looks like you have less than 2 nameservers. According to RFC2182 section 5 you must have at least 3 nameservers, and no more than 7. Having 2 nameservers is also ok by me.
Missing nameservers
reported by your nameserver You should already know that your NS records at your nameservers are missing, so here it is again:
ns1.mydomain.com. sdns2.ovh.net.
SOA record No valid SOA record came back!
MX Records
WWW A Record ERROR: I could not get any A records for www.mydomain.com!
Step-by-Step of my Attempt
In my domain registrar (Namecheap), I registered ns1.mydomain.com
as a nameserver, pointing to the IP address of my web server which is running bind9
. The domain is setup with DNS ns1.mydomain.com
and sdns2.ovh.net
. sdns2.ovh.net
is a secondary DNS server (SLAVE and pointing mydomain.com
to the IP address of my web server)
Webserver domain: mydomain.com
Webserver hostname: ns4000000.ip-123-123-123.net
Webserver IP: 123.123.123.123
Under Virtualmin, I edited the default Virtual server template,
- BIND DNS records for new domains:
ns1.mydomain.com
- Master DNS server hostname:
ns1.mydomain.com
Next I created a Virtual server using that server template.
This is what I've done but its still not working! Any ideas? I've been stuck for days, thank you for all your help!
service bind9 status
* bind9 is running
lsof -i :53
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
named 6966 bind 20u IPv6 338583 0t0 TCP *:domain (LISTEN)
named 6966 bind 21u IPv4 338588 0t0 TCP localhost.localdomain:domain (LISTEN)
named 6966 bind 22u IPv4 338590 0t0 TCP ns4000000.ip-123-123-123.net:domain (LISTEN)
named 6966 bind 512u IPv6 338582 0t0 UDP *:domain
named 6966 bind 513u IPv4 338587 0t0 UDP localhost.localdomain:domain
named 6966 bind 514u IPv4 338589 0t0 UDP ns4000000.ip-123-123-123.net:domain
/etc/resolv.con
(Not sure how 213.186.33.99
got here)
nameserver 127.0.0.1
nameserver 213.186.33.99
search ovh.net
host 123.123.123.123 (my web server's IP)
13.60.245.198.in-addr.arpa domain name pointer ns4000000.ip-123-123-123.net.
nslookup 213.186.33.99
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
99.33.186.213.in-addr.arpa name = cdns.ovh.net.
Authoritative answers can be found from:
33.186.213.in-addr.arpa nameserver = ns.ovh.net.
33.186.213.in-addr.arpa nameserver = dns.ovh.net.
nslookup ns1.mydomain.com
;; Got SERVFAIL reply from 127.0.0.1, trying next server
;; connection timed out; no servers could be reached
nslookup ns2.mydomain.com
;; Got SERVFAIL reply from 127.0.0.1, trying next server
;; connection timed out; no servers could be reached
nslookup www.mydomain.com
;; Got SERVFAIL reply from 127.0.0.1, trying next server
;; connection timed out; no servers could be reached
dig mydomain.com
; <<>> DiG 9.8.1-P1 <<>> mydomain.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 43540
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;mydomain.com. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Oct 11 11:30:09 2012
;; MSG SIZE rcvd: 30
dig ns1.mydomain.com
; <<>> DiG 9.8.1-P1 <<>> ns1.mydomain.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 31254
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;ns1.mydomain.com. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Oct 11 11:30:16 2012
;; MSG SIZE rcvd: 34
/etc/bind/named.conf
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
/etc/bind/named.conf.default-zones
zone "." {
type hint;
file "/etc/bind/db.root";
};
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
/etc/bind/named.conf.local
zone "mydomain.com" {
type master;
file "/var/lib/bind/mydomain.com.hosts";
allow-transfer {
127.0.0.1;
localnets;
};
};
/etc/bind/named.conf.options
options {
directory "/var/cache/bind";
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
// allow-recursion { 127.0.0.1; };
// transfer-source;
};
named-checkconf -z
dns_master_load: /var/lib/bind/mydomain.com.hosts:21: unexpected end of line
dns_master_load: /var/lib/bind/mydomain.com.hosts:20: unexpected end of input
/var/lib/bind/mydomain.com.hosts: file does not end with newline
zone mydomain.com/IN: loading from master file /var/lib/bind/mydomain.com.hosts failed: unexpected end of input
zone mydomain.com/IN: not loaded due to errors.
_default/mydomain.com/IN: unexpected end of input
zone localhost/IN: loaded serial 2
zone 127.in-addr.arpa/IN: loaded serial 1
zone 0.in-addr.arpa/IN: loaded serial 1
zone 255.in-addr.arpa/IN: loaded serial 1
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:20000
ACCEPT tcp -- anywhere anywhere tcp dpt:webmin
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:imaps
ACCEPT tcp -- anywhere anywhere tcp dpt:imap2
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp-data
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:submission
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
© Server Fault or respective owner