DNS Not Resolving
Posted: Tue Dec 13, 2016 11:44 am
Hello, I'm having issues where my domain is not resolving. I am using vanity name servers. I've worked with WHM/cPanel for years so this is a slight learning curve. I have followed the documentation word-for-word but I'm having issues.
The server is a CENTOS 7 server running vanilla Vesta CP (latest version). Under the IP tab, it has two IP records; two internals on the 192.168.x and 10.12.30.x range. The 10.12.30.x IP has the external IP set under NAT IP association.
- On my domain registrar 123-reg, I have purchased domain #1 and have set ns1 and ns2 A records pointed to the Vesta CP server WAN IP (lets say ns1.domain1.com), as well as the hostname server.domain1.com which is also set up in Vesta. This was done last week so there's been sufficient time for propagation. When pinging both nameservers, they successfully return the servers WAN IP (as with other DNS tools)
- On my domain registrar, I have purchased domain #2 and have set the name servers to ns1.domain1.com and ns2.domain1.com
- On Vesta, I have set up the nameservers under the Default Package
- On Vesta, I have added the web domain for domain#2 (domain2.com) and have set the IP address to the external WAN IP
- On Vesta, under DNS for domain#2, I have set the NAMED template to Child-NS
I believe that should be it according to the docs.
I can access the the server via server.domain1.com to see the generic splash page for that domain, however when trying to access domain2.com it just throws up DNS errors (ERR_NAME_NOT_RESOLVED).
Looking at the log files, everything appears fine - below is from messages (i've replaced actual domains with domain1 and domain2):
Dec 13 10:25:39 server named[9034]: starting BIND 9.9.4-RedHat-9.9.4-38.el7_3 -u named
Dec 13 10:25:39 server named[9034]: built with '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--program-prefix=' '--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-libtool' '--localstatedir=/var' '--enable-threads' '--with-geoip' '--enable-ipv6' '--enable-filter-aaaa' '--enable-rrl' '--with-pic' '--disable-static' '--disable-openssl-version-check' '--enable-exportlib' '--with-export-libdir=/usr/lib64' '--with-export-includedir=/usr/include' '--includedir=/usr/include/bind9' '--enable-native-pkcs11' '--with-pkcs11=/usr/lib64/pkcs11/libsofthsm2.so' '--with-dlopen=yes' '--with-dlz-ldap=yes' '--with-dlz-postgres=yes' '--with-dlz-mysql=yes' '--with-dlz-filesystem=yes' '--with-dlz-bdb=yes' '--with-gssapi=yes' '--disable-isc-spnego' '--enable-fixed-rrset' '--with-docbook-xsl=/usr/share/sgml/docbook/xsl-stylesheets' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic' 'LDFLAGS=-Wl,-z,relro ' 'CPPFLAGS= -DDIG_SIGCHASE'
Dec 13 10:25:39 server named[9034]: ----------------------------------------------------
Dec 13 10:25:39 server named[9034]: BIND 9 is maintained by Internet Systems Consortium,
Dec 13 10:25:39 server named[9034]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
Dec 13 10:25:39 server named[9034]: corporation. Support and training for BIND 9 are
Dec 13 10:25:39 server named[9034]: available at https://www.isc.org/support
Dec 13 10:25:39 server named[9034]: ----------------------------------------------------
Dec 13 10:25:39 server named[9034]: adjusted limit on open files from 4096 to 1048576
Dec 13 10:25:39 server named[9034]: found 4 CPUs, using 4 worker threads
Dec 13 10:25:39 server named[9034]: using 4 UDP listeners per interface
Dec 13 10:25:39 server named[9034]: using up to 4096 sockets
Dec 13 10:25:39 server named[9034]: loading configuration from '/etc/named.conf'
Dec 13 10:25:39 server named[9034]: initializing GeoIP Country (IPv4) (type 1) DB
Dec 13 10:25:39 server named[9034]: GEO-106FREE 20160607 Build 1 Copyright (c) 2016 MaxMind
Dec 13 10:25:39 server named[9034]: initializing GeoIP Country (IPv6) (type 12) DB
Dec 13 10:25:39 server named[9034]: GEO-106FREE 20160607 Build 1 Copy
Dec 13 10:25:39 server named[9034]: GeoIP City (IPv4) (type 2) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP City (IPv4) (type 6) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP City (IPv6) (type 30) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP City (IPv6) (type 31) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP Region (type 3) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP Region (type 7) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP ISP (type 4) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP Org (type 5) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP AS (type 9) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP Domain (type 11) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP NetSpeed (type 10) DB not available
Dec 13 10:25:39 server named[9034]: using default UDP/IPv4 port range: [1024, 65535]
Dec 13 10:25:39 server named[9034]: using default UDP/IPv6 port range: [1024, 65535]
Dec 13 10:25:39 server named[9034]: listening on IPv4 interface lo, 127.0.0.1#53
Dec 13 10:25:39 server named[9034]: listening on IPv4 interface eno16777736, 10.12.30.40#53
Dec 13 10:25:39 server named[9034]: listening on IPv4 interface virbr0, 192.168.122.1#53
Dec 13 10:25:39 server named[9034]: generating session key for dynamic DNS
Dec 13 10:25:39 server named[9034]: sizing zone task pool based on 3 zones
Dec 13 10:25:39 server named[9034]: set up managed keys zone for view _default, file 'managed-keys.bind'
Dec 13 10:25:39 server named[9034]: command channel listening on 127.0.0.1#953
Dec 13 10:25:39 server named[9034]: command channel listening on ::1#953
Dec 13 10:25:39 server named[9034]: managed-keys-zone: loaded serial 0
Dec 13 10:25:39 server named[9034]: zone domain1.com/IN: loaded serial 2016121312
Dec 13 10:25:39 server named[9034]: zone domain2.com/IN: loaded serial 2016121310
Dec 13 10:25:39 server named[9034]: zone server.domain1.com/IN: loaded serial 2016121313
Dec 13 10:25:39 server named[9034]: all zones loaded
Dec 13 10:25:39 server named[9034]: running
Dec 13 10:25:39 server systemd: Started Berkeley Internet Name Domain (DNS).
Dec 13 10:25:39 server named[9034]: zone domain1.com/IN: sending notifies (serial 2016121312)
Dec 13 10:25:39 server named[9034]: zone server.domain1.com/IN: sending notifies (serial 2016121313)
Dec 13 10:25:39 server named[9034]: zone domain2.com/IN: sending notifies (serial 2016121310)
Dec 13 10:25:44 server systemd: Created slice user-0.slice.
Dec 13 10:25:44 server systemd: Starting user-0.slice.
Dec 13 10:25:44 server systemd: Started Session 3 of user root.
Dec 13 10:25:44 server systemd-logind: New session 3 of user root.
Dec 13 10:25:44 server systemd: Starting Session 3 of user root.
Dec 13 10:26:45 server systemd-logind: Removed session 3.
Dec 13 10:26:45 server systemd: Removed slice user-0.slice.
Dec 13 10:26:45 server systemd: Stopping user-0.slice.
Dec 13 10:30:01 server systemd: Created slice user-1007.slice.
Dec 13 10:30:01 server systemd: Starting user-1007.slice.
Dec 13 10:30:01 server systemd: Started Session 4 of user admin.
Dec 13 10:30:01 server systemd: Starting Session 4 of user admin.
Dec 13 10:30:01 server systemd: Created slice user-0.slice.
Dec 13 10:30:01 server systemd: Starting user-0.slice.
Dec 13 10:30:01 server systemd: Started Session 5 of user root.
Dec 13 10:30:01 server systemd: Starting Session 5 of user root.
Dec 13 10:30:01 server systemd: Started Session 6 of user admin.
Dec 13 10:30:01 server systemd: Starting Session 6 of user admin.
Dec 13 10:30:01 server systemd: Removed slice user-0.slice.
Dec 13 10:30:01 server systemd: Stopping user-0.slice.
Dec 13 10:30:04 server systemd: Removed slice user-1007.slice.
Dec 13 10:30:04 server systemd: Stopping user-1007.slice.
Dec 13 10:32:09 server clamd[1095]: SelfCheck: Database status OK.
Dec 13 10:32:09 server clamd: SelfCheck: Database status OK.
Dec 13 10:35:01 server systemd: Created slice user-1007.slice.
Dec 13 10:35:01 server systemd: Starting user-1007.slice.
Dec 13 10:35:01 server systemd: Started Session 7 of user admin.
Dec 13 10:35:01 server systemd: Starting Session 7 of user admin.
Dec 13 10:35:01 server systemd: Started Session 8 of user admin.
Dec 13 10:35:01 server systemd: Starting Session 8 of user admin.
Dec 13 10:35:03 server systemd: Removed slice user-1007.slice.
Dec 13 10:35:03 server systemd: Stopping user-1007.slice.
Dec 13 10:36:42 server systemd: Starting Cleanup of Temporary Directories...
Dec 13 10:36:42 server systemd: Started Cleanup of Temporary Directories.
Dec 13 10:37:37 server systemd: Created slice user-0.slice.
Dec 13 10:37:37 server systemd: Starting user-0.slice.
Dec 13 10:37:37 server systemd-logind: New session 9 of user root.
Dec 13 10:37:37 server systemd: Started Session 9 of user root.
Dec 13 10:37:37 server systemd: Starting Session 9 of user root.
So to confirm, domain1.com and server.domain1.com both open correctly in the browser, however they are not using vanity nameservers, and instead, I had just pointed all records (*, WWW, FTP, NS1, NS2, SERVER) to the Vesta Server WAN IP.
Any ideas? I've gone through almost 30+ threads similar to this but the only ones replied to apply to a different Server OS (like Ubuntu with the Apparmor issues which doesnt apply to me).
To add, this server is just a VM here at our company HQ - I believe the relevant FW rules have been applied - ports 80, 53 etc. as I can telnet successfully from an external location into the server via those ports.
Thank you.
The server is a CENTOS 7 server running vanilla Vesta CP (latest version). Under the IP tab, it has two IP records; two internals on the 192.168.x and 10.12.30.x range. The 10.12.30.x IP has the external IP set under NAT IP association.
- On my domain registrar 123-reg, I have purchased domain #1 and have set ns1 and ns2 A records pointed to the Vesta CP server WAN IP (lets say ns1.domain1.com), as well as the hostname server.domain1.com which is also set up in Vesta. This was done last week so there's been sufficient time for propagation. When pinging both nameservers, they successfully return the servers WAN IP (as with other DNS tools)
- On my domain registrar, I have purchased domain #2 and have set the name servers to ns1.domain1.com and ns2.domain1.com
- On Vesta, I have set up the nameservers under the Default Package
- On Vesta, I have added the web domain for domain#2 (domain2.com) and have set the IP address to the external WAN IP
- On Vesta, under DNS for domain#2, I have set the NAMED template to Child-NS
I believe that should be it according to the docs.
I can access the the server via server.domain1.com to see the generic splash page for that domain, however when trying to access domain2.com it just throws up DNS errors (ERR_NAME_NOT_RESOLVED).
Looking at the log files, everything appears fine - below is from messages (i've replaced actual domains with domain1 and domain2):
Dec 13 10:25:39 server named[9034]: starting BIND 9.9.4-RedHat-9.9.4-38.el7_3 -u named
Dec 13 10:25:39 server named[9034]: built with '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--program-prefix=' '--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-libtool' '--localstatedir=/var' '--enable-threads' '--with-geoip' '--enable-ipv6' '--enable-filter-aaaa' '--enable-rrl' '--with-pic' '--disable-static' '--disable-openssl-version-check' '--enable-exportlib' '--with-export-libdir=/usr/lib64' '--with-export-includedir=/usr/include' '--includedir=/usr/include/bind9' '--enable-native-pkcs11' '--with-pkcs11=/usr/lib64/pkcs11/libsofthsm2.so' '--with-dlopen=yes' '--with-dlz-ldap=yes' '--with-dlz-postgres=yes' '--with-dlz-mysql=yes' '--with-dlz-filesystem=yes' '--with-dlz-bdb=yes' '--with-gssapi=yes' '--disable-isc-spnego' '--enable-fixed-rrset' '--with-docbook-xsl=/usr/share/sgml/docbook/xsl-stylesheets' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic' 'LDFLAGS=-Wl,-z,relro ' 'CPPFLAGS= -DDIG_SIGCHASE'
Dec 13 10:25:39 server named[9034]: ----------------------------------------------------
Dec 13 10:25:39 server named[9034]: BIND 9 is maintained by Internet Systems Consortium,
Dec 13 10:25:39 server named[9034]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
Dec 13 10:25:39 server named[9034]: corporation. Support and training for BIND 9 are
Dec 13 10:25:39 server named[9034]: available at https://www.isc.org/support
Dec 13 10:25:39 server named[9034]: ----------------------------------------------------
Dec 13 10:25:39 server named[9034]: adjusted limit on open files from 4096 to 1048576
Dec 13 10:25:39 server named[9034]: found 4 CPUs, using 4 worker threads
Dec 13 10:25:39 server named[9034]: using 4 UDP listeners per interface
Dec 13 10:25:39 server named[9034]: using up to 4096 sockets
Dec 13 10:25:39 server named[9034]: loading configuration from '/etc/named.conf'
Dec 13 10:25:39 server named[9034]: initializing GeoIP Country (IPv4) (type 1) DB
Dec 13 10:25:39 server named[9034]: GEO-106FREE 20160607 Build 1 Copyright (c) 2016 MaxMind
Dec 13 10:25:39 server named[9034]: initializing GeoIP Country (IPv6) (type 12) DB
Dec 13 10:25:39 server named[9034]: GEO-106FREE 20160607 Build 1 Copy
Dec 13 10:25:39 server named[9034]: GeoIP City (IPv4) (type 2) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP City (IPv4) (type 6) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP City (IPv6) (type 30) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP City (IPv6) (type 31) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP Region (type 3) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP Region (type 7) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP ISP (type 4) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP Org (type 5) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP AS (type 9) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP Domain (type 11) DB not available
Dec 13 10:25:39 server named[9034]: GeoIP NetSpeed (type 10) DB not available
Dec 13 10:25:39 server named[9034]: using default UDP/IPv4 port range: [1024, 65535]
Dec 13 10:25:39 server named[9034]: using default UDP/IPv6 port range: [1024, 65535]
Dec 13 10:25:39 server named[9034]: listening on IPv4 interface lo, 127.0.0.1#53
Dec 13 10:25:39 server named[9034]: listening on IPv4 interface eno16777736, 10.12.30.40#53
Dec 13 10:25:39 server named[9034]: listening on IPv4 interface virbr0, 192.168.122.1#53
Dec 13 10:25:39 server named[9034]: generating session key for dynamic DNS
Dec 13 10:25:39 server named[9034]: sizing zone task pool based on 3 zones
Dec 13 10:25:39 server named[9034]: set up managed keys zone for view _default, file 'managed-keys.bind'
Dec 13 10:25:39 server named[9034]: command channel listening on 127.0.0.1#953
Dec 13 10:25:39 server named[9034]: command channel listening on ::1#953
Dec 13 10:25:39 server named[9034]: managed-keys-zone: loaded serial 0
Dec 13 10:25:39 server named[9034]: zone domain1.com/IN: loaded serial 2016121312
Dec 13 10:25:39 server named[9034]: zone domain2.com/IN: loaded serial 2016121310
Dec 13 10:25:39 server named[9034]: zone server.domain1.com/IN: loaded serial 2016121313
Dec 13 10:25:39 server named[9034]: all zones loaded
Dec 13 10:25:39 server named[9034]: running
Dec 13 10:25:39 server systemd: Started Berkeley Internet Name Domain (DNS).
Dec 13 10:25:39 server named[9034]: zone domain1.com/IN: sending notifies (serial 2016121312)
Dec 13 10:25:39 server named[9034]: zone server.domain1.com/IN: sending notifies (serial 2016121313)
Dec 13 10:25:39 server named[9034]: zone domain2.com/IN: sending notifies (serial 2016121310)
Dec 13 10:25:44 server systemd: Created slice user-0.slice.
Dec 13 10:25:44 server systemd: Starting user-0.slice.
Dec 13 10:25:44 server systemd: Started Session 3 of user root.
Dec 13 10:25:44 server systemd-logind: New session 3 of user root.
Dec 13 10:25:44 server systemd: Starting Session 3 of user root.
Dec 13 10:26:45 server systemd-logind: Removed session 3.
Dec 13 10:26:45 server systemd: Removed slice user-0.slice.
Dec 13 10:26:45 server systemd: Stopping user-0.slice.
Dec 13 10:30:01 server systemd: Created slice user-1007.slice.
Dec 13 10:30:01 server systemd: Starting user-1007.slice.
Dec 13 10:30:01 server systemd: Started Session 4 of user admin.
Dec 13 10:30:01 server systemd: Starting Session 4 of user admin.
Dec 13 10:30:01 server systemd: Created slice user-0.slice.
Dec 13 10:30:01 server systemd: Starting user-0.slice.
Dec 13 10:30:01 server systemd: Started Session 5 of user root.
Dec 13 10:30:01 server systemd: Starting Session 5 of user root.
Dec 13 10:30:01 server systemd: Started Session 6 of user admin.
Dec 13 10:30:01 server systemd: Starting Session 6 of user admin.
Dec 13 10:30:01 server systemd: Removed slice user-0.slice.
Dec 13 10:30:01 server systemd: Stopping user-0.slice.
Dec 13 10:30:04 server systemd: Removed slice user-1007.slice.
Dec 13 10:30:04 server systemd: Stopping user-1007.slice.
Dec 13 10:32:09 server clamd[1095]: SelfCheck: Database status OK.
Dec 13 10:32:09 server clamd: SelfCheck: Database status OK.
Dec 13 10:35:01 server systemd: Created slice user-1007.slice.
Dec 13 10:35:01 server systemd: Starting user-1007.slice.
Dec 13 10:35:01 server systemd: Started Session 7 of user admin.
Dec 13 10:35:01 server systemd: Starting Session 7 of user admin.
Dec 13 10:35:01 server systemd: Started Session 8 of user admin.
Dec 13 10:35:01 server systemd: Starting Session 8 of user admin.
Dec 13 10:35:03 server systemd: Removed slice user-1007.slice.
Dec 13 10:35:03 server systemd: Stopping user-1007.slice.
Dec 13 10:36:42 server systemd: Starting Cleanup of Temporary Directories...
Dec 13 10:36:42 server systemd: Started Cleanup of Temporary Directories.
Dec 13 10:37:37 server systemd: Created slice user-0.slice.
Dec 13 10:37:37 server systemd: Starting user-0.slice.
Dec 13 10:37:37 server systemd-logind: New session 9 of user root.
Dec 13 10:37:37 server systemd: Started Session 9 of user root.
Dec 13 10:37:37 server systemd: Starting Session 9 of user root.
So to confirm, domain1.com and server.domain1.com both open correctly in the browser, however they are not using vanity nameservers, and instead, I had just pointed all records (*, WWW, FTP, NS1, NS2, SERVER) to the Vesta Server WAN IP.
Any ideas? I've gone through almost 30+ threads similar to this but the only ones replied to apply to a different Server OS (like Ubuntu with the Apparmor issues which doesnt apply to me).
To add, this server is just a VM here at our company HQ - I believe the relevant FW rules have been applied - ports 80, 53 etc. as I can telnet successfully from an external location into the server via those ports.
Thank you.