2nd nameserver refusing to respond

zuronam

Member
Aug 2, 2016
9
2
3
Zimbabwe
cPanel Access Level
Root Administrator
Hi All,

I'd appreciate any help anyone could offer. I'm running Cloudlinux 7.2 x86_64 on Vmware abd I have a Cpanel/WHM 58.0 build 23.

As of last week Friday - 26/08/16, my secondary nameserver refuses to answer any dns queries. I was still on ver 56 when that happened, and now I updated to 58 thinking that would solve the issues but alas, it has not helped.

My first nameserver responds and is authoritative, the second nameserver is online, you can ping it, you can telnet port 53 on it, but if you query a dns zone - if refuses to connect.

The output of rndc reload then tail-100 /var/log/messages

Aug 29 13:19:45 myservername named[44117]: automatic empty zone: view internal: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Aug 29 13:19:45 myservername named[44117]: automatic empty zone: view internal: D.F.IP6.ARPA


but no logs of any connections refused if i tail-f the logs while doing dns queries.

I apologise if this is a repeat post but I have trawled the forums since am searching for a solution.
 
Last edited by a moderator:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,219
463
My first nameserver responds and is authoritative, the second nameserver is online, you can ping it, you can telnet port 53 on it, but if you query a dns zone - if refuses to connect.
Hello,

Could you try creating a new test DNS zone to verify the issue isn't with the existing zone files? EX:

Code:
/scripts/adddns --domain $testing12345.com
Then, let us know if the query to that zone on that server fails. If so, try rebuilding the DNS configuration with the following command:

Code:
/scripts/rebuilddnsconfig
Thank you.
 

zuronam

Member
Aug 2, 2016
9
2
3
Zimbabwe
cPanel Access Level
Root Administrator
Hi

Thanks for the response.

I tried adding a new domain then querying it - first nameserver responds

Code:
; <<>> DiG 9.3.2 <<>> testing12345.com @firstnameserver
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1671
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1

;; QUESTION SECTION:
;testing12345.com.  IN  A

;; ANSWER SECTION:
testing12345.com.  14400  IN  A  IP

;; AUTHORITY SECTION:
testing12345.com.  86400  IN  NS  firstnameserver.com.
testing12345.com.  86400  IN  NS  secondnameserver.com.

;; ADDITIONAL SECTION:
secondnameserver.com.  14400  IN  A  IP

;; Query time: 62 msec
;; SERVER: firstnameserverIP2#53(IP)
;; WHEN: Tue Aug 30 08:24:54 2016
;; MSG SIZE  rcvd: 116

However - second nameserver still refuses - even after rebuilding DNS config

; <<>> DiG 9.3.2 <<>> testing12345.com @secondnameserver.com
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 1894
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;testing12345.com.  IN  A

;; Query time: 44 msec
;; SERVER: secondnameserverIP#53(IP)
;; WHEN: Tue Aug 30 08:24:58 2016
;; MSG SIZE  rcvd: 34
any other pointers would be much appreciated, thanks
 
Last edited by a moderator:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,219
463
You can install a firewall management application such as CSF to ensure no custom firewall rules are blocking traffic over port 53. Feel free to open a support ticket using the link in my signature if the issue continues. You can post the ticket number here so we can update this thread with the outcome.

Thank you.