BIND 9 giving problems...

[justonefee]

Hello,


Many ISPs have been upgrading their DNS servers to the latest BIND 9 software, which is much stricter regarding amongst other the use of RFC's.

The result of this is that many customers from ISPs that have been upgrading their DNS servers have had problems accessing ANY of the sites hosted on the cpanel servers.

More information regarding this topic is available at http://www.theregister.co.uk/content/55/26381.html

As you most probably understand, this is an extremely urgent issue which needs to be addressed immediately, as we don't want to have the servers upgraded to BIND 9 if this is going to break anything in cpanel/WHM.

I hope we can soon have more information on this issue, as we are now loosing customers due to DNS errors. Thank you for you kind and immediate assistance.


David Heremans.
JustOneFee.com

www.justonefee.com (only if you're not on BIND9 yet )

 

[Stormtrooper]

all you really need to do is make sure that the nameserver entries in the DNS zone are the correct entries for the domain - others have made it more strict by requiring that the DNS zone respond authoritatively to queries about the IP address of a nameserver. That's really the only two things you'll have to worry aout.

 

[justonefee]

okay - do you have any more details on this?
I'm sorry if I seem a bit stupid here now, but I have no idea as to where ans how to check this, and my provider is currently working on a solution together with his cpanel technician

Thanks in advance!

 

[Stormtrooper]

ok, head on over to www.internic.net and do a WHOIS lookup on the domain - that will show you what the nameservers SHOULD be. Then take a lookie at the dns zone using WHM...

; WwwAcct 2.5
; Zone file for stormtrooper.com
@ 14400 IN SOA ns1.stormtrooper_host.com. root.ns1.stormtrooper_host.com. (
1016801944 ; serial, todays date+todays
28800 ; refresh, seconds
7200 ; retry, seconds
3600000 ; expire, seconds
86400 ) ; minimum, seconds

stormtrooper.com. 14400 IN NS ns1.stormtrooper_host.com.
stormtrooper.com. 14400 IN NS ns2.stormtrooper_host.com.
stormtrooper.com. 14400 IN A 12.34.56.789

localhost.stormtrooper.com. 14400 IN A 127.0.0.1

stormtrooper.com. 14400 IN MX 0 stormtrooper.com.

mail 14400 IN CNAME stormtrooper.com.
www 14400 IN CNAME stormtrooper.com.
ftp 14400 IN CNAME stormtrooper.com.


everything should look pretty similar to what you see here. IF the NS entries do NOT match what you see in the WHOIS from internic then you need to make a change. Also, edit the DNS zone for stormtrooper_host.com...make sure that there are entries as follows:

ns1 14400 IN A 12.34.56.780
ns2 14400 IN A 12.34.56.781

or whatever they're supposed to be.

That's prety much it. Also note that if you have customers complaining about not being able to see their site from the almighty WWW. (which, obviously, a web site is not visible without *rolleyes*) this will address that issue as well.

One final thought. You MAY need to set up RDNS for some nameservers depending on the obscurity of the ISP that your customer is dealing with. Your datacenter or bandwidth provider is required by ARIN to provide that service for you so you will need to contact them to get that done unless you have RDNS authority transferred to your server (you'll know it if you do).

/* edit: I really hope this makes sense to you .. if not, just ask about the parts that need clarification. if it's the whole thing that I'm not being clear about, let me know and I'll write up a tutorial and put it at a site called allthefqs.net because it's something I think everybody could benefit from */

 

[veloypete]

Stormtrooper&& I am having the same problems and I was wondering if you could take a llok at my zone file and see if there are errors that could be corrected. I would greatly appreciate it because I have been having this problems for quite sometime now. Thankyou for your help.

$TTL 86400

@ IN SOA NS1.VELOY.NET. info.veloy.com. (
1031695313 ; serial
10800 ; refresh
3600 ; retry
604800 ; expire
86400 ) ; minimum

veloy.com. IN NS NS1.VELOY.NET.
veloy.com. IN NS ns3.veloy.net.
veloy.com. IN A 216.12.214.220
webmail.veloy.com. IN A 216.12.214.220
mail.veloy.com. IN CNAME veloy.com.
ftp.veloy.com. IN CNAME veloy.com.
www.veloy.com. IN CNAME veloy.com.
veloy.com. IN MX 10 mail.veloy.com.

 

[rpmws]

I am not sure but I think this problem has creeped up on us. I am getting complaints about this. Sites simply don't resolve for some people. It's on and off seems like. Bind reports up but nslookups fail even from my ISP at times. Then they work again.HELP!!!!

 

[veloypete]

your problem sounds exaclty like mine, are you using any type of control panel? If so what kind?

 

[rpmws]

Cpanel WHM

 

[Juanra]

Veloypete, this is from http://www.internic.net/cgi/whois?whois_nic=veloy.com&type=domain :

Domain Name: VELOY.COM
Name Server: NS1.VELOY.NET
Name Server: NS2.VELOY.NET

while you've got:
veloy.com. IN NS NS1.VELOY.NET.
veloy.com. IN NS ns3.veloy.net.

You should check veloy.net's zone definition as well.

 

[Ren]

Well I feel fortunate so far I only have one client complaining of this type of problem. He has no problems at his office witch is on pac bell DSL , but at home on his COx cable connection he most of the time can't load his site, Hope this get's resolved soon.

 

[denisk]

we have this exact same problem. Server is up and running and people from SOME isp's simply cannot access the name based accounts.

However, from other ISP's it works flawlessly. Is there no solution to this??!?

 

[Ectoman]

We are getting this problem too with our sites. I hope there is a fix up soon.

 

[justonefee]

For some reason it appears to have solved itself on our servers...
Thank you though for all the replies here!

David.

 

[Bram]

I have a similar problem with my server (WHM and BIND 9).
Sometimes my sites resolve, sometimes they don't. Nameserver entries are all ok.

Posted a thread on WHT forum and with my server provider (VO), still waiting for a solution..

 

[Ren]

The one user I have with the same problem as most of you posting here is , he can't access his site via domain.com or check his email for domain.com and can only view his site via ip from home.

But he can goto work and access his site , check his email via domain.com and everything with no problems .

Btw , this is 2 diffrent isp's he uses
Cox =Home
Pac Bell = Work

 

[rpmws]

I have 5 cases like this now ...all different ISPs. I rebuilt the zones and same thing.

 

[4web-space]

Bind gives those problems all too frequently why doesnt CPanel use a tried and tested DNS like DJBDns. It doesnt require patching every five minutes. It runs via daemon tools and is so much faster and reliable. We have already switched all our Plesk boxes to this and noticed the differences immediately.

We were getting b+ reports from dnsstuff.com now we get A+ most of the time.

Robbie
4web-space.com

 

[furquan]

hi 4-web space

I am using cpanel with bind 9 and facing the same probs,
So, can u tell me as to how do i replace my Bind with DjBdns and to what version.

If you could mention the procedures that you took to do replacement it will be great.

Thanks/-

 

[jamesbond]

It seems I had the same problem.

One person couldn't connect to one of my domains, I checked the zone file and it seemed fine.

He could reach the other domains on the server though.
I restarted BIND, and the next day the domain resolved for him...

It's not clear to me what the cause is of these problems with domains not resolving.
I did notice many non CPanel providers are switching to djbdns.
Maybe CPanel should follow the same path.

 

[ThunderHostingDotCom]

This thread goes back to Aug. Has anyone put in a bug for this and if not WHY?

If the problem seems to go away after restarting BIND couldn't we setup a cron to restart BIND say like every morning at 2 or 3am?