The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Can ping name servers, but none of the account domains ?

Discussion in 'General Discussion' started by abitlost, Jan 18, 2012.

  1. abitlost

    abitlost Member

    Joined:
    Jan 18, 2012
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi,

    cPanel user for nearly 8 years, with own server for last 5 - happy... till a hardware issue kicked me hard yesterday.

    I've managed to get pretty much everything back up and running spending considerable time on this forum today, bbut there's one problem that's really got me stumped - I'm sure it's a straightforward fix.

    I have three IP addresses configured like this:

    IP0 - host name (name.mydomain.co.uk) & ns1.mydomain.co.uk
    IP1 - ns2.mydomain.co.uk
    IP3 - ns3.mydomain.co.uk

    Right now I can ping all three name servers correctly, but when I cannot ping the host name or any of my customer domains.

    Any idea where I should start looking?

    Thanks,
    Gary.
     
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Hi Gary,

    Are you using a firewall? If so, first get a copy of all the rules in the firewall:

    Code:
    /sbin/iptables -n -L
    After that, could you try flushing the firewall to see if the domains work? If they do, then it is a rule in the firewall. It is possible the UDP for port 53 isn't listening on your firewall, which would prevent named from being used to resolve the domains.

    Thanks!
     
  3. abitlost

    abitlost Member

    Joined:
    Jan 18, 2012
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi - I've pm'd my firewall config which I think looks ok?
     
  4. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    It doesn't look okay as this line is rejecting ports not already allowed for the RH-Firewall-1-INPUT chain:

    REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

    As I stated, UDP for port 53 needs to be opened to listen (I had accidentally noted port 953 previously, so I've revised my post for port 53 instead, but your firewall rules have no udp ports opened other than 161 anyway). Please either add a rule to allow that port for listening or flush the firewall. Here is how you'd add a rule for it to that chain:

    Code:
    /sbin/iptables -I RH-Firewall-1-INPUT -p udp -m udp --dport 53 -j ACCEPT
    If that port isn't opened for UDP traffic, domains cannot resolve on the machine.
     
  5. abitlost

    abitlost Member

    Joined:
    Jan 18, 2012
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I stand corrected - thank you :)

    I have added that rule, but I still cannot access any of the websites hosted on the server - although I can now use the host name url to access whm. no change with the firewall rules flushed though.

    I now realise that I can access newly created accounts on the server, but not those I recovered via rsync earlier today - I think a config file must be missing or incomplete after my restore - are there any obvious files to investigate?

    Thanks for your time.
     
  6. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Could you submit a ticket to us for us to check an account on the machine? You could open up a ticket in WHM > Support Center > Contact cPanel or using the link in my signature. If you would like to post the ticket number here after opening one, we could more easily track the resolution of the issue. Thanks!
     
  7. abitlost

    abitlost Member

    Joined:
    Jan 18, 2012
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Thanks - ticket number is 2156954.
     
  8. abitlost

    abitlost Member

    Joined:
    Jan 18, 2012
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I have now resolved this issue - it was a combination of the firewall issue mentioned above (thank you Tristan) and an incorrect IP in the "resolver configuration". Thanks again for you help, it's been a trying day today :) Ticket also close.

    One quick question though the firewall rule shown above persist following a reboot?
     
Loading...

Share This Page