Can't Park a domain - nameservers are set

sparek-3

Well-Known Member
Aug 10, 2002
2,007
222
368
cPanel Access Level
Root Administrator
What is the logic that cPanel uses to determine if a would be domain alias is using nameserver IPs registered in /etc/ips.remotedns?

I have a .us.com domain name that is using our nameservers - but I'm still getting a "This domain points to an IP address that does not use the DNS servers associated with this server. Transfer the domain to this server’s nameservers at the domain’s registrar or update your system to recognize the current DNS servers." error message.

Is this because the domain name is a .us.com domain name?
 

ffeingol

Well-Known Member
PartnerNOC
Nov 9, 2001
599
193
343
cPanel Access Level
DataCenter Provider
If I'm understanding correctly, it has nothing to do with the name servers, it's the IP that the domain resolves to (i.e. not your server). Go into Tweak Settings in WHM and turn "Allow Remote Domains" on. That will allow you to add domains that don't resolve to your server.
 
  • Like
Reactions: cPRex

sparek-3

Well-Known Member
Aug 10, 2002
2,007
222
368
cPanel Access Level
Root Administrator
Well, it's more the principle of the matter.

Our nameserver IPs are AA.AA.AA.AA and BB.BB.BB.BB

Inside /etc/ips.remotedns you will find

AA.AA.AA.AA
BB.BB.BB.BB


The domain to park - example1.us.com - is using nameservers that resolve to AA.AA.AA.AA and BB.BB.BB.BB

But the error comes back and tells me that the domain has to be using nameservers associated with this server - but that aspect is true.

Is there a way to see what nameservers cPanel thinks example1.us.com is using?
 

sparek-3

Well-Known Member
Aug 10, 2002
2,007
222
368
cPanel Access Level
Root Administrator
This does appear to be an issue with the .us.com domain name.

If I add - 185.24.64.10 - which is a DNS server for the .us.com domain - to /etc/ips.remotedns and try to park the domain, it works.

This would lead me to believe that there's some deficiencies in the way cPanel determines the nameservers that a domain name is using.
 

sparek-3

Well-Known Member
Aug 10, 2002
2,007
222
368
cPanel Access Level
Root Administrator
From best I can tell, .us domain names are not exhibiting this. It is only .us.com domain name.

Unfortunately, I couldn't wait for this to get resolved, I used the WHM to park the domain name. (This was actually for an addon domain - but it was failing at the parking of the subdomain). So I don't really have an example to show you.

The best way I can tell you to duplicate this issue:

1) Register a .us.com domain name.

2) Set the nameservers for that .us.com domain name to your server's nameservers

3) Don't create an account, addon, domain alias, or anything that would create a DNS zone file for that domain name on your server's nameservers.

Another words, the .us.com domain name should be setup and ready to be added as an addon domain

Now - I tend to do a lot of dig +trace to follow the resolution path that a domain name takes.

If you do a dig +trace example.us.com of the example domain name that you registered, it will probably show something like:

$ dig +trace example.us.com

; <<>> DiG 9.16.1-Ubuntu <<>> +trace example.us.com +nodnssec
;; global options: +cmd
. 1635 IN NS m.root-servers.net.
. 1635 IN NS l.root-servers.net.
. 1635 IN NS k.root-servers.net.
. 1635 IN NS j.root-servers.net.
. 1635 IN NS i.root-servers.net.
. 1635 IN NS h.root-servers.net.
. 1635 IN NS g.root-servers.net.
. 1635 IN NS f.root-servers.net.
. 1635 IN NS e.root-servers.net.
. 1635 IN NS d.root-servers.net.
. 1635 IN NS c.root-servers.net.
. 1635 IN NS b.root-servers.net.
. 1635 IN NS a.root-servers.net.
;; Received 239 bytes from 127.0.0.53#53(127.0.0.53) in 0 ms

com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
;; Received 881 bytes from 192.36.148.17#53(i.root-servers.net) in 59 ms

us.com. 172800 IN NS ns1.centralnic.net.
us.com. 172800 IN NS ns2.centralnic.net.
us.com. 172800 IN NS ns3.centralnic.net.
us.com. 172800 IN NS ns4.centralnic.net.
;; Received 140 bytes from 192.43.172.30#53(i.gtld-servers.net) in 63 ms

example.us.com. 3600 IN NS ns1.yournameserver.com.
example.us.com. 3600 IN NS ns2.yournameserver.com.
;; Received 102 bytes from 185.24.64.10#53(ns2.centralnic.net) in 43 ms


This would correctly show that example.us.com is set to use ns1.yournameserver.com and ns2.yournameserver.com


Now, doing some digging through the cPanel system - I created a script that uses cPanel's logic to determine what nameservers a domain name is using:

#!/usr/local/cpanel/3rdparty/bin/perl

$domain=$ARGV[0];

require Cpanel::DnsRoots;
my ( $result, undef, $names ) = Cpanel::DnsRoots::fetchnameservers($domain);

if ($result) {
my %NAMES = %$names;
my @nameservers = sort keys %NAMES;
foreach my $n (@nameservers) {
print($n . "\n");
}
}


Now when you run this script:

./run.pl example.us.com

It's going to come back with:

ns1.centralnic.net
ns2.centralnic.net
ns3.centralnic.net
ns4.centralnic.net


which is not correct.

It's possible that this script doesn't correctly use cPanel's logic - the creators of cPanel would be better able to determine this.

This can also be verified by trying to create an addon domain using example.us.com - it will get kicked out saying that the domain name is not using nameservers registered to this server.

The IPs that ns1.yournameserver.com and ns2.yournameserver.com resolve to are present in /etc/ips.remotedns

You can further verify this by adding one of the IPs of the centralnic.net nameservers to /etc/ips.remotedns (i.e. 185.24.64.10) and then try to create an addon domain and this will be successful.

Once the domain name is setup with a zone file on the nameservers, this perl script no longer shows this output. (Although, this script appears to be showing the NS records of the DNS Zone file and not necessarily the parent nameservers of the DNS zone - which I'm not sure is correct).

At least this is the behavior that I am seeing. I don't have a ton of .us.com to play with (in fact this is the first and only .us.com domain name I've had to deal with). My best guess is that cPanel is having a hard time acknowledging that .us.com as a TLD (or pseudo-TLD), but again that's a determination better suited for cPanel developers.

I don't know exactly what all is behind cPanel's fetchnameservers() function. For me, programmatically, I've always looped through the lines from dig +trace, the first section that begins with ^example.us.com would contain the lines of the nameservers that the domain name is using. That may not be the most eloquent solution... but it works.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
4,859
600
273
cPanel Access Level
Root Administrator
To me, this sounds like an issue with the domain public suffix, where we're trying to interpret "us.com" not as a TLD, but as a unique domain. I didn't get a chance to test this today, but I'll look into this more for you and update you soon :D
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
4,859
600
273
cPanel Access Level
Root Administrator
After some more testing with @sparek-3 I've created case CPANEL-36766 with our team to look into this as I also was not able to get a domain to validate properly on my end. I've also created the following article so if you're signed in to our ticket system you can follow along to stay updated on this:


Thanks, @sparek-3!!!