Default nameservers setup

[ankitpatel.akp4]

Hello, I have two problems.

1. I trying to setup up a default nameserver for my whm. I followed this article. And I completed all the steps. But it's not working. when I check it on Leafdns it says "Nameserver is unreachable".
2. when I create a new account I get "The certificate has the following errors: Certificate #1 has 1 validation error: DEPTH_ZERO_SELF_SIGNED_CERT."

Thanks.

 

[cPRex]

Hey there! I am not able to ping the nameserver at this time, which tells me there is no A record created for the ns1 subdomain. Can you ensure that is in place on the machine?

 

[ResellerWiz]

The first question I have is did you allow enough time for the DNS changes to propagate?

Also, as @cPRex mentioned, do you have a valid A record for the nameserver hosts in the DNS zone for the nameserver domain?

 

[ankitpatel.akp4]

The first question I have is did you allow enough time for the DNS changes to propagate?

Also, as @cPRex mentioned, do you have a valid A record for the nameserver hosts in the DNS zone for the nameserver domain?

Yes, I waited for around 48 hours.

 

[ankitpatel.akp4]

Hey there! I am not able to ping the nameserver at this time, which tells me there is no A record created for the ns1 subdomain. Can you ensure that is in place on the machine?

Yes, I have an A record.

 

[cPRex]

I do see the nameservers are properly registered at GoDaddy, so you may want to reach out to them since they aren't working as intended. I don't see any reason they wouldn't be working with the data I have access to.

 

[ankitpatel.akp4]

Hey there! I am not able to ping the nameserver at this time, which tells me there is no A record created for the ns1 subdomain. Can you ensure that is in place on the machine?

How can I check if my nameserver is running on my machine?

 

[cPRex]

By default, all cPanel servers have a nameserver enabled. On a modern cPanel server, I would expect this command would show the Power DNS service running. Here is an example from an AlmaLinux 8 machine server showing the process running;

# ps aux | grep -i pdns
named    2039275  0.0  0.7 1178936 28836 ?       Ssl  May22   2:39 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no

 

[ankitpatel.akp4]

By default, all cPanel servers have a nameserver enabled. On a modern cPanel server, I would expect this command would show the Power DNS service running. Here is an example from an AlmaLinux 8 machine server showing the process running;

# ps aux | grep -i pdns
named    2039275  0.0  0.7 1178936 28836 ?       Ssl  May22   2:39 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no

Could you please take a look at the output of the command?
Is it working fine?

$ ps aux | grep -i pdns
named 669 0.0 0.6 671400 6892 ? Ssl Jun03 0:11 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no
ubuntu 73681 0.0 0.2 10764 2532 pts/0 S+ 18:55 0:00 grep --color=auto -i pdns

 

[cPRex]

That looks good to me.

Can you run this command *from an external machine*? We need to test the connection going into your server:

telnet x.x.x.x 53

where "x.x.x.x" is the IP address of your server.

 

[cPRex]

Actually, I had enough information to perform the test on my end. I see that the port is being filtered when I check with an nmap test:

PORT   STATE         SERVICE
53/udp open|filtered domain

At this point, you'll have to contact the hosting provider to have them check the network settings and get that resolved, since that isn't something that is happening on your server.

 

[ankitpatel.akp4]

That looks good to me.

Can you run this command *from an external machine*? We need to test the connection going into your server:

telnet x.x.x.x 53

where "x.x.x.x" is the IP address of your server.

I got this.
1 % telnet 13.234.70.102 53
Trying 13.234.70.102...
Connected to 13.234.70.102.
Escape character is '^]'.
Connection closed by foreign host.

 

[cPRex]

Did you see that second reply about the filtering?

 

[ankitpatel.akp4]

Actually, I had enough information to perform the test on my end. I see that the port is being filtered when I check with an nmap test:

PORT   STATE         SERVICE
53/udp open|filtered domain

At this point, you'll have to contact the hosting provider to have them check the network settings and get that resolved, since that isn't something that is happening on your server.

Thanks for your help. I will connect with my hosting provider. I am using aws which network setting do I need to check? Can you help me with it?

 

[cPRex]

This wouldn't be a setting you could control, so it's not something I could help with on my end.

 

[ankitpatel.akp4]

Hi, good morning.
Thanks a lot.
My first problem is solved.
how can I solve the second problem?
(when I create a new account I get "The certificate has the following errors: Certificate #1 has 1 validation error: DEPTH_ZERO_SELF_SIGNED_CERT.")

 

[cPRex]

Do your accounts have AutoSSL enabled? If so, it can take a bit for the AutoSSL certificate to be issued, as the DNS has to be fully functional first.