The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DNS bug when adding domains

Discussion in 'Bind / DNS / Nameserver Issues' started by Skizzerz, May 25, 2015.

  1. Skizzerz

    Skizzerz Registered

    Joined:
    May 25, 2015
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    Couldn't find the bugtracker, so leaving this here instead:

    When cPanel is trying to determine if a domain can be added, it sends off a DNS query to get the nameservers of the target domain. However, if the nameserver it is querying uses recursion, this could result in a timeout followed by showing the end user the error message "Unable to add the domain name − Sorry, the domain is already pointed to an IP address that does not appear to use DNS servers associated with this server. Please transfer the domain to this servers nameservers or have your administrator add one of its nameservers to /etc/ips.remotedns and make the proper A entries on that remote nameserver."

    When making these queries (sub _dig in /usr/local/cpanel/Cpanel/DnsRoots.pm), cPanel should specify that recursion is disabled for the query so that the target nameserver does not attempt to recurse the query. Otherwise if the user has their nameservers set correctly, the target server will attempt to recurse back to the cPanel server, which obviously doesn't have a zone for the domain since it hasn't been added yet. I've attached the results of two digs to illustrate this.

    Code:
    root@xo1 [~]# dig @a.nic.io domain.io NS
    
    ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.2 <<>> @a.nic.io domain.io NS
    ; (2 servers found)
    ;; global options: +cmd
    ;; connection timed out; no servers could be reached
    
    root@xo1 [~]# dig @a.nic.io +norecurse domain.io NS
    
    ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.2 <<>> @a.nic.io +norecurse domain.io NS
    ; (2 servers found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17757
    ;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;domain.io. IN NS
    
    ;; AUTHORITY SECTION:
    domain.io. 86400 IN NS ns1.dmain.com.
    domain.io. 86400 IN NS ns2.dmain.com.
    
    ;; Query time: 41 msec
    ;; SERVER: 64.251.31.179#53(64.251.31.179)
    ;; WHEN: Tue May 19 01:55:48 2015
    ;; MSG SIZE rcvd: 82
    As can be seen from the above output, the a.nic.io nameserver recurses by default, so when trying to add a .io domain as an addon/parked domain, a.nic.io then attempts to query our own nameservers, which times out due to not having a zone for the domain yet.

    The fix for this is quite simple, see the provided patch file for /usr/local/cpanel/Cpanel/DnsRoots.pm (patch was made against cPanel 11.48)
    Code:
    --- Cpanel/DnsRoots.pm  2013-05-14 10:47:06.000000000 -0400
    +++ Cpanel/DnsRoots.pm  2015-05-25 01:36:46.387241016 -0400
    @@ -402,6 +402,7 @@
             if ($rNSIPS) {
                 $res->nameservers( @{$rNSIPS} );
             }
    +        $res->recurse(0);
             my $answer;
             if ($record) {
                 $answer = $res->send( $query, $record, 'IN' );
    @@ -427,6 +428,7 @@
                     }
                     push @DIGCMD, '@' . $rNSIPS->[0];
                 }
    +            push @DIGCMD, '+norecurse';
                 push @DIGCMD, $query;
                 if ($record) {
                     push @DIGCMD, $record;
    
    Would appreciate if this fix could land in 11.48, but if we need to wait for 11.50 that should be fine as well, there are workarounds that we can manually apply for the affected users (and I may try editing the .pm file myself on a test server to see if that applies the proper fix and doesn't break upgrades).
     
    #1 Skizzerz, May 25, 2015
    Last edited by a moderator: May 25, 2015
  2. Skizzerz

    Skizzerz Registered

    Joined:
    May 25, 2015
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    Found the bugtracker, submitted as ticket 6560775.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    Internal case number 189689 has been opened to address this issue. There's currently no time frame for a resolution, but you can monitor our change logs for this case number to see when a resolution has been released:

    cPanel - Change Logs

    Thank you.
     
Loading...

Share This Page