The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DNS Server problem

Discussion in 'Bind / DNS / Nameserver Issues' started by maever, Oct 28, 2005.

  1. maever

    maever Active Member

    Joined:
    Sep 26, 2005
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    6
    Okay, i have recently taken over a webhosting business and i am moving it to my own servers in a datacenter.

    I am having some problems and i don't exactly know where to start on solving them

    first off i have a serious DNS server problem,
    it seems to be forgetting all subdomain entries and www. prefixes around every hour.
    at a certain point in time it just will not let me connect to www. prefixes and subdomains,
    the problem only lasts for like 5 minutes but if its repeated around every hour this will become a problem. sometimes the domains even disconnect for a few minutes.
    this is NOT an ISP related issue, i had this tested on multiple PCs with diffrent ISPs.
    sometimes the subdomain gives a timeout error on first connection attempt and then right after i press refresh it starts working just fine.

    I couldn't find anything in my kernel logs, then again, am i checking the right files?.

    I am running CentOS 3.5 and have a total of 3 servers clustered to eachother with DNS clustering though the problem i had was even before i had these servers clustered.

    Also the FTP on the servers has been shutting down or stops recieving connections.
    if i reboot it its fine for another hour or so. but i don't want to reboot the ftp server every hour, anyone know what this could be, the error i get is 'The machine actively refuses the connection' i've tried it with multiple FTP programme's and Multiple computers with diffrent ISPs.

    So anyone any suggestions ??

    Thanks

    Also, I know this is not the "real" place for support.
    but my datacenter also does not know the exact answer,
    I've tried finding other solutions, but i found none and the ones on this forum dont seem to completly match my issue.

    I really hope someone can find the time to help me with this.
    it will be greatly apriciated.
     
    #1 maever, Oct 28, 2005
    Last edited: Oct 31, 2005
  2. maever

    maever Active Member

    Joined:
    Sep 26, 2005
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    6
    I wonder if anyone here would know about the solution to this problem.
    Otherwise i'm lost here and would just need to use another OS and Controlpanel.
     
  3. nickp666

    nickp666 Well-Known Member

    Joined:
    Jan 28, 2005
    Messages:
    770
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    /dev/null
    is your server being attacked? this could possibly explain the failures
     
  4. maever

    maever Active Member

    Joined:
    Sep 26, 2005
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    6
    Thanks for the reply but no, loads are between 0.09 and 1.9 at the moment,
    we are getting some password ssh bruteforcers on one of the servers but they cause nothing serious at the moment, i wish them good luck in trying though.
    but i doubt its because of that. any other ideas?
     
  5. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,367
    Likes Received:
    5
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Have you checked your dns setup thru dnsreport.com?
     
  6. maever

    maever Active Member

    Joined:
    Sep 26, 2005
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    6
  7. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,367
    Likes Received:
    5
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    The root servers are reporting ns1.provenance.nu and ns2.provenance.nu as authority for the domain but your name servers are being shown as 206.222.12.206.provenance.nu and 206.222.12.205.provenance.nu.

    Check the zone file in WHM for provenance.nu and see what name servers are listed. Would also be a good idea to check at the registrar for provenance.nu to confirm what name servers are listed as authority for the domain.
     
  8. maever

    maever Active Member

    Joined:
    Sep 26, 2005
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    6
    Okay the thing we found is this:

    Domain settings (in registar config page)


    Domain settings (on our server)

    i think the config is currently a bit double
    as its forwarded in the domain registar config aswell as the server DNS zone ,
    we are not sure which one should be removed.

    any ideas?
     
  9. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,367
    Likes Received:
    5
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    When you say "name server menu" are you referring to this?
    WHM >> Main >> Networking Setup >> Nameserver IPs

    If so that looks okay.

    Would check to see what /etc/nameserverips shows and also check /etc/resolv.conf.

    Can't say I'm familiar with the "childdomains" reference.
     
  10. maever

    maever Active Member

    Joined:
    Sep 26, 2005
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    6
    Child domains should be the same as 'sub domains'
    could it be those subdomains which create resolve issues?
    or anything else mentioned above?

    resolve.conf server1:
    search server
    nameserver 209.51.192.194
    nameserver 206.222.1.3
    nameserver 194.134.5.5

    nameserverips server1:
    206.222.12.202=0
    206.222.12.203=ns1.gamingforce.nl
    206.222.12.204=ns2.gamingforce.nl
    206.222.12.205=ns1.provenance.nu
    206.222.12.206=ns2.provenance.nu


    resolv.conf server2:
    ; generated by /sbin/dhclient-script
    search thenap.com
    (these ips dont belong to me)
    nameserver 206.222.1.2
    nameserver 206.222.1.3

    nameserverips server2:
    209.190.18.10=ns1.webhostingboy.com
    209.190.18.11=NS2.WEBHOSTINGBOY.COM
    (seems to be correct)
     
    #10 maever, Oct 31, 2005
    Last edited: Oct 31, 2005
  11. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,367
    Likes Received:
    5
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    The resolv.conf file is usually setup such on a cPanel box:

    domain "server name"
    search "server name"
    nameserver "primary shared IP"
    nameserver "primary name server IP"
    nameserver "secondary name server IP"

    There are variations on that but that is a good place to start.

    As to the resolv.conf on server 2. It appears that the file is being dynamically written by a dhclient script. May have something to do with the DNS clustering setup you mentioned in the first post.

    Since the IPs in the server2 resolv.conf don't belong to you then investigating that setup should lead to some additional answers.
     
  12. maever

    maever Active Member

    Joined:
    Sep 26, 2005
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    6
    I think the second resolv could be the good one as:
    search thenap.com

    thenap.com is my datacenter.

    as in the resolv.conf all ips in both of them are not mine.
    they are datacenter resolve-servers i believe, it figures.

    any ideas on what i can actualy do, I'm still a bit confused on the domain issue where the stealth domains fail, i don't see ways to fix it.
    again.. the information given in the domain is double,
    cuz the domain registar forwards it aswell as the server itself has A entries for the domain.
    which one should i remove...
     
  13. Zaf

    Zaf Well-Known Member

    Joined:
    Aug 22, 2005
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    I found the following problems with your DNS report, which should help you solve the problem (hopefully).
    1. You dont have a reverse dns set for your IPS. Your data center should be able to help you with that.
    2. Your SOA contains your Master server as 206.222.12.205.provenance.nu. which should actually be ns1.provenance.nu.
    3. I'm not too sure but it seems your zone file has two missing records of NS type.
    Code:
    provenance.nu.	IN	NS	ns1.provenance.nu.
    provenance.nu.	IN	NS	ns2.provenance.nu.
     
    #13 Zaf, Nov 1, 2005
    Last edited: Nov 1, 2005
  14. maever

    maever Active Member

    Joined:
    Sep 26, 2005
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    6
    Thank you very much,

    This indeed did fix some of the nameserver problems.
    it seems to be pretty much okay now.

    I am not sure if the www. prefix problem has disapeared but i will get back on this if i see it happening again.

    THANKS ALL OFF YOU!!
    YOU HAVE BEEN GREAT SUPPORT AND I AM TRULY THANKFULL TO ALL THAT REPLIED
     
    #14 maever, Nov 1, 2005
    Last edited: Nov 1, 2005
  15. Zaf

    Zaf Well-Known Member

    Joined:
    Aug 22, 2005
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    Your site is resolving perfectly fine from here and the DNSReport is almost fine too. Guess you did not check my PM where I had sent a sample DNS zone file that you could use as a reference.
    Serious problems with that zone I guess, you should look at your PM where I have sent you a good sample of how your zone file should look like. Also make sure you change your zone templates too for avoiding future problem whenever you add domains. If you are facing a lot of problems on the DNS front for the domains on your server, maybe you could PM me and I'll try to take care of it.
     
Loading...

Share This Page