The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Issue with Bind

Discussion in 'Bind / DNS / Nameserver Issues' started by ae9803, Dec 30, 2015.

  1. ae9803

    ae9803 Member

    Joined:
    Dec 21, 2015
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    Hello everyone,
    I am really stuck. My server is completely messed up and I am not sure what the issue is.

    I am getting a TON of these errors in the /var/log/messages

    Code:
    Dec 30 13:38:02 server kernel: [ 6763.793709] Firewall: *ICMP_IN Blocked* IN=eth0 OUT= MAC=00:25:90:7b:44:7a:00:ff:ff:ff:ff:fe:08:00 SRC=92.222.186.1 DST=198.27.88.230 LEN=32 TOS=0x00 PREC=0x00 TTL=9 ID=1 DF PROTO=ICMP TYPE=8 CODE=0 ID=62171 SEQ=1
    Dec 30 13:38:02 server kernel: [ 6763.951813] Firewall: *ICMP_IN Blocked* IN=eth0 OUT= MAC=00:25:90:7b:44:7a:00:ff:ff:ff:ff:fe:08:00 SRC=92.222.186.1 DST=158.69.103.112 LEN=32 TOS=0x00 PREC=0x00 TTL=9 ID=1 DF PROTO=ICMP TYPE=8 CODE=0 ID=62171 SEQ=1
    Dec 30 13:38:17 server kernel: [ 6779.059999] Firewall: *ICMP_IN Blocked* IN=eth0 OUT= MAC=00:25:90:7b:44:7a:00:ff:ff:ff:ff:fe:08:00 SRC=92.222.186.1 DST=158.69.103.114 LEN=32 TOS=0x00 PREC=0x00 TTL=9 ID=1 DF PROTO=ICMP TYPE=8 CODE=0 ID=34606 SEQ=1
    Dec 30 13:38:17 server kernel: [ 6779.078496] Firewall: *ICMP_IN Blocked* IN=eth0 OUT= MAC=00:25:90:7b:44:7a:00:ff:ff:ff:ff:fe:08:00 SRC=92.222.186.1 DST=158.69.103.115 LEN=32 TOS=0x00 PREC=0x00 TTL=9 ID=1 DF PROTO=ICMP TYPE=8 CODE=0 ID=34606 SEQ=1
    Dec 30 13:38:32 server kernel: [ 6794.141319] Firewall: *ICMP_IN Blocked* IN=eth0 OUT= MAC=00:25:90:7b:44:7a:00:ff:ff:ff:ff:fe:08:00 SRC=92.222.186.1 DST=158.69.103.115 LEN=32 TOS=0x00 PREC=0x00 TTL=9 ID=1 DF PROTO=ICMP TYPE=8 CODE=0 ID=12183 SEQ=1
    Dec 30 13:38:32 server kernel: [ 6794.218951] Firewall: *ICMP_IN Blocked* IN=eth0 OUT= MAC=00:25:90:7b:44:7a:00:ff:ff:ff:ff:fe:08:00 SRC=92.222.186.1 DST=198.27.88.230 LEN=32 TOS=0x00 PREC=0x00 TTL=9 ID=1 DF PROTO=ICMP TYPE=8 CODE=0 ID=12183 SEQ=1
    Dec 30 13:38:47 server kernel: [ 6809.265822] Firewall: *ICMP_IN Blocked* IN=eth0 OUT= MAC=00:25:90:7b:44:7a:00:ff:ff:ff:ff:fe:08:00 SRC=92.222.186.1 DST=192.99.9.227 LEN=32 TOS=0x00 PREC=0x00 TTL=9 ID=1 DF PROTO=ICMP TYPE=8 CODE=0 ID=55866 SEQ=1
    Dec 30 13:38:47 server kernel: [ 6809.302195] Firewall: *ICMP_IN Blocked* IN=eth0 OUT= MAC=00:25:90:7b:44:7a:00:ff:ff:ff:ff:fe:08:00 SRC=92.222.186.1 DST=158.69.103.113 LEN=32 TOS=0x00 PREC=0x00 TTL=9 ID=1 DF PROTO=ICMP TYPE=8 CODE=0 ID=55866 SEQ=1
    Dec 30 13:39:01 server kernel: [ 6823.132664] Firewall: *UDP_OUT Blocked* IN= OUT=eth0 SRC=192.99.9.227 DST=37.187.231.251 LEN=209 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=38698 DPT=6130 LEN=189 UID=0 GID=0
    Dec 30 13:39:01 server kernel: [ 6823.153991] Firewall: *UDP_OUT Blocked* IN= OUT=eth0 SRC=192.99.9.227 DST=37.187.231.251 LEN=216 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=40964 DPT=6136 LEN=196 UID=0 GID=0
    Dec 30 13:39:01 server kernel: [ 6823.169510] Firewall: *UDP_OUT Blocked* IN= OUT=eth0 SRC=192.99.9.227 DST=37.187.231.251 LEN=190 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=35026 DPT=6170 LEN=170 UID=0 GID=0
    Dec 30 13:39:01 server kernel: [ 6823.169852] Firewall: *UDP_OUT Blocked* IN= OUT=eth0 SRC=192.99.9.227 DST=37.187.231.251 LEN=309 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=54773 DPT=6140 LEN=289 UID=0 GID=0
    Dec 30 13:39:01 server kernel: [ 6823.170212] Firewall: *UDP_OUT Blocked* IN= OUT=eth0 SRC=192.99.9.227 DST=37.187.231.251 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=60343 DPT=6162 LEN=45 UID=0 GID=0
    Dec 30 13:39:02 server kernel: [ 6823.776525] Firewall: *ICMP_IN Blocked* IN=eth0 OUT= MAC=00:25:90:7b:44:7a:00:ff:ff:ff:ff:fe:08:00 SRC=92.222.186.1 DST=192.95.22.76 LEN=32 TOS=0x00 PREC=0x00 TTL=9 ID=1 DF PROTO=ICMP TYPE=8 CODE=0 ID=29225 SEQ=1
    Dec 30 13:39:02 server kernel: [ 6824.186813] Firewall: *ICMP_IN Blocked* IN=eth0 OUT= MAC=00:25:90:7b:44:7a:00:ff:ff:ff:ff:fe:08:00 SRC=92.222.186.1 DST=158.69.103.115 LEN=32 TOS=0x00 PREC=0x00 TTL=9 ID=1 DF PROTO=ICMP TYPE=8 CODE=0 ID=29225 SEQ=1
    Dec 30 13:39:17 server kernel: [ 6838.950863] Firewall: *ICMP_IN Blocked* IN=eth0 OUT= MAC=00:25:90:7b:44:7a:00:ff:ff:ff:ff:fe:08:00 SRC=92.222.186.1 DST=158.69.103.115 LEN=32 TOS=0x00 PREC=0x00 TTL=9 ID=1 DF PROTO=ICMP TYPE=8 CODE=0 ID=17514 SEQ=1
    Dec 30 13:39:17 server kernel: [ 6839.097712] Firewall: *ICMP_IN Blocked* IN=eth0 OUT= MAC=00:25:90:7b:44:7a:00:ff:ff:ff:ff:fe:08:00 SRC=92.222.186.1 DST=198.27.88.230 LEN=32 TOS=0x00 PREC=0x00 TTL=9 ID=1 DF PROTO=ICMP TYPE=8 CODE=0 ID=17514 SEQ=1
    Also,
    Any of my clients websites that point to my NS. Are down. Bind and Named are showing up but I just cannot figure out where to start. Any advice would be greatly helpful!


    Jake
     
  2. ae9803

    ae9803 Member

    Joined:
    Dec 21, 2015
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    Also,
    I would like to add that I did update the server. I currently run Centos 6.7
     
  3. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,471
    Likes Received:
    199
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    That output is from your firewall of course. It shows us no errors, only blocks.

    What is the actual issue you're having? If it's DNS related, you might check the domain for issues using a site like intodns.com
     
  4. ae9803

    ae9803 Member

    Joined:
    Dec 21, 2015
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    Hello,
    Thankyou so much for the reply. I have checked here, - Removed -

    I am not sure with those errors what seems to be the issue. BIND is up, but I cannot troubleshoot because every log that I have looked at isnt displaying issue. But, like I said, every domain that is pointed to the name servers ns1.example.com and ns2.example.com arent resolving after I updated centos.

    Also here is the output of DIG if this helps at all.... LOL

    Code:
    ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.5 <<>> example.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43564
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
    
    ;; QUESTION SECTION:
    ;example.com.         IN      A
    
    ;; ANSWER SECTION:
    example.com.  14400   IN      A       158.69.xxx.xxx
    
    ;; AUTHORITY SECTION:
    example.com.  86400   IN      NS      ns2.example.com.
    example.com.  86400   IN      NS      ns1.example.com.
    
    ;; ADDITIONAL SECTION:
    ns1.example.com. 14400 IN     A       192.95.xx.xx
    ns2.example.com. 14400 IN     A       198.27.xx.xxx
    
    ;; Query time: 0 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Wed Dec 30 15:48:52 2015
    ;; MSG SIZE  rcvd: 123
     
    #4 ae9803, Dec 30, 2015
    Last edited by a moderator: Dec 30, 2015
  5. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,471
    Likes Received:
    199
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Check your firewall's blocked IPs list for your own IP addresses to make sure they're not blocked.
    You don't appear to have your DNS setup properly for the nameservers.
     
  6. ae9803

    ae9803 Member

    Joined:
    Dec 21, 2015
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    Everything had been set up fine before the update and I actually have been running smoothly for months before this issue...

    For anyone with this issue, under option fixed the issue right away.

    listen-on port 53 { any; };
    allow-query { any; };
    allow-recursion { any; };
     
  7. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,471
    Likes Received:
    199
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Under what option exactly?
     
  8. ae9803

    ae9803 Member

    Joined:
    Dec 21, 2015
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    Code:
    options {
    query-source port 53;
        listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory     "/var/named";
        dump-file     "/var/named/data/cache_dump.db";
            statistics-file "/var/named/data/named_stats.txt";
            memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        allow-recursion { any; };
        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;
    
        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";
    
        managed-keys-directory "/var/named/dynamic";
    };
    
    I guess the code wasnt picking up on the forum? Hopefully that works
     
  9. ae9803

    ae9803 Member

    Joined:
    Dec 21, 2015
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    Though setting allow-query any is very unsafe, I cannot find away around it.... I get alot of these errors
    Dec 30 18:01:11 server named[30337]: client 130.207.54.136#4438: query 'ns1.example.com/AAAA/IN' denied
     
    #9 ae9803, Dec 30, 2015
    Last edited by a moderator: Dec 30, 2015
Loading...

Share This Page