Need help with one customer account's domain name, which fails to resolve externally, despite resolving internally

Operating System & Version
CentOS 7.9
cPanel & WHM Version
11.90.0.17

BicklesCTO

Registered
Nov 19, 2020
1
0
1
Canada
cPanel Access Level
DataCenter Provider
Hi folks, I'm baffled & struggling with a domain name resolution failure for just one of my customers' accounts.

Other accounts & domains on the server are working fine.

I've tried Reset a DNS Zone.

I've tried switching from PowerDNS (pdns) to BIND.

I've tried backing up and restoring the customer's account.

I've double-checked my resolv.conf and csf/lfd config.

Below, I've replaced the IP address and domain names.

The failure experienced when using nslookup from my workstation on a remote network:
Code:
> server my.cpanelserver.com
Default Server:  my.cpanelserver.com
Address:  123.123.123.123

> customeraccountdomain.ca
Server:  my.cpanelserver.com
Address:  123.123.123.123

*** my.cpanelserver.com can't find customeraccountdomain.ca: Server failed

Locally, ssh'd into the server, it works:
Code:
> customeraccountdomain.ca
Server:         my.cpanelserver.com
Address:        123.123.123.123#53

Name:   customeraccountdomain.ca
Address: 123.123.123.123

Any advice or troubleshooting tips would be appreciated! I'll provide the actual IPs & domains if it helps.
 

andrew.n

Well-Known Member
Jun 9, 2020
461
120
43
EU
cPanel Access Level
Root Administrator
This could be a lot of things so if you can tell us at least one of the domains then we might be able to better advise here :)
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
3,236
401
243
cPanel Access Level
Root Administrator
@andrew.n - it's best that people don't post personal details in a forum reply, which is why you likely won't see cPanel team members asking for it. The reason for that is bots constantly scan forums looking for public details (domains, IPs, emails, etc.), and then those get used in malicious ways.

@BicklesCTO - if you're having issues that you need to share personal data with to identify, it's likely best to open a ticket with our team using the link in my signature.
 

andrew.n

Well-Known Member
Jun 9, 2020
461
120
43
EU
cPanel Access Level
Root Administrator
@cPRex right, absolutely, without that info it's a bit hard to help the OP though...maybe you can implement a hidden text field on which we have to click to appear? maybe this way bots can be tricked...just a suggestion :)
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
3,236
401
243
cPanel Access Level
Root Administrator
Not a terrible idea.......but it's not something that could be automated easily as the domain and IP fields can be butchered in many interesting ways. This would mean that each poster would need to manually edit their post data to have this happen using a certain tag, and that might get messy.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
3,236
401
243
cPanel Access Level
Root Administrator
For the original issue, I'd also mention that testing connectivity to the nameservers over port 53 is always good, just to ensure your servers are responding. From another Linux =based system, I used something like this:

Code:
nmap -sU ns1.yourdomain.com -p 53
That command specifically checks for UDP connections on port 53, which is what the DNS system would be using.