Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Unknown API Error when attempting to contact the remote system

Discussion in 'Bind / DNS / Nameserver Issues' started by mitt, Nov 10, 2016.

Tags:
  1. mitt

    mitt Member

    Joined:
    May 11, 2004
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    151
    Hi All,

    I have a DNS cluster setup between a primary WHM cpanel machine and two WHM DNS Only machines that run as ns1 and ns2.

    Recently my vps provider changed the IP of my NS1 machine. Now i am attempting to re-add NS1 to the cluster but keep getting this error message:

    "Unknown API Error when attempting to contact the remote system"

    NS2 is working fine. But if i attempt to modify the entry i get the same error. Any help is appreciated. thanks.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    You can review /usr/local/cpanel/logs/error_log to see the full error message. A resolution to ensure the specific error message is displayed in the WHM UI was published with cPanel version 60.0.8:

    Fixed case CPANEL-9318: Show appropriate error message in DNS Clustering.

    Note that generally this is the result of a firewall rule blocking connections between the two servers. Check to ensure any firewall rules on both systems allow for connections from the other server's IP address.

    Thank you.
     
  3. mitt

    mitt Member

    Joined:
    May 11, 2004
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    151
    Great thanks, i found the error:

    Server Error from: (the correct IP of the server i am trying to add): HTTP/1.1 404 Not Found


    Any ideas? thanks!
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Do you have any firewall rules on either the cPanel server or the DNS-Only server that's restricting access? Ensure the IP address of each server is allowed in the other server's firewall configuration.

    Thank you.
     
  5. mitt

    mitt Member

    Joined:
    May 11, 2004
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    151
    There's nothing blocking in either direction. Doesn't make any sense. What port does this use?
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    It uses port 2087. Could you also review "Host Access Control" in Web Host Manager to ensure that whostmgrd isn't restricted?

    Thank you.
     
  7. WebHostPro

    WebHostPro Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,618
    Likes Received:
    11
    Trophy Points:
    318
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    Twitter:
    I have the same issue, other servers can connect fine but this cannot connect to one DNS server even though the IP for oth servers are in the firewall and host access.

    Any luck solving this?

    My error is just Could not connect to 123.123.1.1:2087: Connection timed out
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    You can review /usr/local/cpanel/logs/login_log on the destination server to look for any specific error messages about the login failure:

    Code:
    tail -f /usr/local/cpanel/logs/login_log
    Also, try manually testing the connection from initial server's command line with telnet:

    Code:
    telnet 123.123.1.1 2087
    If it fails, then it suggests a firewall rule (possibly from the data center) on either of the two servers is blocking traffic over port 2087.

    Thank you.
     
  9. WebHostPro

    WebHostPro Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,618
    Likes Received:
    11
    Trophy Points:
    318
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    Twitter:
    Thanks cPanelMichael

    1. There is no errors from the bad connection on there /usr/local/cpanel/logs/login_log

    2. telnet 123.123.1.1 2087 this just hangs

    3. I'm logged into port 2087 on both computers as I write this.

    I disabled the SSH host access blocks and the disabled the firewall. But still get the same time out.

    My guess now is the SSH cert has an issue.
     
  10. ethix

    ethix Well-Known Member

    Joined:
    Dec 21, 2004
    Messages:
    45
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    Australia
    If you find the issue could you please update the thread.
    I seem to have the same / very similar issue.
     
  11. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    This suggests a potential connection issue. The output should look like this:

    Code:
    # telnet 1.2.3.4 2087
    Trying 1.2.3.4 ...
    Connected to 1.2.3.4.
    Escape character is '^]'.
    Are there any possible traffic filtering rules on the network/data center level that could be filtering traffic? If not, feel free to open a support ticket so we can take a closer look and see what's happening.

    Thank you.
     
  12. intuitivsol

    intuitivsol Member

    Joined:
    Jun 29, 2014
    Messages:
    9
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    Any update on this thread?

    I am trying to do DNS Clustering from 2 cPanel/WHM servers. I seem to get exactly the same issue. Upon checking the logs, I also get:

    Server Error from 139.546.59.51: HTTP/1.1 403 Forbidden Access denied

    I have CSF Firewall installed on both servers and have already completely disabled then, but still getting the same results. I get "Unknown API Error" on both servers after attempting to add a new server to the cluster.

    Any ideas or tips will be greatly appreciated!!
     
  13. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello @intuitivsol,

    Have you tried completing the steps referenced in my earlier post to help narrow down the issue? Do you have any entries in your /etc/hosts.allow file on the server you are connecting to?

    Thank you.
     
  14. intuitivsol

    intuitivsol Member

    Joined:
    Jun 29, 2014
    Messages:
    9
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    Hi Mike, I just checked the /etc/hosts.allow files on both servers and there are no entries, so I guess no blocked IPs. I tried the 'telnet' thing but it's not working (command not recognized it seems).
     
  15. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Feel free to open a support ticket using the link in my signature if you'd like us to take a closer look.

    Thanks!
     
  16. intuitivsol

    intuitivsol Member

    Joined:
    Jun 29, 2014
    Messages:
    9
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    I was able to manage to successfully complete DNS clustering with a 3rd cPanel server. So it seems this one cPanel server is the one blocking connection not allowing the 2 other cPanel servers to connect. I'm not too sure what else to try here, any suggestions or tips will greatly be appreciated!
     
  17. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Do you notice any output to /usr/local/cpanel/logs/login_log on the server you are attempting to connect "to" when encountering the error message?

    Thank you.
     
  18. intuitivsol

    intuitivsol Member

    Joined:
    Jun 29, 2014
    Messages:
    9
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    Hi cPanelMichael, I'm putting aside this 3rd server for now and has been focusing on 2 cPanel servers I was able to already establish connection via DNS Cluster. Again, here's the setup (which was successul the first time I did it), see below. But now, I noticed a 'forbidden access' error:

    vps2.example.com (newer), under 'servers in your cluster' panel I see:
    - hostname: vps1.example.com
    - username: root
    - type: cPanel
    - status: 11.64.0.33 (with a check mark = Server Active)
    - dns role: synchronize changes

    vps1.example.com (older), under 'servers in your cluster' panel I see:
    - hostname: vps2.example.com
    - username: root
    - type: cPanel
    - status: Server Error from 172.xxx.xxx.xxx: HTTP/1.1 403 Forbidden Access denied Server Error
    - dns role: Requires version 8.9 or later.
    - actions: This server is inherited.

    First of all, is this kind of setup correct wherein vps2 role is 'synchronize' while vps1 supposedly was 'standalone' before the issue happened?

    Any idea on how to fix this 'Server Error from 172.xxx.xxx.xxx: HTTP/1.1 403 Forbidden Access denied' status? The new vps2 is "CENTOS 7.3 x86_64 kvm – vps2" while the older vps1 is "CENTOS 6.9 x86_64 kvm – vps" by the way, is this differing CentOS versions problematic? Again, upon initial setup, it was successfull, no errors. But after a week and I suppose some cPanel updates occurred, this is the problem now.
     
  19. intuitivsol

    intuitivsol Member

    Joined:
    Jun 29, 2014
    Messages:
    9
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    Just an updated, I think I may have fixed this issue for now....

    Apparently, the 'Forbidden Access' error was showing up when I was viewing 'Managing DNS Cluster as' another user (reseller with all privileges) other that root, ex. 'another_user'. If I switch the 'Managing DNS Cluster as' to 'root', I can see everything is working, no errors.

    So going back to setting 'Managing DNS Cluster as' to 'another_user', I did the whole add new sever to the cluster process again, and it connected without any issues with vps2 (as standalone). So no errors now! I guess I got confused with how this 'Managing DNS Cluster as' option works in relation to the entire DNS Cluster process.

    Just a question.... if I add a new account under vps1 (which is setup as 'standalone'), do I have to manually do 'synchronize dns records' within vps1? or within vps2? Or is everything already being synchronized automatically because I enabled 'trust relationship'? Any tips will greatly be appreciated, thanks guys!
     
  20. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    The role would need to be set to "Synchronize Changes" or "Write Only" on both servers for it to automatically sync from VPS1 to VPS2 and from VPS2 to VPS1. Keep in mind that WHM-to-WHM cluster setups are not recommended, and may cause DNS errors on your servers. This is documented at:

    Guide to DNS Cluster Configurations - cPanel Knowledge Base - cPanel Documentation

    Thank you.
     
Loading...

Share This Page