pingo

Well-Known Member
Nov 16, 2002
428
0
166
I hope that someone will take the time to read this and lend me a helping hand. I am stuck with this problem and don't know what to do.

This issue has been going on for days now. I created a reseller account with private nameservers and IPs for this client, but for some reasons his nameservers doesn't work - or I don't know if it is one of these situations with propagation that takes days.

When I test it on

http://www.ip-plus.net/tools/dns_check_set.en.html

domain.com
IP for NS1 xx.xx.xxx.xx

it returns this error:

check-dom domain.com IP for NS1

Setting Source IP Address to : "164.128.36.54"

Check if the server "xx.xx.xxx.xx" is configured for "domain.com" ... failed.
*** ERROR *** domain.com SOA record not found at xx.xx.xxx.xx, try again


Testing domain.com at dnsreport.com returns an error as well. It only returns the first category 'Parent' which passes but an error is returned at the next category NS:

FAIL NS A timeout occurred getting the NS records from your nameservers! None of your nameservers responded fast enough. They are probably down or unreachable. I can't continue since your nameservers aren't responding.

The client can access his WHM/cPanel using the IP without any problem and I did several successfull traceroutes to both IPs (ns1/ns2) from traceroute.org.

So I can't figure this one out. Does anybody here have experience with a similar situation or can tell me why this account won't work?

This is a new server that were added to an existing trust relationship as a slave. Several accounts has already been set up namebased on it, using anonymous nameservers (no ded. IPs) and they're working without any problems. This is the first account set up with private nameservers and dedicated IPs on this server.

Hope that someone here has the answer or could lead me in the right direction. Several support techs has looked at it but noone could figure it out until now.

Thanks
John

cPanel.net Support Ticket Number:
 

NeutralGold

Well-Known Member
Jun 5, 2002
230
0
316
Make sure an *A* entry has been added for the name servers as well..

cPanel.net Support Ticket Number:
 

pingo

Well-Known Member
Nov 16, 2002
428
0
166
Have the nameservers in question been setup with the registrar of that domain?

Yes, he registered his private nameservers with the IPs at directnic.

John

cPanel.net Support Ticket Number:
 

pingo

Well-Known Member
Nov 16, 2002
428
0
166
Make sure an *A* entry has been added for the name servers as well..

Yes, two A records has already been added:

NS1 14400 A xx.xxx.xx.x1
NS2 14400 A xx.xxx.xx.x2

John

cPanel.net Support Ticket Number:
 

pingo

Well-Known Member
Nov 16, 2002
428
0
166
I'm not sure about what is returned but here it is:

[email protected] [~]# dig ns1.rionegocios.com hostingapi.com

; <<>> DiG 9.2.1 <<>> ns1.rionegocios.com hostingapi.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58214
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1

;; QUESTION SECTION:
;ns1.rionegocios.com. IN A

;; ANSWER SECTION:
ns1.rionegocios.com. 14400 IN A 69.22.163.35

;; AUTHORITY SECTION:
rionegocios.com. 14400 IN NS ns2.rionegocios.com.
rionegocios.com. 14400 IN NS ns1.rionegocios.com.

;; ADDITIONAL SECTION:
ns2.rionegocios.com. 14400 IN A 69.22.163.36

;; Query time: 33 msec
;; SERVER: 64.241.79.50#53(64.241.79.50)
;; WHEN: Tue May 27 05:30:16 2003
;; MSG SIZE rcvd: 101

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16353
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;hostingapi.com. IN A

;; ANSWER SECTION:
hostingapi.com. 14400 IN A 64.241.79.50

;; AUTHORITY SECTION:
hostingapi.com. 14400 IN NS ns2.hostingapi.com.
hostingapi.com. 14400 IN NS ns1.hostingapi.com.

;; ADDITIONAL SECTION:
ns1.hostingapi.com. 14400 IN A 64.241.79.50
ns2.hostingapi.com. 14400 IN A 64.241.79.151

;; Query time: 17 msec
;; SERVER: 64.241.79.50#53(64.241.79.50)
;; WHEN: Tue May 27 05:30:16 2003
;; MSG SIZE rcvd: 116

[email protected] [~]#

Does it look ok?

John
 

pingo

Well-Known Member
Nov 16, 2002
428
0
166
I did a nameserver search for both nameservers at internic, and both returned the correct IP for these nameservers

Server Name: NS1.RIONEGOCIOS.COM
IP Address: 69.22.163.35

Server Name: NS2.RIONEGOCIOS.COM
IP Address: 69.22.163.36


These are the correct IPs.

John

cPanel.net Support Ticket Number:
 

dgbaker

Well-Known Member
PartnerNOC
Sep 20, 2002
2,531
9
343
Toronto, Ontario Canada
cPanel Access Level
DataCenter Provider
You missed a character.

This

dig ns1.rionegocios.com hostingapi.com


Should be this (note the @ sign)

dig @ns1.rionegocios.com hostingapi.com

ns1 being the nameservers that are failing.

cPanel.net Support Ticket Number:
 

pingo

Well-Known Member
Nov 16, 2002
428
0
166
Ops - thank you. Is there a problem with it?

[email protected] [~]# dig @ns1.rionegocios.com hostingapi.com

; <<>> DiG 9.2.1 <<>> @ns1.rionegocios.com hostingapi.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34696
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;hostingapi.com. IN A

;; ANSWER SECTION:
hostingapi.com. 14400 IN A 64.241.79.50

;; AUTHORITY SECTION:
hostingapi.com. 14400 IN NS ns2.hostingapi.com.
hostingapi.com. 14400 IN NS ns1.hostingapi.com.

;; ADDITIONAL SECTION:
ns1.hostingapi.com. 14400 IN A 64.241.79.50
ns2.hostingapi.com. 14400 IN A 64.241.79.151

;; Query time: 1 msec
;; SERVER: 69.22.163.35#53(ns1.rionegocios.com)
;; WHEN: Tue May 27 06:02:09 2003
;; MSG SIZE rcvd: 116

[email protected] [~]#

John

cPanel.net Support Ticket Number:
 

dgbaker

Well-Known Member
PartnerNOC
Sep 20, 2002
2,531
9
343
Toronto, Ontario Canada
cPanel Access Level
DataCenter Provider
Hmm, weird.

If you ping either the ns1 or the hostingapi.com you get a hostname of .

That's right a period, nothing else that's weird.

Anyway, cannot dig external that's one issue.

Does /etc/nameserverips have these listed in it?
Does /etc/wwwacct.conf have these listed in it?
Does /etc/named.conf have the zone file listed for them?

Have you stopped and started named?

cPanel.net Support Ticket Number:
 

pingo

Well-Known Member
Nov 16, 2002
428
0
166
The server is in a trust relationship (slave) with 2 other servers. servers are named apollo.hostingapi.com etc and the nameservers used (for non reseller accounts) are ns1/ns2.hostingapi.com. I don't know if this means anything.

Maybe I should have used an external domain - sorry, I didn't quite understand that.

Does /etc/nameserverips have these listed in it?"

Yes, they're listed there:

69.22.163.35=ns1.rionegocios.com
69.22.163.36=ns2.rionegocios.com


Does /etc/wwwacct.conf have these listed in it?

No, I don't see them listed there. This is the content:

UW PICO(tm) 4.2 File: /etc/wwwacct.conf

ADDR 69.22.169.35 (this is the servers main IP)
AIMPASS
AIMUSER
BINDVER 8
CONTACTAIM
CONTACTEMAIL [email protected]
CONTACTPAGER
CONTACTUIN
DEFMOD coolbreeze
DNSMASTER 64.241.79.50
ETHDEV
FTPTYPE proftpd
HOMEDIR /home
HOMEMATCH home
HOST apollo.hostingapi.com
ICQPASS
ICQUSER
LOGSTYLE combined
MINUID


Does /etc/named.conf have the zone file listed for them?

No, I can't find them anywhere. Doing a search for the domain rionegocios.com or the domains Ip 66.22.163.35 returns 'not found'

Have you stopped and started named?

Yes, I already did that but it didn't make any difference.

Thanks alot for all the help.

John

cPanel.net Support Ticket Number:
 

pingo

Well-Known Member
Nov 16, 2002
428
0
166
I don't know if this is this adds anything usefull. Checking it here:

http://www.checkdns.net/

Returns this:

Testing rionegocios.com

Asking root servers about authoritative NS for domain
Got DNS list for 'rionegocios.com' from d.gtld-servers.net
Found NS record: ns1.rionegocios.com[69.22.163.35], was resolved to IP address by d.gtld-servers.net
Found NS record: ns2.rionegocios.com[69.22.163.36], was resolved to IP address by d.gtld-servers.net
Domain has 2 DNS server(s)

Verifying if NS are alive
Error fetching SOA from ns1.rionegocios.com [69.22.163.35]: Connection reset. Probably DNS server is offline.
Error fetching SOA from ns2.rionegocios.com [69.22.163.36]: Connection reset. Probably DNS server is offline.
0 server(s) are alive
No DNS servers alive, tests stopped


John

cPanel.net Support Ticket Number:
 

pingo

Well-Known Member
Nov 16, 2002
428
0
166
Sorry, I forgot this:

The log report shows that the zone files under the apollo server couldn't reach the master server. Here is the log report :

May 27 05:31:03 apollo named[26886]: zone crct-test.org/IN: refresh: failure
trying master 64.241.79.50#53: timed out


If this is the problem why is it happening and how could it be fixed?. The zone files on the other slave server has no problem reaching the master server.

John

cPanel.net Support Ticket Number:
 

howard

Well-Known Member
Apr 20, 2003
233
0
166
Hmm i can reach that server ok (the 64.241.79.50 one) but i can't reach 69.22.163.35/36 as confirmed by the checkdns report (which i am assuming one of them is apollo?)

Does dig @w.cpanel.net forums.cpanel.net a

work from the apollo server (assuming that it is the 69.22.163.35 one)

cPanel.net Support Ticket Number:
 
Last edited:

pingo

Well-Known Member
Nov 16, 2002
428
0
166
Hmm i can reach that server ok

64.241.79.50 is the server IP of the master server. 69.22.169.35 is the server IP of the slave with problems (apollo). 69.22.163.35 (note the difference) is the dedicated IP for rionegocios.com and ns1.

This is the result when I do the dig you suggested from apollo:

[email protected] [~]# dig @w.cpanel.net forums.cpanel.net

; <<>> DiG 9.2.1 <<>> @w.cpanel.net forums.cpanel.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18798
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;forums.cpanel.net. IN A

;; ANSWER SECTION:
forums.cpanel.net. 14400 IN A 216.118.116.105

;; AUTHORITY SECTION:
cpanel.net. 14400 IN NS p.cpanel.net.
cpanel.net. 14400 IN NS w.cpanel.net.

;; ADDITIONAL SECTION:
p.cpanel.net. 14400 IN A 66.197.217.12
w.cpanel.net. 14400 IN A 216.118.116.105

;; Query time: 90 msec
;; SERVER: 216.118.116.105#53(w.cpanel.net)
;; WHEN: Tue May 27 07:16:23 2003
;; MSG SIZE rcvd: 115


cPanel.net Support Ticket Number:
 

howard

Well-Known Member
Apr 20, 2003
233
0
166
Ok so it appears outbound connectivity is ok

does dig @64.241.79.50 crct-test.org any

work from the apollo server (to confirm if it was just a temporary condition which made apollo unable to connect to the master server)

also does dig @69.22.169.35 crct-test.org any

when run from the master server? Did you restart named on both servers or just the apollo server or the master server (as per your response to dgbaker post?) was there any errors in the logs after the restart?

cPanel.net Support Ticket Number:
 

pingo

Well-Known Member
Nov 16, 2002
428
0
166
Sorry, I thought noone responded to this thread anymore. I'm still stuck. Hope that you'll help me the rest of the way.

does dig @64.241.79.50 crct-test.org any

work from the apollo server (to confirm if it was just a temporary condition which made apollo unable to connect to the master server)


[email protected] [~]# dig @64.241.79.50 crct-test.org any

; <<>> DiG 9.2.1 <<>> @64.241.79.50 crct-test.org any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20043
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 3

;; QUESTION SECTION:
;crct-test.org. IN ANY

;; ANSWER SECTION:
crct-test.org. 14400 IN MX 0 crct-test.org.
crct-test.org. 14400 IN SOA ns1.hostingapi.com. admin.ebizalive.net. 1054077662 28800 7200 3600000 86400
crct-test.org. 14400 IN NS ns1.hostingapi.com.
crct-test.org. 14400 IN NS ns2.hostingapi.com.
crct-test.org. 14400 IN A 69.22.169.35

;; ADDITIONAL SECTION:
crct-test.org. 14400 IN A 69.22.169.35
ns1.hostingapi.com. 14400 IN A 64.241.79.50
ns2.hostingapi.com. 14400 IN A 64.241.79.151

;; Query time: 21 msec
;; SERVER: 64.241.79.50#53(64.241.79.50)
;; WHEN: Wed May 28 16:26:06 2003
;; MSG SIZE rcvd: 216

also does dig @69.22.169.35 crct-test.org any

when run from the master server? Did you restart named on both servers or just the apollo server or the master server (as per your response to dgbaker post?) was there any errors in the logs after the restart?


[email protected] [~]# dig @69.22.169.35 crct-test.org any

; <<>> DiG 9.2.1 <<>> @69.22.169.35 crct-test.org any
;; global options: printcmd
;; connection timed out; no servers could be reached
[email protected] [~]#

Yes, I have restarted named on both servers but it didn't help. I checked the logs but didn't find anything.


John

cPanel.net Support Ticket Number:
 

howard

Well-Known Member
Apr 20, 2003
233
0
166
hmm is there a firewall on apollo which could be preventing inbound communication to port 53 ?

cPanel.net Support Ticket Number:
 

pingo

Well-Known Member
Nov 16, 2002
428
0
166
Hi Howard - Thanks for responding. I have contacted the NOC and are waiting for their reply.

John

cPanel.net Support Ticket Number: