DNS troubles...Strange

Discussion in 'Linux VPS/Dedicated - cPanel' started by Vincent Bergeron, Jul 12, 2013.

  1. Vincent Bergeron

    Vincent Bergeron New Member

    I have moved all the sites over and everything is working fine. Even email propagated fine with no issues.


    Now on my hotagator account the domain mane bergeronwebdesign.com was the main domain on the account and my name servers were and are NS1.bergeronwebdesign.com and NS2. All the sites work fine except bergeronwebdesign.com. When I use leafdns.com to check everything I get this message "Nameserver is not authoritative for bergeronwebdesign.com." But those nameservers are working just fine for all the other sites. It’s just this site that's not working. If I go on the know host server and change the DNS of the site to point back to the IP of the HG account the site works fine. But the nameservers still show not authoritative. I’m at a loss here
     
  2. KH-Dmitry

    KH-Dmitry Administrator Staff Member

    nameservers are authoritative.

    Code:
    [email protected] ~ $ dig @a.gtld-servers.com bergeronwebdesign.com ns
     
    ; <<>> DiG 9.9.2 <<>> @a.gtld-servers.com bergeronwebdesign.com ns
    ; (1 server found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26463
    ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 3
    ;; WARNING: recursion requested but not available
     
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;bergeronwebdesign.com.        IN      NS
     
    ;; AUTHORITY SECTION:
    bergeronwebdesign.com.  172800  IN      NS      ns1.bergeronwebdesign.com.
    bergeronwebdesign.com.  172800  IN      NS      ns2.bergeronwebdesign.com.
     
    ;; ADDITIONAL SECTION:
    ns1.bergeronwebdesign.com. 172800 IN    A      192.190.82.114
    ns2.bergeronwebdesign.com. 172800 IN    A      192.190.83.114
     
    ;; Query time: 53 msec
    ;; SERVER: 192.5.6.30#53(192.5.6.30)
    ;; WHEN: Fri Jul 12 10:36:29 2013
    ;; MSG SIZE  rcvd: 118
     
    [email protected] ~ $
    
    but they both don't return queries for the zone:

    Code:
    [email protected] ~ $ dig @ns2.bergeronwebdesign.com bergeronwebdesign.com soa
     
    ; <<>> DiG 9.9.2 <<>> @ns2.bergeronwebdesign.com bergeronwebdesign.com soa
    ; (1 server found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 42450
    ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
    ;; WARNING: recursion requested but not available
     
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;bergeronwebdesign.com.        IN      SOA
     
    ;; Query time: 56 msec
    ;; SERVER: 192.190.83.114#53(192.190.83.114)
    ;; WHEN: Fri Jul 12 10:38:51 2013
    ;; MSG SIZE  rcvd: 50
     
    [email protected] ~ $ dig @ns1.bergeronwebdesign.com bergeronwebdesign.com soa
     
    ; <<>> DiG 9.9.2 <<>> @ns1.bergeronwebdesign.com bergeronwebdesign.com soa
    ; (1 server found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 4871
    ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
    ;; WARNING: recursion requested but not available
     
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;bergeronwebdesign.com.        IN      SOA
     
    ;; Query time: 49 msec
    ;; SERVER: 192.190.82.114#53(192.190.82.114)
    ;; WHEN: Fri Jul 12 10:38:56 2013
    ;; MSG SIZE  rcvd: 50
     
    [email protected] ~ $

    something is wrong either in your named.conf or in the zone file. You might want to restart the daemon and check logs for the errors.

    "recursion requested but not available" message is a bit weird. Might happen if recursion is disabled in named.conf globally or for a zone yet it is necessary - for example IP addresses of the nameservers are not defined in the zone so an extra query is required
     
  3. KH-DanielP

    KH-DanielP KH-COO Staff Member

    Sometimes we come across a strange issue with cPanel where it builds the nameserver's in separate files. I.e. ns1.domain.com.db, normally this does not pose a problem but I've seen in the past where if you actually have that domain on the server you need to add A entries into the domain.com.db zone file for ns1 and ns2.

    Check in WHM under your DNS zone editor for the domain bergeronwebdesign.com and add two A records, one for each nameserver and that should do the trick.
     
  4. Vincent Bergeron

    Vincent Bergeron New Member

    i get this when i hit the save button after making the dns entries. i will attach a screen shot of the DNS zone entries.


    Modifying Zone bergeronwebdesign.com

    zone bergeronwebdesign.com/IN: NS 'ns1.bergeronwebdesign.com' has no address records (A or AAAA) zone bergeronwebdesign.com/IN: NS 'ns2.bergeronwebdesign.com' has no address records (A or AAAA) zone bergeronwebdesign.com/IN: not loaded due to errors.
    Bind reloading on host using rndc zone: [bergeronwebdesign.com]
    Bind reloading on host using rndc: WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf)
    server reload successful


    Reconfiguring Mail Routing:
    • LOCAL MAIL EXCHANGER: This server will serve as a primary mail exchanger for bergeronwebdesign.com's mail.: This configuration has been automatically detected based on your mx entries.


    Your settings have been updated.
     

    Attached Files:

  5. KH-DanielP

    KH-DanielP KH-COO Staff Member

    Ah, thanks for the screen shot that makes it easy to pin point.

    Where you've got ns1 and ns2 A records. All you need is "ns1" and "ns2" without the domain name following it.
     
  6. Vincent Bergeron

    Vincent Bergeron New Member

    that did it thanks a bunch. great service so far.
     
  7. flasher

    flasher New Member

    I had some issue with my NS1. Our country biggest ISP blocked the IP. We don't know why but the IP is still blocked. If we ping the IP anywhere on the country is give us a Timeout but in the US it works fine. The point here is. That when this happens the NS2 didn't do the job. Why if the Ns1 IP was blocked the sites didn't resolved with the NS2 IP that wasn't blocked? neither the emails... Maybe i'm mistaken how the DNS works. But that was my thinking about them. Hope you guys can help me out explaining why it didn't worked as i was expecting to.
     
  8. Dan

    Dan Moderator

    Hi flasher,

    Unfortunately it is random as to which nameserver information will be pulled from. I think the real question is why your IP was blocked. The only reason I could see why they would do that would be because someone's accused you or one of your clients of sending out spam. You could try emailing someone that uses that ISP and see if you get a bounce message which should point you in the right direction. If you don't you could be in phone hell with them to try to find out why.
     
  9. flasher

    flasher New Member

    Hi Dan. Tyvm for your fast reply. Indeed we got a call from our ISP and they told us that they will look out why our IP was blocked but they told us that the main reason would be cause someone complaint about our server. Anyways. We detected some problems with some of our server accounts but i'm waiting to know the reaseon they will provide us with about the block.
     
  10. Dan

    Dan Moderator

    Hi flasher,

    Be sure to follow up with them every few days or so as sometimes things can fall through the cracks. Especially if they're like a large ISP around here lol
     
  11. flasher

    flasher New Member

    Ty again Dan. I still want to know why the second NS2 didn't resolved. Is there and explanation of why the NS2 didn't rescue the day if the NS1 was blcoked?
     
  12. Dan

    Dan Moderator

    Flasher,

    Because it's not an on demand thing. Sometimes when I request your domain info it will pull the data from NS1. Other times it will pull it from NS2. There's no rhyme or reason to it.

    At least that is how it is supposed to work :)
     

Share This Page