Named not responding to requests after update directadmin to 1.420000

hkguy

Verified User
Joined
Aug 9, 2010
Messages
8
Hi,

I had a few directadmin servers, 2 of them update to 1.420000 last night without problem. However the dns service seems to have problem. If I set my PC DNS to that directadmin box, the dns not responding except those domain names hosted at the box.

What's the problem with the named? I had reload, restart named but not help.
I stopped to update the directadmin at other servers to prevent this.
 
Is the service running? Is port 53 open?

Named as default dont resolve all domain, just the one hosted.. so if you set you're computer dns to the DA Box.. only the hosted domain will work.. that's absolutly normal...

So.. what problem are you facing exactly?

Regards
 
Hi SeLLeRoNe,

The service is running and both TCP and UDP 53 port are listening.
The situation is after directadmin updated to version 1.420000, the dns query function was gone. It was able to query from my home PC since a few years ago.
 
Hi SeLLeRoNe,

What I mean "DNS Query function" is if I input the directadmin box server ip address as my computer DNS server ip address , it can only query/resolve those domina names registered in my directadmin box. Other than that, like www.yahoo.com , www.google.com , www.directadmin.com .....etc...are unable to resolve. This is what I see from the Windows DOS prompt ping test result.

My box ip address is ***.***.***.***. Tks.....I will remove this ip address after your reply.Tks.

Regards
 
Last edited by a moderator:
Ok, can you post here your /etc/named.conf ?

You can not paste the include zone (latest lines) of your hosted domains.

Regards
 
My named.conf

// generated by named-bootconf.pl

options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;

allow-transfer { none; };
allow-recursion { localnets; };
listen-on-v6 { any; };

};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

include "/etc/rndc.key";
 
change
allow-recursion { localnets; };
to
allow-recursion { any; };

and restart named, this should solve your problem.

Regards
 
yes...it works!! Why the directadmin updated this configuration?
Many tks!!!SeLLeRoNe
 
I honestly dont know how DA rewrite named.conf on update... it shouldnt usually..

Allow every ip to recursion on your server will/may cause a huge traffic.. usually is definitly not suggested.

Regards
 
Note that allowing recursion on authoritative nameservers is not recommended and leaves your nameserver open to attack and having your authoritative addresses spoofed. Google for more information.

Jeff
 
Back
Top