apache up, sites down?

[SwitchMIA VPS]

Post result for:

netstat -ant | grep :53

Regards

[root@main /]# netstat -ant | grep :53
tcp 0 0 64.34.182.182:53 0.0.0.0:* LISTEN
tcp 0 0 64.34.192.206:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
tcp 0 0 :::53 :::* LISTEN
[root@main /]#

 

[SeLLeRoNe]

Thanks John.

Take a look here please: http://www.directadmin.com/forum/showthread.php?t=41734

Is getting annoying cause many guys sometimes happen that doesnt get any reply from you.

If you need a hand to manage the support request im avaible.

Regards

 

[SeLLeRoNe]

You should ask to the housing company where you get the server why port 53 isnt working, maybe they are blocking it on firewall for some reason...

Regards

 

[SeLLeRoNe]

Ive just noticed that those two IP reply on a telnet connection but not on a dig request...

Thats curios...

 

[SeLLeRoNe]

Also checking here: http://intodns.com/EoNetworks.com

Seems that your ns configuration at domain registar level is a mess...

you should have ns1 and ns2... while you have ns4 pop and two external one.. you should fix that too...

use just ns1 and ns2 (using 2 different ips) for your nameserver for all domains.

Regards

 

[SeLLeRoNe]

Another curios thing:

>dig 64.34.192.206

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>> 64.34.192.206
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7802
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;64.34.192.206.                 IN      A

;; AUTHORITY SECTION:
.                       10705   IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2011102501 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 89.97.218.93#53(89.97.218.93)
;; WHEN: Tue Oct 25 22:24:54 2011
;; MSG SIZE  rcvd: 106

>dig 64.34.182.182

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>> 64.34.182.182
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56613
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;64.34.182.182.                 IN      A

;; AUTHORITY SECTION:
.                       10800   IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2011102501 1800 900 604800 86400

;; Query time: 30 msec
;; SERVER: 89.97.218.93#53(89.97.218.93)
;; WHEN: Tue Oct 25 22:25:19 2011
;; MSG SIZE  rcvd: 106

Contacting just the IP work, asking them to be "nameserver" and give information for a domain doesnt work....

Thats strange, at this point i suggest you to reinstall named, or, hire someone to fix your server cause is a little messed up.

Regards

 

[DirectAdmin Support]

I was able to login to the box.

Everything appears to be correct...
When testing with forced tcp, it works fine.

However udp is not working at all.

Eg, this works remotely:

[root@server ~]# dig +tcp eonetworks.com @64.34.192.206 +nocomments

; <<>> DiG 9.3.3rc2 <<>> +tcp eonetworks.com @64.34.192.206 +nocomments
; (1 server found)
;; global options:  printcmd
;eonetworks.com.                        IN      A
eonetworks.com.         14400   IN      A       64.34.182.182

but when it uses udp, it doesn't work:

[root@server ~]# dig +notcp eonetworks.com @64.34.192.206 +nocomments

; <<>> DiG 9.3.3rc2 <<>> +notcp eonetworks.com @64.34.192.206 +nocomments
; (1 server found)
;; global options:  printcmd
;; connection timed out; no servers could be reached

But that's as far as I could get. I'm not sure what would cause udp to be blocked while tcp works fine.

Note that this behavior also exists on the box itself. The same results happen when doing a dig locally to the IP.

However, doing both udp/tcp digs to 127.0.0.1 works fine. But to the external IPs, they don't.

The named.conf is the default.

Some sort of udp block for the external IPs (from all IPs, including locally).. but I'm not sure where.

John

 

[DirectAdmin Support]

Also, you won't be getting an email reply from me.. as you sent it from the eonetworks.com domain.. so we'll just work on it here.

John

 

[SeLLeRoNe]

Shouldnt be a datacenter block?

 

[DirectAdmin Support]

The block also exists on the box itself. When doing @64.34.192.206 from the box itself (no external network would apply), it still didn't work with udp.

 

[mr.applesauce]

Then a firewall or some software is blocking it.

 

[SeLLeRoNe]

What about route settings?

 

[SeLLeRoNe]

Have you tryed stop iptables?

 

[DirectAdmin Support]

Indeed I've shut off iptables. If there is some other firewall, then it's beyond me (not sure what else is out there which may block just udp).

It could be a route, I'm not too farmilar with routing settings:

[root@eon1 ~]# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
server12.bmbpar *               255.255.255.255 UH    0      0        0 eth0
p2400176.pubip. *               255.255.255.255 UH    0      0        0 eth0
64.34.192.192   *               255.255.255.224 U     0      0        0 eth0
64.34.182.0     *               255.255.255.0   U     0      0        0 eth0
169.254.0.0     *               255.255.0.0     U     0      0        0 eth0
default         64.34.192.193   0.0.0.0         UG    0      0        0 eth0

However... from my understanding, they would be IP based.. and tcp/udp would be a networking level above the IP? If that's true.. when tcp works, then the routing would be correct... this would point back to some software or firewall blocking udp. (perhaps in named itself).

I've shut off iptables, confirmed the default named.conf is being used, and fully removed bind, bind-utils, bind-libs, and reinstall via yum. CentOS 5.7, 32-bit.

John

 

[SeLLeRoNe]

route -n

Yep, thats a very strange issue, and im heavy supposing it depend on a firewall.. but... if file /etc/hosts is not well set than maybe the ip request should be done going outside the network and coming back (not a local route lets say) and that would be the reason cause doesnt work locally..

This is just a suggestion, maybe will give you an idea about that...

Actually ive never saw something like that...

 

[ditto]

Also, you won't be getting an email reply from me.. as you sent it from the eonetworks.com domain.. so we'll just work on it here.

The link from "SeLLeRoNe" was not to a thread from user "EoNetworks" but from a different user "jiffy".

The forum thread startet almost a month ago, so please have a look now: http://directadmin.com/forum/showthread.php?t=41734 This have been going on for too long time. The user need this communication problem to be solved now.

 

[DirectAdmin Support]

[root@eon1 ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
64.34.182.182   0.0.0.0         255.255.255.255 UH    0      0        0 eth0
64.34.192.206   0.0.0.0         255.255.255.255 UH    0      0        0 eth0
64.34.192.192   0.0.0.0         255.255.255.224 U     0      0        0 eth0
64.34.182.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         64.34.192.193   0.0.0.0         UG    0      0        0 eth0
[root@eon1 ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1               localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6
64.34.192.206   p2400176.pubip.serverbeach.com p2400176
64.34.192.206           main.eonetworks.com
64.34.192.206           eon1.eonetworks.com
[root@eon1 ~]# hostname
eon1.eonetworks.com

I'll also leaning to the local firewall block theory.

Especially since +notcp @127.0.0.1 (using udp) works fine, but @64.34.192.206 and @64.34.182.182 does not (using udp).
Tcp works for all cases, including externally.

John

 

[SeLLeRoNe]

Thanks ditto, i did lost this reply from John

Yep i was relating to another important thread of a user that seems to be unable to comunicate with you.

 

[SeLLeRoNe]

Actually i dont have other ideas... selinux disabled, iptables disabled... hosts file not totally correct but should work...route seems ok (just the third ip have a different netmask and that should cause problem if is it wrong)...

ive read around on google someone was talking about /etc/hosts.deny that should be empty...

my english is not that good to try a best search on google for a so defined problem so i had no luck...

Here in italy actually is night, so, now i need to go sleep or tomorrow ill not be able to think to anythink...

But please, if you find a solution for this post it here that is always usefull learn something new.

Regards

 

[SwitchMIA VPS]

i havent had any other firewalls installed. we dont reallt touch this server at all matter a fact for months.

DC also having problems getting this to work, I grab the backup and i need get this server up so i downloading the 14gb backup and having them reload OS

personally, i think is hacked. going have to clean wipe and reload and restore.