New DNS not found

M

Mitch_H

Verified User
Joined
Mar 3, 2009
Messages
6
I have a dedicated server with 7 IP addresses. I need to install DKIM support for email, but the hosting company said they didn't support setting it up in the DNS and I needed to set up my own DNS servers for that purpose.

cPanel wasn't cooperating during the setup, so the hosting company setup my DNS servers on 2 of my IPs, 70.38.14.4 & 5.

I am starting the DNS cutover with a website under development to make sure everything is working. I have reddinglaser.com, IP 70.38.14.3 registered with godaddy. I had godaddy register ns1.reddinglaser.com at 70.38.14.4 and ns2.reddinglaser.com at 70.38.14.5. Then I assigned these DNS servers to reddinglaser.com.

I can ping ns1 & ns2.reddinglaser.com and get the correct IP address as a response. When I ping reddinglaser.com, it cannot find the host (This has been setup for 2 days).

On my server, at /var/named/redinglaser.com.db, is the following zonefile;

; cPanel first:11.24.4-RELEASE_33385 latest:11.24.4-CURRENT_33245 Cpanel::ZoneFile::VERSION:1.2 mtime:1236062912
; Zone file for reddinglaser.com
$TTL 14400
reddinglaser.com. 86400 IN SOA ns1.reddinglaser.com. mitch.harper.rmerlo.com. (
2009030310 ;Serial Number
240 ;refresh
7200 ;retry
3600000 ;expire
240 ;minimum
)
reddinglaser.com. 86400 IN NS ns1.reddinglaser.com.
reddinglaser.com. 86400 IN NS ns2.reddinglaser.com.
reddinglaser.com. 14400 IN A 70.38.14.3
localhost 14400 IN A 127.0.0.1
reddinglaser.com. 14400 IN MX 0 reddinglaser.com.
mail 14400 IN CNAME reddinglaser.com.
www 14400 IN CNAME reddinglaser.com.
ftp 14400 IN CNAME reddinglaser.com.
cpanel 14400 IN A 70.38.14.3
whm 14400 IN A 70.38.14.3
webmail 14400 IN A 70.38.14.3
webdisk 14400 IN A 70.38.14.3
default._domainkey 14400 IN TXT "k=rsa; p=MHwwDQYJK -- the rest deleted for posting ;"
laser._domainkey 240 IN TXT "v=DKIM1; g=*; k=rsa; p=MIGfMA0G-- the rest deleted for posting " ;
reddinglaser.com. 240 IN TXT "v=spf1 a mx ?all "
ns1 14400 IN A 70.38.14.4
ns2 14400 IN A 70.38.14.5

I am wondering where is the information that ties the DNS zonefile to the IP address. Maybe that's why I am unable to make the connection.

Any help would be greatly appreciated.
 
Mitch_H said:
I had godaddy register ns1.reddinglaser.com at 70.38.14.4 and ns2.reddinglaser.com at 70.38.14.5. [...]
Click to expand...

All the rest seems perfectly fine, but this hasn't been done correctly.
Code: 
$ dig -t ns reddinglaser.com @a.gtld-servers.net

; <<>> DiG 9.4.3-P1 <<>> -t ns reddinglaser.com @a.gtld-servers.net
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46412
;; flags: qr rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;reddinglaser.com.		IN	NS

;; ANSWER SECTION:
reddinglaser.com.	172800	IN	NS	ns1.reddinglaser.com.
reddinglaser.com.	172800	IN	NS	ns2.reddinglaser.com.

;; ADDITIONAL SECTION:
ns1.reddinglaser.com.	172800	IN	A	70.38.14.4
ns2.reddinglaser.com.	172800	IN	A	70.28.14.2

;; Query time: 159 msec
;; SERVER: 192.5.6.30#53(192.5.6.30)
;; WHEN: Wed Mar  4 00:00:40 2009
;; MSG SIZE  rcvd: 102

As you can see, the ns2 record has the wrong IP address.

The additional section you see in the root nameserver reply is what allows your DNS configuration to work, because your nameservers use the same domain as the questioned record itself. It's like you want to open a car and the key is in the car.
The records in that section have to be filled by GoDaddy, and either you gave the wrong IP address or they had a glitch.

All should be just fine after you fix that.
(at the moment I can't reach your nameservers, at either .4 or .5, but I guess you are working on them)
 
Last edited:
Fixed godady, but still broke

tillo,

Thank you very much for your response. I was looking at godaddy earlier, and thought they moved the ns2 to spot 1 for the Host Ip entry, so I changed it and fat fingered it. I have changed it back but things are still broken.

The same way you can't reach the nameservers, this may be the same problem I am having. I rebooted the server, and I still am unable to ping reddinglaser.com, but I can ping both ns1 and ns2.reddinglaser.com

Mitch
 
I can ping both IPs either, but both don't give any DNS answer, the request times out.

Since a normal DNS request is done on UDP, and there is no way to tell if the BIND daemon freezes or there just isn't any daemon running, I tried with TCP:
Code: 
$ dig -t a +tcp reddinglaser.com @70.38.14.4
;; Connection to 70.38.14.4#53(70.38.14.4) for reddinglaser.com failed: connection refused.
It seems like there is no BIND daemon running. Your nameservers don't run any nameserver service :)

Try to run "/etc/init.d/bind restart" or "/etc/init.d/named restart" (depending on the linux distribution, one of them will work and the other not), then run "ps auxww |grep named".
If your don't see any named process, read the last lines of /var/log/messages or /var/log/syslog (again, depending on your distribution) and see why named fails to start.
If you see the process but the domain still can't be resolved, there may be a firewall somewhere blocking DNS requests.
 
Last edited:
restart results

tillo,

Thank you some more! I am running a Centos 5.2 system.

The results from "/etc/init.d/named restart" were;

Stopping named: [ OK ]
Starting named: [ OK ]

Then the results from "ps auxww |grep named" were;


named 4581 0.0 0.3 38412 3160 ? Ssl 16:28 0:00 /usr/sbin/named -u named
root 4629 0.0 0.0 3912 660 pts/0 R+ 16:30 0:00 grep named

This is the output of the /var/log/messages;

Mar 3 16:28:39 merlo named[4581]: starting BIND 9.3.4-P1 -u named
Mar 3 16:28:39 merlo named[4581]: found 1 CPU, using 1 worker thread
Mar 3 16:28:39 merlo named[4581]: loading configuration from '/etc/named.conf'
Mar 3 16:28:39 merlo named[4581]: listening on IPv4 interface lo, 127.0.0.1#53
Mar 3 16:28:39 merlo named[4581]: listening on IPv4 interface eth0, 70.38.11.50#53
Mar 3 16:28:39 merlo named[4581]: listening on IPv4 interface eth0:1, 70.38.14.1#53
Mar 3 16:28:39 merlo named[4581]: listening on IPv4 interface eth0:2, 70.38.14.2#53
Mar 3 16:28:39 merlo named[4581]: listening on IPv4 interface eth0:3, 70.38.14.3#53
Mar 3 16:28:39 merlo named[4581]: listening on IPv4 interface eth0:4, 70.38.14.4#53
Mar 3 16:28:39 merlo named[4581]: listening on IPv4 interface eth0:5, 70.38.14.5#53
Mar 3 16:28:39 merlo named[4581]: listening on IPv4 interface eth0:6, 70.38.14.6#53
Mar 3 16:28:39 merlo named[4581]: /etc/named.conf:12: using specific query-source port suppresses port randomization and can be insecure.
Mar 3 16:28:39 merlo named[4581]: /etc/named.conf:12: using specific query-source port suppresses port randomization and can be insecure.
Mar 3 16:28:39 merlo named[4581]: command channel listening on 127.0.0.1#953
Mar 3 16:28:39 merlo named[4581]: zone reddinglaser.com/IN: loaded serial 2009030310
Mar 3 16:28:39 merlo named[4581]: zone rmerlo.com/IN: loaded serial 2009030100
Mar 3 16:28:39 merlo named[4581]: zone silverthornresort.com/IN: loaded serial 2009030102
Mar 3 16:28:39 merlo named[4581]: zone thebossreportcard.com/IN: loaded serial 2009030102
Mar 3 16:28:39 merlo named[4581]: zone merlo.webhosting.com/IN: loaded serial 2009021801
Mar 3 16:28:39 merlo named[4581]: running
Mar 3 16:28:39 merlo named[4581]: zone rmerlo.com/IN: sending notifies (serial 2009030100)
Mar 3 16:28:39 merlo named[4581]: zone thebossreportcard.com/IN: sending notifies (serial 2009030102)
Mar 3 16:28:39 merlo named[4581]: zone silverthornresort.com/IN: sending notifies (serial 2009030102)
Mar 3 16:28:39 merlo named[4581]: zone reddinglaser.com/IN: sending notifies (serial 2009030310)
Mar 3 16:28:39 merlo named[4581]: zone merlo.webhosting.com/IN: sending notifies (serial 2009021801)
Mar 3 16:28:39 merlo named[4581]: client 70.38.14.5#39272: received notify for zone 'reddinglaser.com'
 
I guess it worked!

tillo,

I tried a ping and was able to reach reddinglaser.com. I can also reach it in a browser. You ROCK!

I still don't understand something. File /etc/named.conf points to file /var/named/reddinglaser.com.db for zone reddinglaser.com. Where or what defines ns1 and ns2, and do they both take a copy of the zonefile when they start? Are the DNSs simply daemons that are running on my server? If they are, can I see them?

I just want to understand more about my system.

Thanks,

Mitch
 
Oops. Well, there are smart people here :-)

Jeff,

You are right that I am using cPanel. I didn't realize DirectAdmin was a control panel. I had googled questions, and it seems like the smart people live on this site ;-)

Mitch
 
Well, I've been called quite a bit worse than that. But after 16,750 posts (up to this one) I guess I can say at least some of them may have well not lived up to your assessment :). I hope others are better than I ;).

Jeff
 
I'm glad I've been of help.

The DNS system is both complex and simple.
It's simple in its engineering, mostly because it's an old protocol, but complex to understand in all of its uses and unusual configurations.

You can find some very nice tutorials on the web, but this is how it works in a few words:

- a nameserver is a software running on a server that can answer to a DNS request for records

- a DNS record is an information that couples one string to another one, the first one is always a domain and the second can be a lot of things, and has a type

- there is one type of DNS record that is very special, it's the NS type, that defines which nameserver "possess" the records for the requested domain

- there is one set of nameservers which is also very special, the root servers: it's 13 IP addresses spread along hundreds of servers around the world, that possess the "initial" data for every top level domain (.com, .org, .de, .fr...)

I'll give you an example to make it more simple to understand.

When you "buy" a domain, like reddinglaser.com, in fact you are just inserting a couple of NS records in a set of nameservers, those which have all the ".com" records.

Take a look at this DNS trace:
Code: 
$ dig +trace -t a www.reddinglaser.com

; <<>> DiG 9.4.3-P1 <<>> +trace -t a www.reddinglaser.com
;; global options:  printcmd
.			53317	IN	NS	C.ROOT-SERVERS.NET.
.			53317	IN	NS	D.ROOT-SERVERS.NET.
.			53317	IN	NS	E.ROOT-SERVERS.NET.
.			53317	IN	NS	F.ROOT-SERVERS.NET.
.			53317	IN	NS	G.ROOT-SERVERS.NET.
.			53317	IN	NS	H.ROOT-SERVERS.NET.
.			53317	IN	NS	I.ROOT-SERVERS.NET.
.			53317	IN	NS	J.ROOT-SERVERS.NET.
.			53317	IN	NS	K.ROOT-SERVERS.NET.
.			53317	IN	NS	L.ROOT-SERVERS.NET.
.			53317	IN	NS	M.ROOT-SERVERS.NET.
.			53317	IN	NS	A.ROOT-SERVERS.NET.
.			53317	IN	NS	B.ROOT-SERVERS.NET.
;; Received 500 bytes from 85.17.207.63#53(85.17.207.63) in 46 ms

com.			172800	IN	NS	a.gtld-servers.net.
com.			172800	IN	NS	b.gtld-servers.net.
com.			172800	IN	NS	c.gtld-servers.net.
com.			172800	IN	NS	d.gtld-servers.net.
com.			172800	IN	NS	e.gtld-servers.net.
com.			172800	IN	NS	f.gtld-servers.net.
com.			172800	IN	NS	g.gtld-servers.net.
com.			172800	IN	NS	h.gtld-servers.net.
com.			172800	IN	NS	i.gtld-servers.net.
com.			172800	IN	NS	j.gtld-servers.net.
com.			172800	IN	NS	k.gtld-servers.net.
com.			172800	IN	NS	l.gtld-servers.net.
com.			172800	IN	NS	m.gtld-servers.net.
;; Received 498 bytes from 193.0.14.129#53(K.ROOT-SERVERS.NET) in 14 ms

reddinglaser.com.	172800	IN	NS	ns1.reddinglaser.com.
reddinglaser.com.	172800	IN	NS	ns2.reddinglaser.com.
;; Received 106 bytes from 192.26.92.30#53(c.gtld-servers.net) in 117 ms

www.reddinglaser.com.	14400	IN	CNAME	reddinglaser.com.
reddinglaser.com.	14400	IN	A	70.38.14.3
reddinglaser.com.	86400	IN	NS	ns2.reddinglaser.com.
reddinglaser.com.	86400	IN	NS	ns1.reddinglaser.com.
;; Received 136 bytes from 70.38.14.5#53(ns2.reddinglaser.com) in 139 ms
A trace is the "long way" to obtain a record, that exposes all the queries that have to be done in order to have the answer. Caching and forwarding nameservers normally take care of that, and give you the answer directly.

In this query I want to know the A record (simple IP address) of the hostname www.reddinglaser.com.

You can see that, at first, I ask my nameserver, configured in /etc/resolv.conf, 85.17.207.63 "who has NS records for everything".
The answer is X.root-servers.net.
This set of NS records is called "root hint" and is embedded in any nameserver, to know where to go at first.

Then I ask one of the root servers, K.ROOT-SERVERS.NET, "who has NS records for .com".
The answer is X.gtld-servers.net.

Then I ask c.gtld-servers.net "who has NS records for reddinglaser.com".
The answer is nsX.reddinglaser.com (this is the record you have paid).

Now, the next step should be to ask ns1.reddinglaser.com or ns2.reddinglaser.com for the A record I'm looking for, but there is a problem: how can I ask nsX.reddinglaser.com if I don't know which IP address is it? It's an infinite loop, because I've to ask your nameservers for your nameservers IP addresses.
That's why there is an "addictional section": the A records covering for the nameservers IP addresse were given to me exceptionnally by the same nameserver that gave me the NS records.
Unfortunately the addictional section is not shown in this trace, but a direct request exposes them (as you can see two of my posts above).
All this problem would not exist if instead of nsX.reddinglaser.com you used nsX.another-domain.com as NS records.

Finally I ask ns2.reddinglaser.com "which IP is www.reddinglaser.com".
The answer is CNAME reddinglaser.com, which means "it's exactly the same as the A record of reddinglaser.com".
In this case, too, there is an addictional section. It spares another request: the A record for reddinglaser.com is sent along with the last reply, and we have our answer: 70.38.14.3

That's how the DNS system works, I tried to explain it as simpler as I could :)

There are a few special uses of nameservers (like SPF or blacklisting or DKIM), there are caching and forwarding nameservers, there are even alternative root servers that contain special top level domains in addiction to the official ones, etc., but I think that I covered most of the basics.
 
Last edited:
Great explaination

tillo,

That's a great explaination. I really appreciate the time you have taken with me. I hope this answer gets indexed in the search engines so many others can benefit from this tutorial as well.

Like you stated, there are special uses of the DNS servers, such as DKIM, which is the reason I am going through this entire exercise.

Thanks again,

Mitch
 
You must log in or register to reply here.
Back
Top