Unable to query the nameserver
Dotan Cohen
dotancohen at gmail.com
Tue Oct 5 19:43:33 UTC 2010
On Tue, Oct 5, 2010 at 11:35, Eivind Olsen <eivind at aminor.no> wrote:
> Hm, you mention in another posting that you're hosting other domains. Are
> they using the same registrar as the one that's giving you this error
> message?
Yes.
> Are you _naming_ the nameservers the same? I know some registrars
> require you to first register your nameservers with them, so they can add
> any glue records if needed. I'm just wondering if the error message might
> be misleading.
>
With this particular registrar I have sharingcenter.eu and
sharingcenter.de. The sharingcenter.eu site works fine, it has
ns1.sharingcenter.eu and ns2.sharingcenter.eu working without me
having to explicitly set the "glue".
> But maybe they really can't contact your nameserver. As a few others have
> mentioned, it's hard to help troubleshoot this when you've given no real
> information.
>
Server mercury:
178.63.65.136
178.63.65.171
178.63.65.188
Server venus:
88.198.27.251
ns1.sharingcenter.eu - 178.63.65.136
ns2.sharingcenter.eu - 178.63.65.188
ns1.sharingcenter.de - 178.63.65.171
ns2.sharingcenter.de - 88.198.27.251
> Check your logs on your nameserver. Depending on your OS, it might end up
> in /var/log/messages, /var/adm/messages, or somewhere else entirely (or
> maybe not at all). You should at least see some log-entries when you start
> BIND. The copies of named.conf you listed didn't show any custom logging
> statements.
>
Bind is running as a service (CentOS), and I'm not really sure how to
get it logging.
> Verify nameserver operation, by doing something like this:
>
> # dig any your.troublesome.domain @1.1.1.1
> (replace the domain name + IP-address of your nameserver with the real data)
>
> Do this from multiple places:
> - from the nameserver itself
> - from another server in the same subnet if possible, to avoid routing
> issues etc...:
> - from somewhere outside of your network
>
> If it for example works from the nameserver itself + another server in
> your local network, but doesn't work from an external address, I suggest
> you look at any firewalls / access controls in your network.
>
> You also mentioned you had another domain which worked, on the same
> nameservers. Do the same kind of queries on that as well, from the same
> places.
>
> Let us know how these tests went. And/or post real data so we can check a
> bit for ourselves.
>
✈dcl:~$ dig any sharingserver.de @178.63.65.171
; <<>> DiG 9.6.1-P2 <<>> any sharingserver.de @178.63.65.171
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29311
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;sharingserver.de. IN ANY
;; AUTHORITY SECTION:
de. 2398 IN SOA f.nic.de.
its.denic.de. 2010100577 7200 7200 3600000 7200
;; Query time: 228 msec
;; SERVER: 178.63.65.171#53(178.63.65.171)
;; WHEN: Tue Oct 5 21:41:22 2010
;; MSG SIZE rcvd: 86
✈dcl:~$ dig any sharingserver.eu @178.63.65.136
; <<>> DiG 9.6.1-P2 <<>> any sharingserver.eu @178.63.65.136
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62696
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;sharingserver.eu. IN ANY
;; AUTHORITY SECTION:
eu. 600 IN SOA a.nic.eu.
tech.eurid.eu. 1002851820 3600 1800 3600000 600
;; Query time: 259 msec
;; SERVER: 178.63.65.136#53(178.63.65.136)
;; WHEN: Tue Oct 5 21:42:02 2010
;; MSG SIZE rcvd: 87
> Oh, and another thing - you mentioned you were running both nameservers on
> the same server (eth0 and eth0:0). You _are_ aware of what this means, if
> your domain name is only served by a single physical server and that
> server happens to go down some day? Any server _will_ go down sometimes,
> even if you decide to not patch it...
Yes, I am aware of this.
> If it's serving a domain name you care about, I'd _really_ recommend
> having multiple _separate_ nameservers, hosted on separate subnets. There
> are various companies that sell cheap slave-DNS services.
>
The .de domain will be on two separate machines.
--
Dotan Cohen
http://gibberish.co.il
http://what-is-what.com
More information about the bind-users
mailing list