LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 07-18-2012, 11:20 AM   #1
nepalproxy
LQ Newbie
 
Registered: Jul 2012
Posts: 7

Rep: Reputation: Disabled
DNS Problem One or more of your nameservers did not respond


I have everything setup properly

the first name server i.e ns1.domain.com responds properly but the second name server i.e ns2.domain.com doesn't respond properly.

I get the following error and my second dns ns2.domain.com is listed.

One or more of your nameservers did not respond:
The ones that did not respond are:

ns1 and ns2 both have different subnet domain names.

found this thread http://www.linuxquestions.org/questi...espond-847975/ but it didn't help.

I also used allow-query { all; }; in /etc/named.conf but it doesn't solve the problem.

please kindly help.
 
Old 07-18-2012, 12:38 PM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,074

Rep: Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972
Hi,

Quote:
I get the following error and my second dns ns2.domain.com is listed.

One or more of your nameservers did not respond:
This could happen for a variety or reasons.
Could be a firewall blocking port 53udp/tcp.
The server is not running or it's not listening on its public IP
Run the following commands on ns2 and see what you get
Code:
netstat -tunapl|grep 53
dig domain.com @ns2.domain.com
Regards
 
1 members found this post helpful.
Old 07-18-2012, 09:21 PM   #3
nepalproxy
LQ Newbie
 
Registered: Jul 2012
Posts: 7

Original Poster
Rep: Reputation: Disabled
I get the following when entering netstat -tunapl|grep 53

tcp 0 0 second ns2 ip:53 0.0.0.0:* LIST EN 7855/named
tcp 0 0 second ns2 ip:53 0.0.0.0:* LIST EN 7855/named
tcp 0 0 second ns2 ip:53 0.0.0.0:* LIST EN 7855/named
tcp 0 0 first ns2 ip:53 0.0.0.0:* LIST EN 7855/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LIST EN 7855/named
tcp 0 0 0.0.0.0:22 0.0.0.0:* LIST EN 1530/sshd
tcp 0 0 127.0.0.1:953 0.0.0.0:* LIST EN 7855/named
tcp 0 0 :::53 :::* LIST EN 7855/named
tcp 0 0 :::21 :::* LIST EN 1538/xinetd
tcp 0 0 :::22 :::* LIST EN 1530/sshd
tcp 0 0 :::106 :::* LIST EN 1538/xinetd
udp 0 0 0.0.0.0:53 0.0.0.0:* 7855/named
udp 0 0 third ip:53 0.0.0.0:* 7855/named
udp 0 0 fourth ip:53 0.0.0.0:* 7855/named
udp 0 0 second ns2 ip:53 0.0.0.0:* 7855/named
udp 0 0 first ns2 ip:53 0.0.0.0:* 7855/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 7855/named
udp 0 0 :::53 :::* 7855/named



; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> mydomain.com @ns2.mydomain.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59104
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;mydomain.com. IN A

;; ANSWER SECTION:
mydomain.com. 86400 IN A first ns1 ip

;; AUTHORITY SECTION:
mydomain.com. 86400 IN NS ns1.mydomain.com.
mydomain.com. 86400 IN NS ns2.mydomain.com.

;; ADDITIONAL SECTION:
ns1.mydomain.com. 86400 IN A first ns1 ip
ns2.mydomain.com. 86400 IN A second ns2 ip

;; Query time: 14 msec
;; SERVER: second ns2 ip#53(ns2 ip)
;; WHEN: Thu Jul 19 02:19:33 2012
;; MSG SIZE rcvd: 116


Service named restart shows :-

service named status
WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf)
version: 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 (none)
CPUs found: 16
worker threads: 16
number of zones: 19
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
named (pid 7855) is running..

I have configured both the ns1 and ns2 in my own server using two different subnet ips provided to me by the service providers.

The first IP which is used in ns1.mydomain.com always responds and works but for ns2.mydomain.com .. even if I change other ips they do not respond.

I still can't understand what's wrong am a very basic user.

Last edited by nepalproxy; 07-18-2012 at 09:42 PM.
 
Old 07-19-2012, 03:29 AM   #4
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,074

Rep: Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972
Hi,

Just to be sure: You have one box with 2 IPs. Are these assigned on 2 different nics or there are aliased on the same nic?
Quote:
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> mydomain.com @ns2.mydomain.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59104
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
<snip>

;; Query time: 14 msec
;; SERVER: second ns2 ip#53(ns2 ip)
;; WHEN: Thu Jul 19 02:19:33 2012
;; MSG SIZE rcvd: 116
The dig output is fine. Your ns2 server answers authoritatively (aa) as it should, so if you cannot contact it from other boxes check for a firewall.
 
Old 07-19-2012, 11:26 AM   #5
nepalproxy
LQ Newbie
 
Registered: Jul 2012
Posts: 7

Original Poster
Rep: Reputation: Disabled
Thank you for your kind reply,

I have a VPS and it has four IP addresses

they are all bind in same interface. i.e
ifcfg-venet0
ifcfg-venet0:0
ifcfg-venet0:1
ifcfg-venet0:2
ifcfg-venet0:3

I can nslookup it from other boxes, it resolved it properly but the only problem is that intodns.com shows the following error for my ns2.mydomain.com showing it's ip.

ERROR: One or more of your nameservers did not respond:
The ones that did not respond are: my ns 2 ip address.

I have no idea about firewall, I had centos 6 installed and plesk 10, unmanaged. I used dns template to create everything. Everything works properly the only thing doesn't work is this second name server ns2.mydomain.com and it's domain.. but it's working.. please give me further clues to fix.

I have an ADSL connection and leased line in office, my isp doesn't block port 53, I disabled the iptable in my vps server but still the problem persists.

Is there any solution ?

I also have the following in /etc/named.conf


options {
query-source address * port 53;
listen-on { any; };
listen-on-v6 { any; };
listen-on port 53 { any; };
allow-recursion { localnets; };
allow-query { any; };
version "none";
directory "/var";
auth-nxdomain no;
pid-file "/var/run/named/named.pid";


Also
please see
netstat -an | grep ":53 "
tcp 0 0 third ip:53 0.0.0.0:* LISTEN
tcp 0 0 fourth ip:53 0.0.0.0:* LISTEN
tcp 0 0 ns2.mydomain.com ip:53 0.0.0.0:* LISTEN
tcp 0 0 ns1.mydomain.com ip:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
tcp 0 0 :::53 :::* LISTEN
udp 0 0 0.0.0.0:53 0.0.0.0:*
udp 0 0 third ip:53 0.0.0.0:*
udp 0 0 fourth up:53 0.0.0.0:*
udp 0 0 ns2.mydomain.com ip:53 0.0.0.0:*
udp 0 0 ns1.mydomain.com ip:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*
udp 0 0 :::53 :::*

Last edited by nepalproxy; 07-19-2012 at 11:50 AM.
 
Old 07-19-2012, 12:49 PM   #6
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,074

Rep: Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972
So you have one named instance running listening on all 4 interfaces and you only get an error for the 2nd of them!!
The netstat output shows that named is listening on that interface, you can use it to resolve hosts locally, so looks like a firewall problem. Run:
Code:
iptables -nvL
to verify that there is no rules loaded.
Try also to use ns2 from outside your lan and see if it works

If everything comes out normal double-check the zone file to see if you have assigned the correct IP to ns2, as I cannot think of something else.

Regards
 
Old 07-20-2012, 09:07 AM   #7
nepalproxy
LQ Newbie
 
Registered: Jul 2012
Posts: 7

Original Poster
Rep: Reputation: Disabled
The result are :

iptables -nvL
Chain INPUT (policy ACCEPT 20143 packets, 2129K bytes)
pkts bytes target prot opt in out source destination
25534 2473K RH-Firewall-1-INPUT all -- * * 0.0.0.0/0 0. 0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 RH-Firewall-1-INPUT all -- * * 0.0.0.0/0 0. 0.0.0/0

Chain OUTPUT (policy ACCEPT 25394 packets, 5965K bytes)
pkts bytes target prot opt in out source destination

Chain RH-Firewall-1-INPUT (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
5391 344K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53

it's a vps with public ips all those 4 ips are publicly accessible, I get same error everywhere but can access them from anywhere.
 
Old 07-20-2012, 10:21 AM   #8
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,074

Rep: Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972
So port 53udp/tcp is open.
Did you check the output of intoDNS to see if lists the correct ip for ns2?
Did you try to use ns2 from outside your network to resolve your domain and see wht you get?
Also you may comment out the following as it's not necessary in your case
Quote:
query-source address * port 53;
 
Old 07-20-2012, 10:25 AM   #9
nepalproxy
LQ Newbie
 
Registered: Jul 2012
Posts: 7

Original Poster
Rep: Reputation: Disabled
Yes it shows the correct ip for ns2.
yes I used it from outside network and it still resolves my ns2
I will comment it out, I really want to get this solved as it's getting too much frustrating and I don't have any clues.. ams ad.
 
Old 07-20-2012, 10:53 AM   #10
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,074

Rep: Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972Reputation: 1972
Sure it doesn't make sense.
If you can contact ns2 from outside and it resolves correctly, then I can't think of a reason why intoDNS cannot contact it.
You may check /var/log/messages, (or whatever logfile bind uses for its logs) and see if you get something. Or you can enable bind logging to log queries and check what happens when intoDNS contacts your server
 
Old 07-20-2012, 11:40 AM   #11
nepalproxy
LQ Newbie
 
Registered: Jul 2012
Posts: 7

Original Poster
Rep: Reputation: Disabled
it doesn't show anything about intodns.com. Thank you very very much for the support.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] DNS problem - One or more of your nameservers did not respond zubinn Linux - Server 11 12-03-2010 03:38 AM
Nameservers/DNS Issue pblackmon Linux - Networking 2 12-27-2007 12:00 PM
DNS / nameservers for site neut3k Linux - General 1 02-08-2006 07:53 PM
DNS configuration: How 2 change from local to remote nameservers Kropotkin Fedora 3 05-31-2005 01:22 PM
DNS does not respond jared78 Linux - Newbie 2 05-11-2005 06:24 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 05:37 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration