I have some DNS issues and I am trying to figure out if this is a correct I should get when I run this on VPS
getent hosts test.com
69.xx.xx.xxx server.test.com server www.test.com www test.com test testuser
for other sites the answer looks like this
getent hosts justhost.com
74.220.195.132 justhost.com
Are the first result ok? where are the values taken from?
Update:
If it helps
nslookup test.com 127.0.0.1
Server: 127.0.0.1
Address: 127.0.0.1#53
server can't find test.com: NXDOMAIN
dig #localhost test.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 56197
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;test.com. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Feb 24 14:32:24 2015
;; MSG SIZE rcvd: 41
Pinging the ns1 gives me the correct server ip
Pinging the domain name gives me the old server ip
Is this usual?
From an analysis on intoDNS (http://www.intodns.com/blackcatadvertising.com) it seems that the nameserver are not setted properly. Check both on your DNS provider (if it's not you) and on cPanel how they are setted. If you are sure that they are right as they are right now I would ask when did you created the domain? Sometime is required after the creation in order to let the DNS spread
fixed via How to fix a dig command with status: REFUSED?, basically I had to edit names.conf to have allow-query to any, and restart names
Related
I have installed PowerDNS on 2 VPS servers:
ns1 - 10.0.0.1
ns2 - 10.0.0.2
The Problem is the records/zones are not getting synced from Master to Slave. Here are the configurations:
Master Server:
allow-axfr-ips=10.0.0.2/32
daemon=yes
disable-axfr=no
include-dir=/etc/powerdns/pdns.d
master=yes
setgid=pdns
setuid=pdns
Slave Server:
daemon=yes
disable-axfr=yes
include-dir=/etc/powerdns/pdns.d
setgid=pdns
setuid=pdns
slave=yes
slave-cycle-interval=60
Database on Slave Server
MariaDB [powerdns]> select * from supermasters;
+-------------+------------------+---------+
| ip | nameserver | account |
+-------------+------------------+---------+
| 10.0.0.1 | ns2.example.com | admin |
+-------------+------------------+---------+
1 row in set (0.000 sec)
Both servers are running on MySQL database backend. Master is serving all records as expected but Slave server is giving this:
root#vps10:~# dig example.com #localhost
; <<>> DiG 9.16.1-Ubuntu <<>> example.com #localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 22750
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;example.com. IN A
;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Feb 04 22:11:39 UTC 2022
;; MSG SIZE rcvd: 45
I have also checked the Slave server and it does not have any zones from Master. Also tried this on the master server:
root#vps06:~# pdns_control notify example.com
Added to queue
Surfed the internet for any solutions but nothing was available. Can anyone guide me or point out what is wrong with my configuration?
You'll need to enable superslave and make sure your primary sends the correct notifications (NS records, ALSO-NOTIFY metadata (https://doc.powerdns.com/authoritative/domainmetadata.html?#also-notify) etc)
dig redhat.com
;; QUESTION SECTION:
;redhat.com. IN A
;; ANSWER SECTION:
redhat.com. 3600 IN A 209.132.183.105
We get the ip address 209.132.183.105----the A record of domain redhat.com.
Now i want to get the domain name from the ip--209.132.183.105.
Maybe you introduce two ways to get it.
nslookup 209.132.183.105
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
105.183.132.209.in-addr.arpa name = redirect.redhat.com.
Authoritative answers can be found from:
dig -x 209.132.183.105
; <<>> DiG 9.9.5-9+deb8u7-Debian <<>> -x 209.132.183.105
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62599
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;105.183.132.209.in-addr.arpa. IN PTR
;; ANSWER SECTION:
105.183.132.209.in-addr.arpa. 519 IN PTR redirect.redhat.com.
;; Query time: 1 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Sat Nov 19 15:11:33 CST 2016
;; MSG SIZE rcvd: 90
It is unlucky taht the result is not redhat.com and redirect.redhat.com is a PTR record with 209.132.183.105.
Could i draw a conclusion that no way to get a domain name from the IP address in condition of that the ip is A record of domain name?
You are correct in that there is no way to get the info reliably.
Anyone who owns a domain name can point any A, AAAA or CNAME to whatever IP address they like irrespective if they control that IP address.
It gets even more complex in that if you have the reverse delegation set up for your IP address(es) you can set whatever PTR record you like - even stuff that's invalid or none existent.
If you owned the domain rubber-chickens.com there is nothing stopping you creating the following;
google.rubber-chickens.com A 216.58.210.36 - Which points to google or
200.200.120.11 PTR msn.microsoft.com. - Which when you did a traceroute or dig would appear to show the hostname msn.microsoft.com
IP's and domains are just made up in this example.
I'm trying to create a home automation system that watches my dog during the day while I'm at work. My goals for this project are to learn a bit about DNS, file serving, and the RaspberryPi.
My hardware setup is as so:
1 RaspberryPi (camera enabled, and planning to use this as the web server behind my home router).
1 digital ocean mini instance (ubuntu12.04 with DNS provided via BIND).
1 macbook (testing DNS with this for now, but will later be using iPhones most commonly).
I'd like to use bubby.com as the domain name. This works when I query from my digital ocean server. However, if I try from my laptop, I get back a different ip.
Tests from digital ocean instance:
dns settings (contents of /etc/resolv.conf)
nameserver x.x.x.x
nameserver 8.8.8.8
nameserver 8.8.4.4
nslookup of bubby.com
nslookup bubby.com
Server: x.x.x.x
Address: x.x.x.x#53
Name: bubby.com
Address: y.y.y.y
(1 and 2 are correct as far as I can tell)
Tests from macbook
DNS settings from wifi (retrieved from Network Preferences):
nameservers x.x.x.x, 8.8.8.8
nslookup of bubby.com
nslookup bubby.com
Server: x.x.x.x
Address: x.x.x.x#53
Non-authoritative answer:
Name: bubby.com
Address: 216.21.239.197
Could someone help me explain why I get different results from the same dns server that are showing different addresses, even though the server/address is correct for the dns server?
Update 1: Reran test of nslookup
date && nslookup bubby.com
Sat Aug 20 05:57:01 PDT 2016
Server: x.x.x.x
Address: x.x.x.x#53
Non-authoritative answer:
Name: bubby.com
Address: 216.21.239.197
Dig bubby.com from laptop
date && dig bubby.com #192.241.227.149
Sat Aug 20 06:06:27 PDT 2016
; <<>> DiG 9.8.3-P1 <<>> bubby.com #x.x.x.x
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18813
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;bubby.com. IN A
;; ANSWER SECTION:
bubby.com. 3600 IN A 216.21.239.197
;; Query time: 132 msec
;; SERVER: x.x.x.x#53(x.x.x.x)
;; WHEN: Sat Aug 20 06:06:27 2016
;; MSG SIZE rcvd: 43
Dig hubby.com from digital ocean server with dns
date && dig bubby.com #x.x.x.x
Sat Aug 20 13:12:36 UTC 2016
; <<>> DiG 9.8.1-P1 <<>> bubby.com #x.x.x.x
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38404
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;bubby.com. IN A
;; ANSWER SECTION:
bubby.com. 604800 IN A y.y.y.y
;; AUTHORITY SECTION:
bubby.com. 604800 IN NS ns.bubby.com.
;; ADDITIONAL SECTION:
ns.bubby.com. 604800 IN A y.y.y.y
;; Query time: 2 msec
;; SERVER: x.x.x.x#53(x.x.x.x)
;; WHEN: Sat Aug 20 13:12:36 2016
;; MSG SIZE rcvd: 76
Update 2: DNS lookup from laptop while specifying another DNS server
date && nslookup ip.smartydns.com 87.117.205.40
Sat Aug 20 09:12:09 PDT 2016
Server: 87.117.205.40
Address: 87.117.205.40#53
Non-authoritative answer:
Name: ip.smartydns.com
Address: 82.196.5.38
Look at the dig output from your laptop, notice the AUTHORITY: 0. The reason for this is because this answer is not coming form your Digital Ocean instance (I have tested form several different locations, and I always get the same results as you get when you test from the instance itself), but from some other DNS server that is not authoritative for bubby.com.
The final smartyDNS test confirmed it: someone/something between you and and the rest of the internet (most probably your ISP or compromised home router) is acting as 'Transparent DNS proxy', intercepting your DNS queries and redirecting them to their own DNS server.
If you want to be sure, since probably only UDP/TCP port 53 is intercepted, you can try changing BIND to listen at some other port, then test from both digital Ocean instance and your laptop with dig querying that new port:
dig bubby.com #192.241.227.149 -p 5555
You should this time get the same results.
Some time ago I setup a site with some subdomains (example.com, test.example.com...)
Last week I added a new subdomain new.example.com and today I've realize that when I dig to the secondary server I get the SOA record as a response, not the answer itself:
root#Nigeria:~$ dig new.example.com #ns.kimsufi.com
; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> new.example.com #ns.kimsufi.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11559
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;new.example.com. IN A
;; AUTHORITY SECTION:
example.com. 86400 IN SOA ns345678.ip-93-122-113.eu. info.test.com. 2015021005 28800 7200 604800 86400
;; Query time: 36 msec
;; SERVER: 213.186.33.199#53(213.186.33.199)
;; WHEN: Mon Feb 16 11:14:35 2015
;; MSG SIZE rcvd: 108
I'm wondering why I'm getting an authority response instead of the right response. If I dig into 'ns345678.ip-93-122-113.eu' which is the right server where my website and my DNS server is hosted, I get the expected response:
;; ANSWER SECTION:
new.example.com. 86400 IN A 93.122.113.255
Why the secondary DNS is not giving an answer to the new subdomain? It is giving an answer to old subdomains like 'test.example.com'. And how I must interpret the SOA response? What does it mean?
A SOA record in the Authority segment together with having the AA flag set is an indication that the reply is authoritative. So what the response you pasted means is that ns.kimsufi.com says that it knows with certainty that the name you asked for (new.example.com) does not exist.
And if you hadn't hidden the actual domain name, someone might have been able to tell you the reason you're not getting the response you expect. But as it is, this is about all you will get.
I recently transferred the domain(v3foods.in) from godaddy to big rock because there was an issue for violating the rules which I didn't do wantedly. So I paid the fine and transferred the domain. Now when I try to link with the same old hosting it is not linking up. It is showing like A record not found which I entered and maintained for more than 48hrs. I feel like I made a mistake somewhere so can someone help me.
So you can query for the NS like this :
nslookup -q=ns v3foods.in
reply is :
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
v3foods.in nameserver = dns3.bigrock.in.
v3foods.in nameserver = dns1.bigrock.in.
v3foods.in nameserver = dns4.bigrock.in.
v3foods.in nameserver = dns2.bigrock.in.
Your Ping Data is now pointing to this Host
ping v3foods.in
PING v3foods.in (23.229.248.68) 56(84) bytes of data.
64 bytes from ip-23-229-248-68.ip.secureserver.net (23.229.248.68): icmp_req=1 ttl=56 time=68.8 ms
This is also the A record
Your Dig is now set for a very long time(in my opinion if you dont pay for DNS query set this to 5 min..)
dig v3foods.in
; <<>> DiG 9.8.1-P1 <<>> v3foods.in
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36816
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;v3foods.in. IN A
;; ANSWER SECTION:
v3foods.in. 21595 IN A 23.229.248.68
;; Query time: 17 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Dec 22 17:50:13 2014
;; MSG SIZE rcvd: 44
And this is the result from the NameServer at bigrock.in
> v3foods.in
Server: dns3.bigrock.in
Address: 67.15.253.219#53
Name: v3foods.in
Address: 23.229.248.68
>
If you can login into your hosting server run : ifconfig
this will show you the hosting External IP the format you will get will be eth0 - > inet addr: SERVER EXTERNAL IP
It seem like a straight A record Issue point to the right IP .. hope this help