KeyHelp Community

Das offizielle KeyHelp Forum der Keyweb AG / The official KeyHelp forum of Keyweb AG
https://community.keyhelp.de/

Warning secondary NS (DNS slave)

https://community.keyhelp.de/viewtopic.php?t=11325

Page 1 of 1

Warning secondary NS (DNS slave)

Posted: Sun 10. Apr 2022, 23:01
by Pedrope
Hi friends
I'm new to the forum and i'm trying out this panel and it seems good. I've intalled it with no problem in Debian 11, and in general everything seems ok but I don´t know how to configure a secudary external DNS and it shows an error that I attach in the following figure.
It contains:
analysis intodns.com
ns2.serverpanel.txxxn.cl. ['45.xx.128.70'] [TTL=3600]
ns.serverpanel.txxxn.cl. ['69.xx.93.129'] [TTL=3600]
Warning in glue record
the dns record for the main domain
settings ns nameservers and IPs in database
ipservers primary and secondary

warning Image


I'm thankful for any help.
Kind regards

Pedro P.

Re: Warning secondary NS (DNS slave)

Posted: Mon 11. Apr 2022, 10:44
by 24unix
Pedrope wrote: Sun 10. Apr 2022, 23:01 settings ns nameservers and IPs in database
Usually, you can set them with your registry.

They are not required, but it costs one lookup more if they are not present.

Re: Warning secondary NS (DNS slave)

Posted: Mon 11. Apr 2022, 14:27
by Pedrope
Ok, thanks 24Unix, it´s pretty long.
I was working with this post viewtopic.php?t=9000

Any chance you could you help me with this?

Thanks in advance


Pedro P.

Re: Warning secondary NS (DNS slave)

Posted: Mon 11. Apr 2022, 14:34
by 24unix
Did you fix the issues with the glue records?

Re: Warning secondary NS (DNS slave)

Posted: Tue 19. Apr 2022, 12:50
by Pedrope
Hi,
no, the problem remains

My config
Setting -->DNS sever

Code: Select all

ns.serverpanel.txxn.cl.  	(default)
ns3.txxn.cl			(external)
Here my domain DNS conf (panel)

Code: Select all

*			86400 A 	69.xx.93.129
ns.serverpanel.toxx.cl 	86400 A 	69.xx.93.129
ns3.toxx.cl		86400 A 	45.xxx.128.70
@ 			86400 NS 	ns.serverpanel.txxn.cl.
@ 			86400 NS 	ns3.txxn.cl.

Here the intodns.com result

PARENT (OK)

Code: Select all

Domain NS records	Nameserver records returned by the parent servers are:
			ns.serverpanel.txxn.cl.   	['69.xx.93.129']   [TTL=3600]	(OK)
			ns3.txxn.cl.  			['45.xxx.128.70']  [TTL=3600]	(OK)
NS (wrong)

Code: Select all

NS records from your nameservers	NS records got from your nameservers listed at the parent NS are:
					ns.serverpanel.txxn.cl  ['69.xx.93.129']   [TTL=86400]
					ns3.txxn.cl  ['69.xx.93.129']   [TTL=86400] --> WRONG the real IP is 45.xxx.128.70)
WARNING

Code: Select all

Same Glue	Looks like the A records (the GLUE) got from the parent zone check are different than the ones got from your nameservers. 
		You have to make sure your parent server has the same NS records for your zone as you do.I detected some problems as follows:
                For ns3.txxn.cl the parent reported: ['45.xxx.128.70'] and your nameservers reported: ['69.xx.93.129']

S.O. : Debian 11
Panel : 22.0 (Build 2393)
DNS server: BIND 9.16.27
DB server: MariaDB 10.5.15

Thanks in advance, any help is appreciated

Pedrope

Re: Warning secondary NS (DNS slave)

Posted: Tue 19. Apr 2022, 12:59
by 24unix
If you were not crippling the names we could check the real results.

It's useless to cripple public services anyways. You want your users to use your NS, don't you?

Re: Warning secondary NS (DNS slave)

Posted: Tue 19. Apr 2022, 16:47
by Pedrope
Hi 24unix, I send you a PM, please check

Re: Warning secondary NS (DNS slave)

Posted: Tue 19. Apr 2022, 17:35
by 24unix
At first you need to fix the MX. try the suggestion from the PM.

Re: Warning secondary NS (DNS slave)  [SOLVED]

Posted: Wed 29. Jun 2022, 21:46
by Pedrope
Hi, I´ve resolved this issue, and nothing to do with the MX as you suggest me

1.- Edit /etc/bind/named.conf.options and change adding the secondary DNS IP to look like

Code: Select all

//========================================================================
	// If BIND logs error messages about the root key being expired,
	// you will need to update your keys.  See https://www.isc.org/bind-keys
	//========================================================================
	dnssec-validation auto;

	auth-nxdomain no;    # conform to RFC1035
	listen-on-v6 { any; };	
	allow-transfer {
		127.0.0.1;
		45.236.108.270;  --->  (ip secondary DNS)
		};
     also-notify {
     45.236.108.270;           ----> (ip secondary DNS)
 };
};
After that, runs the followin commands to ensure that everything is OK
named-checkconf (no response is everything OK)
service bind9 reload
service bind9 restart
service bind9 status

2.- Add the new Ip to the DNS config
Edit /etc/bind/keyhelp_domain.conf
change the existent IP for the secondary server IP and should like as

Code: Select all

; Glue
ns IN A 45.71.231.70
ns2 IN A 45.236.108.270    ---> secondary IP
I recommend reboot the system

I´ts worked for me
Debian 11
Keyhelp 22.1

Based in this post: viewtopic.php?t=9000

Good luck

Pedrope
All times are UTC+02:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited