I am using google cloud DNS for a domain. But for some reason, it is not resolving
root#ok:~# nslookup insurancegurukul.com
;; Got SERVFAIL reply from 1.1.1.1, trying next server
Server: 8.8.8.8
Address: 8.8.8.8#53
** server can't find insurancegurukul.com: SERVFAIL
root#ok:~#
Name servers used for the domain is
root#ok:~# whois insurancegurukul.com -h whois.internic.net | grep -i "Name Server:"
Name Server: NS-CLOUD-A1.GOOGLEDOMAINS.COM
Name Server: NS-CLOUD-A2.GOOGLEDOMAINS.COM
Name Server: NS-CLOUD-A3.GOOGLEDOMAINS.COM
Name Server: NS-CLOUD-A4.GOOGLEDOMAINS.COM
root#ok:~#
The domain resolve properly if i check with one of these name servers.
Any idea why the domain is not resolving ?
root#ok:~# nslookup insurancegurukul.com NS-CLOUD-A2.GOOGLEDOMAINS.COM
Server: NS-CLOUD-A2.GOOGLEDOMAINS.COM
Address: 216.239.34.106#53
Name: insurancegurukul.com
Address: 148.66.135.207
root#ok:~#
The problem was caused by DNSSEC.
Whois of the domain had "DNSSEC: signedDelegation".
boby#ok-pc-01:~$ whois insurancegurukul.com
Domain Name: INSURANCEGURUKUL.COM
Registry Domain ID: 1715752075_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Updated Date: 2018-11-15T16:35:06Z
Creation Date: 2012-04-24T19:39:21Z
Registry Expiry Date: 2025-04-24T19:39:21Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse#godaddy.com
Registrar Abuse Contact Phone: 480-624-2505
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Name Server: NS-CLOUD-A1.GOOGLEDOMAINS.COM
Name Server: NS-CLOUD-A2.GOOGLEDOMAINS.COM
Name Server: NS-CLOUD-A3.GOOGLEDOMAINS.COM
Name Server: NS-CLOUD-A4.GOOGLEDOMAINS.COM
DNSSEC: signedDelegation
DNSSEC DS Data: 49912 8 1 45F45DDBA94938BF66B2D6E8759F923428F1FDCF
DNSSEC DS Data: 18010 8 1 C0B1CC85941CFA008FD6905EE13813B65F917F63
This is disabled in domain registar godaddy > domain > DNS > DNSSEC
Once this is done, DNS resolution started working properly.
Related
I try to download https://github.com/taniman/profit-trailer/releases/download/2.3.3/ProfitTrailer-2.3.3.zip and https://github.com/PTMagicians/PTMagic/releases/download/2.2.2/PTM.2.2.2.zip.. but I get an error (screenshot) Looks like some DNS error? Please advice, ty.
NSLOOKUP Results (as you can see, it resolves google.com and amazonaws.com just fine..)
> github-production-release-asset-2e65be.s3.amazonaws.com
Server: router.domain_not_set.invalid
Address: 192.168.1.254
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to router.domain_not_set.invalid timed-out
> google.com
Server: router.domain_not_set.invalid
Address: 192.168.1.254
Non-authoritative answer:
Name: google.com
Addresses: 2a00:1450:400e:80c::200e
172.217.168.206
> amazonaws.com
Server: router.domain_not_set.invalid
Address: 192.168.1.254
Non-authoritative answer:
Name: amazonaws.com
Addresses: 72.21.210.29
207.171.166.22
72.21.206.80
Closed. Turned out to be a temporary DNS glitch.
I'm new at consul and I try to setup a server-client environment. I have started my server with the following command and configuration:
consul.exe agent -ui -config-dir=P:\Consule\config
The config file looks the following ("P:\Consule\config\server.json")
{
"bootstrap": false,
"server": true,
"datacenter": "MyServices",
"data_dir": "P:\\Consule\\data",
"log_level": "INFO"
}
Output when I start consul from commandline with above command:
==> Starting Consul agent...
==> Consul agent running!
Version: 'v0.8.3'
Node ID: '1a244456-e725-44be-0549-33603ea7087d'
Node name: 'MYCOMPUTERNAMEA'
Datacenter: 'myservices'
Server: true (bootstrap: false)
Client Addr: 127.0.0.1 (HTTP: 8500, HTTPS: -1, DNS: 8600)
Cluster Addr: 127.0.0.1 (LAN: 8301, WAN: 8302)
Gossip encrypt: false, RPC-TLS: false, TLS-Incoming: false
Atlas: <disabled>
Now, at another computer in my domain I try to run an consul client with follwoing commandline and config-file:
consul.exe agent -config-dir C:\Consul -bind=127.0.0.1
Config file ("C:\Consul\client.json")
{
"server": false,
"datacenter": "MyServices",
"data_dir": "C:\\TEMP",
"log_level": "INFO",
"start_join": ["MYCOMPUTERNAMEA"]
}
But I always get follwing output/error message:
==> Starting Consul agent...
==> Joining cluster...
==> 1 error(s) occurred:
* Failed to join <IP_OF_MYCOMPUTERNAMEA>: dial tcp <IP_OF_MYCOMPUTERNAMEA>:8301: connectex: No connection could be made because the target machine actively refused it.
Does anyone know what I'm doing wrong?
Thanks and best regards
I suppose, the reason is that your server is available only for 127.0.0.1 ip-address, which is localhost ip and available only from the same server. This can be seen here:
Client Addr: 127.0.0.1 (HTTP: 8500, HTTPS: -1, DNS: 8600)
Cluster Addr: 127.0.0.1 (LAN: 8301, WAN: 8302)
You have to configure your server, to make it listening all network interfaces or some specific interface, which have to be available from other server.
Try to run it with the client and advertise options set to 0.0.0.0 (or some specific ip). Read about it here and here.
And you might have to delete -bind=127.0.0.1 from the client configuration, since it might be available from the server too.
This is a fresh install on Ubuntu 16.04.
I have been able to change the port and edit the "/etc/gitlab/gitlab.rb" file.
changes;
external_url 'http://superawesomedomain.com:2345'
nginx['listen_port'] = 2345
nginx['proxy_set_headers'] = {
"Host" => "$http_host",
"X-Real-IP" => "$remote_addr",
"X-Forwarded-For" => "$proxy_add_x_forwarded_for",
"X-Forwarded-Proto" => "https",
"X-Forwarded-Ssl" => "on"
}
When I try to access Gitlab from the browser, I get a 502 error "Whoops, GitLab is taking too much time to respond."
And this in the logs:
==> /var/log/gitlab/nginx/gitlab_error.log <== 2016/05/04 00:43:53 [error] 1599#0: *14 connect() to
unix:/var/opt/gitlab/gitlab-workhorse/socket failed (111: Connection
refused) while connecting to upstream, client: xxx.xxx.xxx.xxx, server:
superawesomedomain.com, request: "GET /favicon.ico HTTP/1.1", upstream:
"http://unix:/var/opt/gitlab/gitlab-workhorse/socket:/favicon.ico",
host: "superawesomedomain.com:2345", referrer:
"http://superawesomedomain.com:2345/"
The only ports configured behind NAT to work on this machine are; 2345 and 8080.
What am I missing? Ultimately I would prefer that it be https://superawesomedomain.com:2345/
I was able to get this working by using the IP of the server instead of the URL in the config:
external_url 'http://192.168.0.20:2345'
After doing that, GitLab was accessible from the //superawesomedomain.com:2345/ address. I am not sure why this worked, but it seems this is the only way to get it working with NAT and forwarded ports.
As a test, I have a local bind instance running:
>netstat -ant | grep LISTEN
tcp 0 0 10.72.186.23:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
...
>nslookup mysubdomain.example.com 127.0.0.1
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: mysubdomain.example.com
Address: nn.nn.nn.251
Name: mysubdomain.example.com
Address: nn.nn.nn.249
Name: mysubdomain.example.com
Address: nn.nn.nn.201
Name: mysubdomain.example.com
Address: nn.nn.nn.138
I'm running haproxy 1.6.2 on the same host, with a resolvers section:
resolvers dns
nameserver dns1 127.0.0.1:53
nameserver dns2 10.72.186.23:53
hold valid 10s
It doesn't reject the resolvers section, but doesn't seem to be using it, either. It doesn't show in the stats page, and attempting to add this service command:
server mysubdomain-dev mysubdomain.example.com
causes this error:
>service haproxy restart
* Restarting haproxy haproxy
[ALERT] 322/171813 (10166) : parsing [/etc/haproxy/haproxy.cfg:77] : 'server mysubdomain-dev' : invalid address: 'mysubdomain.example.com' in 'mysubdomain.example.com'
[ALERT] 322/165300 (29751) : Error(s) found in configuration file : /etc/haproxy/haproxy.cfg
[ALERT] 322/165300 (29751) : Fatal errors found in configuration.
The haproxy doc https://cbonte.github.io/haproxy-dconv/configuration-1.6.html indicates this should work.
server <name> <address>[:[port]] [param*]
...
<address> is the IPv4 or IPv6 address of the server. Alternatively, a
resolvable hostname is supported, but this name will be resolved
during start-up. Address "0.0.0.0" or "*" has a special meaning.
Is there some other piece that needs to be added to the haproxy.cfg that activates the resolvers section?
When HAProxy first starts, it attempts to resolve the hostnames of any servers in all the backends to fill the server structures. During this first startup phase, HAProxy uses the OS resolver, i.e. generally the servers defined in your /etc/resolv.conf file.
Only later, when the server's IP addresses are updated during checks, HAProxy uses its internal resolver configuration and its internal DNS resolver.
From your error description, it now seems as if your host itself can not resolve the mysubdomain.example.com hostname. HAProxy will only be able to start if it can resolve the hostnames without an explicit named nameserver. This can be verified with e.g.
dig mysubdomain.example.com
might be you are not specifying the resolvers to use for that server
server mysubdomain-dev mysubdomain.example.com ->
server mysubdomain-dev mysubdomain.example.com resolvers dns
I have a problem with exim4 configuration. I try to send email to root, but email stay frozen in queue.
I tried this:
root#server2:~# echo TEST | mail -s "Hello this is testing email" root
and email is in queue (frozen), please see some outputs below.
In log (/var/log/exim4/mainlog) is this message:
2014-06-11 11:47:36 1Wuf84-0004o3-E4 <= root#server2.mydomain.cz U=root P=local S=416
2014-06-11 11:47:36 1Wuf84-0004o3-E4 remote host address is the local host: server2.mydomain.cz
2014-06-11 11:47:36 1Wuf84-0004o3-E4 == mailer-daemon#server2.mydomain.cz R=dnslookup defer (-1): **remote host address is the local host**
2014-06-11 11:47:36 1Wuf84-0004o3-E4 Frozen
Local host is routable (I hope):
root#server2:~# exim -bt localhost
LOG: MAIN
remote host address is the local host: server2.danielblazek.cz (while routing <localhost#server2.mydomain.cz>)
localhost#server2.mydomain.cz cannot be resolved at this time: remote host address is the local host
root#server2:~#
Configuration of hostname is right:
root#server2:~# hostname && hostname -f
server2
server2.mydomain.cz
Aliases seems to be OK:
root#server2:~# cat /etc/aliases
# /etc/aliases
mailer-daemon: postmaster
postmaster: root
nobody: root
hostmaster: root
usenet: root
news: root
webmaster: root
www: root
ftp: root
abuse: root
noc: root
security: root
root: root
clamav: root
Do have any idea how can I fix it? With Postfix I never have problem like that. System emails always was delivered to /var/mail folder. But with exim4 I' m on the rocks. It's required for me receive system emails...
Please ask me if you need more information or outputs. Thank you for all replies!
Daniel
remote host address is the local host is an exim error message which indicates that the sender or recipient's domain has your machine's hostname/IP, but exim is not configured to accept mail for that domain.
Exim has a standard domainlist named +local_domains that pretty much every different exim configuration system uses. See what domains are configured for your system by running:
exim -bP '+local_domains'
You will probably see a command that looks up a list of domains from a file. Put your hostname (in this case, it looks like it's an implicit hostname "localhost") in that file and exim should begin to work properly. Your test was slightly incorrect; you must pass the username you are delivering to, not the hostname:
exim -bt root