Resolved DNS Issue: One or more of your nameservers did not respond

[deleon]

Server operating system version

Debian 10

Plesk version and microupdate number

18.0.49

Please help me.
I have installed new Dedicated with Debian 10 and Plesk, my case is my site can't be reached, DNS issue, One or more of your nameservers did not respond.

DNS Bind is running, firewall enable, port 53 open.
I have searched the same issue but I don't find solution for my case. Please help me.

 

[scsa20]

You would need to create a glue record with your domain registrar to point to your ns1.jks88.top and ns2.jks88.top to the IP addresses you'll be using for the DNS.

 

[deleon]

You would need to create a glue record with your domain registrar to point to your ns1.jks88.top and ns2.jks88.top to the IP addresses you'll be using for the DNS.

I have created it
ns1.jks88.top -> xxx.xxx.xxx.108
ns2.jks88.top -> xxx.xxx.xxx.108

DNS setting on server:
ns1.jks88.top - A - xxx.xxx.xxx.108
ns2.jks88.top - A - xxx.xxx.xxx.108
jks88.top - NS - ns1.jks88.top
jks88.top - NS - ns2.jks88.top
jks88.top - A - xxx.xxx.xxx.108

I check on DNS Checker - DNS Check Propagation Tool = No Record
on MX Lookup Tool - Check your DNS MX Records online - MxToolbox => record detected
TimeStamp:
Depth: 1
ServerName: d.zdnscloud.com
ServerIP: 203.99.27.1
Authoritative: NON-AUTH
ElapsedTime: 82 ms
Result: Received 2 Referrals , rcode=NO_ERROR
Question:
Answers: jks88.top. 3600 IN NS ns2.jks88.top,jks88.top. 3600 IN NS ns1.jks88.top,

TimeStamp:
Depth: 2
ServerName: ns1.jks88.top
ServerIP: 139.99.124.108
Authoritative: AUTH
ElapsedTime: 242 ms
Result: Received 2 Answers , rcode=NO_ERROR
Question:
Answers: jks88.top. 86400 IN NS ns1.jks88.top,jks88.top. 86400 IN NS ns2.jks88.top,

I don't understand on this:
ServerName: d.zdnscloud.com
ServerIP: 203.99.27.1
This IP as ns2, why not 139.99.124.108 as ns2?

What shoul I do?

 

[scsa20]

Looks like you're using namecheap for your domain. In this case, did you went to name cheap and added it under the "Personal DNS Server"? (You will need to go to the Advanced DNS in your registrar and choose to add a nameserver under the Personal DNS Server section for Register Nameserver).

Here's a screen shot to give you an idea of what it'll look like:

Once they're added, under the "Find Name Servers", if you click search you should see your name servers listed. If they're not listed then you didn't create the glue records.

 

[scsa20]

Another thing to check, assuming you have your registered host configured properly, is to make sure you have port 53 open on your firewall via UDP (if you're using the plesk firewall to apply the settings, it should have it open by default).

 

[deleon]

Looks like you're using namecheap for your domain. In this case, did you went to name cheap and added it under the "Personal DNS Server"? (You will need to go to the Advanced DNS in your registrar and choose to add a nameserver under the Personal DNS Server section for Register Nameserver).

Here's a screen shot to give you an idea of what it'll look like:

Once they're added, under the "Find Name Servers", if you click search you should see your name servers listed. If they're not listed then you didn't create the glue records.

Done. I use premium DNS. I have consulted with tech support and configuration is OK, They said the problem is server side.

 

[deleon]

Another thing to check, assuming you have your registered host configured properly, is to make sure you have port 53 open on your firewall via UDP (if you're using the plesk firewall to apply the settings, it should have it open by default).

TCP 53 is open, but how to check udp 53?
I use plesk firewall.

 

[deleon]

I do this
dig +trace jks88.top

; <<>> DiG 9.11.5-P4-5.1+deb10u8-Debian <<>> +trace jks88.top
;; global options: +cmd
;; Received 17 bytes from 213.186.33.99#53(213.186.33.99) in 0 ms

dig from internal:
; <<>> DiG 9.11.5-P4-5.1+deb10u8-Debian <<>> jks88.top
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13895
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 582d5ca91d6613721b8ac3c063d5ea9a154c6cda967a405c (good)
;; QUESTION SECTION:
;jks88.top. IN A

;; ANSWER SECTION:
jks88.top. 86400 IN A 139.99.124.108

;; AUTHORITY SECTION:
jks88.top. 86400 IN NS ns1.jks88.top.
jks88.top. 86400 IN NS ns2.jks88.top.

;; ADDITIONAL SECTION:
ns1.jks88.top. 86400 IN A 139.99.124.108
ns2.jks88.top. 86400 IN A 139.99.124.108

But from external:
connection time out; no server could be reached

I found this on var/log/messages:
Jan 29 00:00:13 server rsyslogd: [origin software="rsyslogd" swVersion="8.1901.0" x-pid="692" x-info="The rocket-fast Syslog Server - rsyslog"] rsyslogd was HUPed
Jan 29 06:47:18 server fail2ban-vacuum: Vacuum of fail2ban database successfully completed
Jan 29 10:34:33 server kernel: [82682.738862] TCP: request_sock_TCP: Possible SYN flooding on port 53. Sending cookies. Check SNMP counters.

What's it mean?

 

[scsa20]

Usually when I see custom DNS doesn't work is because you don't have a glue record. If the glue record is set and your name servers is set properly with custom name servers then the next thing is that you don't have A records configured on your server for ns1 and ns2 so you'll want to check under your domain within plesk to make sure you have 2 A records of host ns1 and of host ns2 pointing to your IP which looks like you are doing?

This is one of those cases where it'll be easier if I can actually see your whole settings from the DNS settings within your panel for your domain to your settings in namecheap to help locate the problem.

 

[deleon]

Usually when I see custom DNS doesn't work is because you don't have a glue record. If the glue record is set and your name servers is set properly with custom name servers then the next thing is that you don't have A records configured on your server for ns1 and ns2 so you'll want to check under your domain within plesk to make sure you have 2 A records of host ns1 and of host ns2 pointing to your IP which looks like you are doing?

This is one of those cases where it'll be easier if I can actually see your whole settings from the DNS settings within your panel for your domain to your settings in namecheap to help locate the problem.

Here is DNS setting on my plesk:

	jks88.top.		NS	ns2.jks88.top.
	jks88.top.		TXT	v=spf1 +a +mx +a:server.jks88.top -all
	www.jks88.top.		CNAME	jks88.top.
	jks88.top.		A	139.99.124.108
	jks88.top.		MX (10)	mail.jks88.top.
	ns2.jks88.top.		A	139.99.124.108
	_imaps._tcp.jks88.top.		SRV	jks88.top.
	jks88.top.		NS	ns1.jks88.top.
	ipv4.jks88.top.		A	139.99.124.108
	_dmarc.jks88.top.		TXT	v=DMARC1; p=none
	ns1.jks88.top.		A	139.99.124.108

This from namecheap:

Host	IP Address
ns1.jks88.top	139.99.124.108	Remove
ns2.jks88.top	139.99.124.108

 

[scsa20]

eh, looks fine in terms of what you got. I know the TCP of port 53 is open since I'm able to telnet into it and able to test ping to port 53 successfully, but still not sure about udp. Can you print out the list of your iptables?

sudo iptables -L INPUT -v -n

(of course remove any rules that has personal IP addresses if you have any rules that restricts, say, ssh for only your IP address)

 

[deleon]

Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
128 11196 f2b-plesk-modsecurity tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443,7080,7081
273K 106M f2b-recidive tcp -- * * 0.0.0.0/0 0.0.0.0/0
115K 14M f2b-ssh tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
207K 102M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
19 4280 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW reject-with tcp-reset
216 54221 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
1455 86920 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
3587 1347K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:68
1753 73120 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:49152:65535
152 7896 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8447
639 33684 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8443
43 2512 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8880
297 15594 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
815 47308 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
55 2912 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
6499 383K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
9 392 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:587
42 2228 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
67 3860 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:465
25 1360 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110
57 3224 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:995
16 812 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:143
94 5480 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:993
2 120 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:106
28 1176 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
20 844 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5432
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:138
9 400 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139
3555 183K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
10345 799K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
671 39804 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
50066 1770K ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 code 0
31346 1521K DROP all -- * * 0.0.0.0/0 0.0.0.0/0

 

[scsa20]

hmm.... your rules looks right. At this point I'm thinking it's something on your host side itself, maybe a firewall on the host side? Your IP says it's through OVH so you might want to check for any firewall rules on there, and make sure you have UDP port 53 open to your server.

 

[deleon]

UDP port 53 is open.


Starting Nmap 7.70 ( Nmap: the Network Mapper - Free Security Scanner ) at 2023-01-30 08:35 WIB
Initiating UDP Scan at 08:35
Scanning server.jks88.top (139.99.124.108) [1000 ports]
Discovered open port 53/udp on 139.99.124.108
Discovered open port 123/udp on 139.99.124.108
Completed UDP Scan at 08:35, 2.71s elapsed (1000 total ports)
Nmap scan report for server.jks88.top (139.99.124.108)
Host is up (0.000029s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
53/udp open domain
68/udp open|filtered dhcpc
123/udp open ntp

I have contacted support team but they are slow response. This confuses me.

 

[deleon]

SOLVED...! Deactivating IP's Games Firewall on OVH control panel.
Thank you @scsa20 for your support.

 

[Peter Debik]

I have contacted support team but they are slow response. This confuses me.

Is that Plesk support? They normally respond no later than within 2 hours the most.

 

[deleon]

Is that Plesk support? They normally respond no later than within 2 hours the most.

No, not plesk support, but hosting provider.