Resolved Issues occurred while syncing DNS zones with the DNS zone template.

[Ankebut]

Hello,

after Apply DNS Template Changes got warning or error


here is configuration from domain doitauto.de and i dont find any isue, can anyone help please?

 

[UFHH01]

Hi Ankebut,

while you correctly inserted the 3 NS - entries, you have misconfigurations for your depending A - entries, as your server IP will never resolve to "ns1.first-ns.de", "robotns2.second-ns.de" and "robotns3.second-ns.com".

Suggestions:
Add a third A - entry for "ns3.<domain>" and now change ALL of your three A - entries to:

ns1.<domain> 213.239.242.238
ns2.<domain> 213.133.105.6
ns3.<domain> 193.47.99.3

... as these are the current results, which you are able to check for example at:

=> DNS Lookup for ns1.first-ns.de
=> DNS Lookup for robotns2.second-ns.de
=> DNS Lookup for robotns3.second-ns.com
​

In addition, pls. remove the misconfigured AAAA - entries for your nsX - domain - entries. ​

 

[Ankebut]

Thank you for your fast reply, but here is wrote from my provide this

Combination with Plesk
When setting up a domain/subscription, Plesk automatically creates a DNS zone. In this case, when you create a DNS entry via Robot, the option "Slave DNS record" can be selected. The Hetzner nameservers then automatically adjust the DNS zone data with the primary nameserver managed through Plesk.

When changes are made to the DNS zones via Plesk, eg after creating a subdomain, the Hetzner nameservers will automatically update with the new information. Manually adjusting the DNS entry in Robot is therefore not necessary.

For the zone transfer functions to operate smoothly, a few adjustments need to be made in Plesk. These are explained in more detail below.

Note: If the installation of Plesk was activated and performed via Robot, the following adjustments are pre-configured automatically.

Allowing Zone Transfers for the Hetzner nameservers
In Plesk via the menu item "Tools & Settings" -> "DNS Template Settings" -> "Transfer Restrictions template", the following IP addresses of the Hetzner nameservers can be added:

213.239.242.238
213.133.105.6
193.47.99.3

This allows the Hetzner nameservers zone transfers (AXFR) via the primary nameserver managed through Plesk.

Entering NS Records for the Hetzner Nameservers
By going to "Tools & Settings" -> "DNS Template Settings" the existing NS record can be removed.

Subsequently, by clicking on "Add DNS entry" NS records for the following Hetzner nameservers can be added:

ns1.first-ns.de
robotns2.second-ns.de
robotns3.second-ns.com

Please leave the field labeled "Enter the domain name" blank.

To have this default setting be applied for existing domains in Plesk, the changes can be saved by clicking on "Domains" -> click on the Domain Name -> "DNS Settings".

Subsequently, the Hetzner nameservers can be used for the domain.

Kategorien: Language templates | Robot | DNS

When i will add ns with your sample get this error

 

[UFHH01]

Hi Ankebut,

sorry, but you misunderstood my suggestions! I dind't suggest to modify the NS - entries, but the A - entries!

Pls. read again:

while you correctly inserted the 3 NS - entries,

Add a third A - entry for "ns3.<domain>" and now change ALL of your three A - entries to:

ns1.<domain> 213.239.242.238
ns2.<domain> 213.133.105.6
ns3.<domain> 193.47.99.3

 

[Ankebut]

i think i dont misunderstand us, the IP from my Server is: 148.251.246.48 i need only Allowing Zone Transfers for the Hetzner nameservers, also i have change now DNS-Zone-Template to this

after when i apply Apply DNS Template Changes server wide, receive this result on my domain DNS

 

[UFHH01]

Hi Ankebut,

pls. understand the following:

You have 3 NS - servers currently defined for your domain over the Control Panel from your domain provider. It is NOT possible to re-route the IPs from these nameservers to your single IP of your rented server.

If you desire YOUR rented server with the single IP to be the primary nameserver ( not recommend in your case, as you only have ONE single IP ! ), you have to edit the settings over the Control Panel of your domain provider, so that the following modifications are done, according to your Plesk settings:

<domain>. NS ns1.<domain>.
<domain>. NS ns2.<domain>.

ns1.<domain>. A <ip>
ns1.<domain>. AAAA <ipv6>
ns2.<domain>. A <ip>
ns2.<domain>. AAAA <ipv6>

This means for the Control Panel of your domain provider:

doitauto.de. NS ns1.doitauto.de.
doitauto.de. NS ns2.doitauto.de.

ns1.doitauto.de. A 148.251.246.48
ns1.doitauto.de. AAAA 2a01:4f8:192:82af:0:0:0:2
ns2.doitauto.de. A 148.251.246.48
ns2.doitauto.de. AAAA 2a01:4f8:192:82af:0:0:0:2

 

[Ankebut]

is very strange also ia have now change DNS Zone Template to:


after Apply DNS Template Changes Server wide again the error

I have exactly change all ns to as wrote me


and my Provider administration only wrote my IP as here

 

[UFHH01]

Hi Ankebut,

pls. be aware, that changes of your nameserver may take "up to 24-72 hours", as the worldwide DNS - servers have to sync ( it's mostly faster, but this is the standart answer! ). Due to the fact that the Plesk Control Panel CHECKS the reverse, you sometimes have to WAIT, after you made such nameservers changes, where the NS switches to another IP.


Pls. REMOVE the *.doitauto.de - entries at your domain specific DNS - entries, as they conflict with your additional A entries ( for the nameservers ).

 

[Ankebut]

ok thank you much... and what you now mean about my settings (pic) show here now all ok?


and what can i remove from my DNS Zone Template here or add?

 

[Ankebut]

Hi Ankebut,
Pls. REMOVE the *.doitauto.de - entries at your domain specific DNS - entries, as they conflict with your additional A entries ( for the nameservers ).

i remove but that is always come back when i Apply DNS Template Changes

because i have a subdomain with *.doitauto.de for wildcard

 

[UFHH01]

Hi Ankebut,

because i have a subdomain with *.doitauto.de for wildcard

... which is unfortunately not correct. Pls. remove such a subdomain to avoid such issues/errors/problems.

 

[Ankebut]

yes but i search google always find tipps about plesk wildcard a must make subdomain with *domainname.com also that is not right? when it is not ok how i can make wildcard?

 

[UFHH01]

Hi Ankebut,

yes but i search google always find tipps about plesk wildcard a must make subdomain with *domainname.com also that is not right?

Such a question can't be answered, as we don't know, WHAT you are trying to achieve and we don't know, WHICH recommendations you read.

Due to the fact that your wildcard - subdomain conflicts with the external IPs of your external nameservers - A - entries, there is no other way as to remove such a wildcard - subdomain.

 

[Ankebut]

Thank you so much you are so great...

I wanted to know one more thing, how is about AAA record should too add same as A record for this?
ns1.<domain> 213.239.242.238
ns2.<domain> 213.133.105.6
ns3.<domain> 193.47.99.3

Due to the fact that your wildcard - subdomain conflicts with the external IPs of your external nameservers - A - entries, there is no other way as to remove such a wildcard - subdomain.

here is from plesk self about wildcard

[Info] Wie erstelle ich eine Wildcard Subdomain?

 

[UFHH01]

Hi Ankebut,

I wanted to know one more thing, how is about AAA record should too add same as A record for this?

I assume, that you would like to know, if there are as well corresponding AAAA - IPs for your nameservers "ns1.first-ns.de", "robotns2.second-ns.de" and "robotns3.second-ns.com", which I absolutely don't know. Pls. contact your domain - provider to get a decent answer for this question, or/and search their "FAQ" or "Knowledge - Base articles".

here is from plesk self about wildcard

[Info] Wie erstelle ich eine Wildcard Subdomain?

Pls. note first, that the article has been written for:

Applicable to:

• Plesk 12.5 for Linux
  
• Plesk 12.0 for Linux
  
• Plesk Automation 11.5

Second, only because there is an offcial ( informal ) Plesk - KB - article, how you are able to create wildcard - subdomains, it might not at all suit your needs. As I mentioned above, your wildcard - subdomain conflicts with your settings for your external nameservers and therefore such a common KB - article will never be compatible with your very own, unique settings.

 

[Ankebut]

I assume, that you would like to know, if there are as well corresponding AAAA - IPs for your nameservers "ns1.first-ns.de", "robotns2.second-ns.de" and "robotns3.second-ns.com", which I absolutely don't know. Pls. contact your domain - provider to get a decent answer for this question, or/and search their "FAQ" or "Knowledge - Base articles".

is here the right AAA IP`s for me?

Hetzner Standard Domain Name Server
Hier eine Auflistung aller offiziellen Domain Name Server, die von Root- und vServern aus den Hetzner Rechenzentren verwendet werden können:
Die IPv4-Adressen unserer rekursiven DNS-Server lauten:
213.133.98.98
213.133.99.99
213.133.100.100
Die IPv6-Adressen unserer rekursiven DNS-Server lauten:
2a01:4f8:0:a0a1::add:1010
2a01:4f8:0:a102::add:9999
2a01:4f8:0:a111::add:9898
Es handelt sich bei diesen DNS-Servern um DNS-Loadbalancer-Systeme.

 

[UFHH01]

Hi Ankebut,

well, these are different nameservers as you might notice by checking the reverse of each IPv4 and IPv6

2a01:4f8:0:a111::add:9898 => ns1-coloc.hetzner.de => 213.133.98.98
2a01:4f8:0:a102::add:9999 => ns2-coloc.hetzner.de => 213.133.99.99
2a01:4f8:0:a0a1::add:1010 => ns3-coloc.hetzner.de => 213.133.100.100

If you don't want to ask the Hetzner - Support, you have as well always the choice to test it by yourself!

As you can see with "dig", these nameservers don't seem to be reachable from the external network of Hetzner:

[email protected]:
dig +additional +trace +short doitauto.de. @213.133.98.98
;; connection timed out; no servers could be reached

[email protected]:
dig +additional +trace +short doitauto.de. @213.133.99.99
;; connection timed out; no servers could be reached

[email protected]:
dig +additional +trace +short doitauto.de. @213.133.100.100
;; connection timed out; no servers could be reached

 

[Ankebut]

@UFHH01 when i check the Above IPV6 here 2a01:4f8:0:a111::add:9898 | ns1-coloc.hetzner.de - Hetzner Online GmbH, Germany then i receive same nameserver, whta do you mean about?

 

[UFHH01]

Hi Ankebut,

when i check the Above IPV6 here 2a01:4f8:0:a111::add:9898 | ns1-coloc.hetzner.de - Hetzner Online GmbH, Germany then i receive same nameserver

My answer may not be very clear here, so I try to describe it again:

You will certainly receive an answer from a rented server INSIDE the Hetzner network, but pls. consider to use the example commands at any external server ( not within the Hetzner network! ) and you will notice, that there is no reply/answer, as they state pretty clear:

die von Root- und vServern aus den Hetzner Rechenzentren verwendet werden können

 

[Ankebut]

i have write my provider he have answer this:

Sehr geehrte Damen und Herren,

falls Sie unserer Nameserver verwenden möchten, müssen Sie die folgenden Nameserver angeben:
-----------------%<-----------------
Hetzner Standard Name Server – Hetzner DokuWiki
-----------------%<-----------------

Mit freundlichen Grüßen / Kind regards