Solved

Virtually hosted domains are resolving intermittently via domain name addressing

Posted on 2011-09-06
15
536 Views
Last Modified: 2012-05-12
Problem:  Using domain name addressing (e.g. www.mysubdomain1.com), my virtually hosted domains are resolving correctly some days and then not resolving at other times.  When they don't resolve, I can always access them via direct ip addressing (e.g. http://11.22.3.44/~username).  So it's not that the web server is down at the time.  

All of the virtually hosted domains use the same nameservers, which are, the namerservers of the parent reseller account I own (e.g. the nameservers for mysubdomain1.com are set to ns1.myparentdomain.com and ns2.myparentdomain.com; for mysubdomain2.com they are also set to ns1.myparentdomain.com and ns2.myparent domain.com, etc.)

I never have problems accessing myparentdomain.com via domain name addressing.  But all of my subdomains play peek-a-boo if addressed as www.mysubdomainx.com.

Background:  I run all of my sites on a VPS hosted by Hostican.  I have a reseller account there (arcalinea.com) underwhich I host several subdomains.  Hostican made some server upgrades a while back, moved my domains to another server, changing the IP address of the parent reseller account in the process.  Since then, I've had the problem described above.  Before Hostican's server upgrade, the approach I had used to set nameservers at my various subdomain registrars had worked correctly.

My sites are setup as follows.  My main account on the VPS is www.arcalinea.com (this is the reseller account).  I then have several virtually hosted domains under arcalinea's IP address (this is how I was setup previously with no problems).

After Hostican changed arcalinea's IP address, I updated the nameservers at arcalinea's registrar (which is domainsatcost.com) and registered the new IP addresses at this registrar.  So at domainsatcost.com, arcalinea.com is defined as having nameservers ns1.arcalinea.com and ns2.arcalinea.com and those are registered to 66.84.8.228 and 66.84.8.229 respectively.

At this stage of the process, everything works as planned.  www.arcalinea.com resolves correctly in a browser.  Also,running a trace (say at www.network-tools.com) returns a valid DNS records and a complete trace for www.arcalinea.com.

The main problem is with all of the domains hosted virtually under account arcalinea.com at hostican (those are the domains i refer to above as mysubdomain1.com, mysubdomain2.com ,etc.).  For example:  cadstudio3.com, healingparadigms.ca and maryjaneporter.ca are some of the domains hosted under arcalinea.

Everyone of those virtually hosted domains has its nameservers set the same way:  they each are set to ns1.arcalinea.com and ns2.arcalinea.com

Even at times where those virtually hosted domains are resolving correctly in my browser, if I run a check on that domain at www.network-tools.com (using say the Express option), I get several errors such as:

'IP address:  Error, try again'
'TraceRoute' is empty.
'Attempt to get a DNS server for maryjaneporter.ca failed.  The query returned a server failure'

But, the Whois query for maryjaneporter.ca in the same express report shows the nameservers to be correctly defined as:
ns1.arcalinea.com
ns2.arcalinea.com

This of course begs the question, if there are no DNS records available, how is the browser able to correctly resolve (some of the times) to www.maryjaneporter.ca (or any of the other subdomains in question)?

It seems to me that the problem is with the way the nameservers, hosted at Hostican, are behaving or are configured.  Trying to get this resolved by/with Hostican has been an exercise in frustration, ranging from them denying there was a problem to then acknowledging there was a problem, to then suggesting the problem was with my ISP (yet other friends and colleagues on different ISPs than mine have the same issue trying to resolve to my virtually hosted domains; some days it works, other days it doesn't).

The latest from Hostican is "Judging by the symtoms of this, most likely named/bind is dieing on your VPS. You will want to look through your named/bind logs to determine the root cause.

You will want to look at /var/log/messages or /var/log/named specifically around the time your domains stop resolving.".

This is the first, after many less than useful answers that hints at a possible problem area.  Unfortunately, II don't know where to find those logs (a friend has suggested I may not even have access to them as they may be higher up in the server's root, beyond my reseller account's root).

I've tried finding these logs on my reseller account via the WHM as well as on the hosted accounts via their respective CPanels but no luck (they might be there but I can't find them).

I have WHM access to my reseller account's root which includes DNS Functions such as 'Edit DNS Zone, Perform a DNS Cleanup, Synchronize DNS Records' and more, along with the ability to restart the DNS Server (BIND/NSD) but I am reluctant to just start initiating functions when I'm not certain of what I'm doing,

I'm in the middle of some projects and can't afford to lose access to those sites if something screws up.

Can anyone help me sort this out?
0
Comment
Question by:qeng
  • 8
  • 4
  • 3
15 Comments
 
LVL 13

Assisted Solution

by:LinuxGuru
LinuxGuru earned 350 total points
Comment Utility
Hi,

The problem seems to be with your name servers. Are you sure the ips for ns1.arcalinea.com and ns2.arcalinea.com are 66.84.8.228 and 66.84.8.229 respectively on your server? Just try to ping ns1.arcalinea.com and ns2.arcalinea.com and you can see the results. You need to correct the name server ips or if its correct, please ask your hosting provider to add the name servers and ips in your dns zone file. The dns zone file can be located at

/var/named/domainname.com.db

Cheers !!!
0
 

Author Comment

by:qeng
Comment Utility
Hi testez,

I just pinged ns1.arcalinea.com and ns2.arcalinea.com and get the response:  'Ping request could not find host ns1.arcalinea.com' etc..

And I also notice when running an Express record check at network-tools.com that although their check reports an IP address of 66.84.8.228 (which is correct), and the Trace Route correctly completes there, when it tries to retrieve DNS records for arcalinea.com if shows:
"DNS servers
ns2.arcalinea.com
ns1.arcalinea.com
Query for DNS records for arcalinea.com failed:  Address not available'

Where do I correct those two nameserver IPs?  Do I do it at arcalinea.com's registrar (which is where I had done it but perhaps I'd done it incorrectly) ie that's where I defined arcalinea.com as having the nameservers ns1.arcalinea.com and ns2.arcalinea.com and I further defined that ns1.arcalinea.com corresponded to 66.,84.8.228 etc..  I don't recall if I specifically tried to register them beyond just defining the IPs there.

Or ... am I to set (or correct or reset) my nameservers on my VPS via the WHM panel.  

As far as I can tell (i'm largely guessing at what I'm seeing there so i could be dead wrong), there seem to be entries for arcalinea which define ns1.arcalinea.com and 66.84.8.228.  I'm attaching the arcalinea.com.db file from the var/named folder for your review (i renamed the file as a .txt file in order to upload it since we can't upload .db files here)

Thx for your help.
arcalinea-com-db.txt
0
 

Author Comment

by:qeng
Comment Utility
I see in my WHM panel, if i go in to edit the DNS Zone:

hostname: vps.arcalinea.com
the arcalinea.com NS records set to ns1.arcalinea.com and ns2.arcalinea.com
and the A record set to 66.84.8.228
www has CNAME set to arcalinea.com

the other records in there 'seem' ok to me (e.g. ftp, cpanel, whm, vps, etc.) all point to the same ip

the first entry at the top of the page shows ns1.arcalinea.com. /dev/null.

I also note that every instance of arcalinea.com has a period after it as so:  arcalinea.com.  (i assume that is normal and intentional)
0
 
LVL 13

Accepted Solution

by:
LinuxGuru earned 350 total points
Comment Utility
ok. Could you please add the following lines to your dns zone file and reload the named?

ns1.arcalinea.com 14400      IN      A 66.84.8.228
ns2.arcalinea.com 14400      IN      A 66.84.8.229

Let me know the results.
0
 
LVL 13

Assisted Solution

by:LinuxGuru
LinuxGuru earned 350 total points
Comment Utility
Also please backup your zone file before making any changes.

Do you have shell access? If yes, you can use the following command to backup the zone file.

cp -rp /var/named/domainname.com.db  /var/named/domainname.com.db.bakup

After that edit the file using

vi /var/named/domainname.com.db

Save and quit.

Reload using the following command.

service named reload
0
 
LVL 9

Assisted Solution

by:crazedsanity
crazedsanity earned 150 total points
Comment Utility
In a standard zone file, the trailing dot (i.e. "ns1.arcalinea.com.") is used to indicate that it is the fully qualified domain name (FQDN); this is done to avoid ambiguity.  If you wanted to create a host "ns1.arcalinea.com.arcalinea.com" you could, but make sure to add that trailing dot.  It seems the post from testez seems to be missing that trailing dot.

Also, when encountering problems with DNS, remember that caching is a bit issue: once a server has requested information, it should store information for as long as your domain's "TTL" (Time To Live) value is set; since you've got it as 14400, that information will be cached for ~4 hours.  When trying to resolve DNS problems, it is best to set this down to the smallest reasonable time...  try 600 (10 minutes) or 3600 (1 hour) to avoid too much insanity.

All that said, it seems that testez found the problem: there is a missing "A" record for your nameservers in your domain record.  Add those, increment the serial of the record (so other DNS servers know there's been a change) and restart the service.
0
 

Author Comment

by:qeng
Comment Utility
Thanks a lot for this.  I have to tend to other business today (which absolutely requires me to have access my sites) so I will attempt the changes likely tomorrow ... just in case :)

I'm so looking forward to resolving this (sorry ... bad unintended pun)!
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 13

Expert Comment

by:LinuxGuru
Comment Utility
Ok. No problem. Just let us know if you require any further assistance.
0
 

Author Comment

by:qeng
Comment Utility
Thanks u2.  Sorry for the delay in returning to this.  I had to complete a project which required uninterrupted access to my sites and didn't dare risk mucking things up in the meantime.

Seems you both nailed it.  Turns out my host support staff, after insisting for 2 months that everything was fine with my setup, finally went in and fixed it a few days ago and did exactly what you recommended (from what I can see).

All of my sites have been resolving without trouble since.

I don't know for certain if the serial number was incremented.  Is there any harm done in me going back and and incrementing it now, or since it's been several days since the change, is it pointless to do that at this time.  If i do increment it, do I simply update it in the DNS Zone form the way one would update any form record or is there anything special about the process?

I'm attaching a screen grab for one/both of you to have a look if you have a minute, just to let me know if anything looks out of whack.

Lastly, I have a separate question regarding updating my VPS's WHM and CPanel software.  If I post a new question, is one of you interested in picking that one up (assuming it's your bag?).

Thanks again for your support. Screengrab of arcalinea DNS Zone
0
 

Author Closing Comment

by:qeng
Comment Utility
Bang on.

testez, crazedsanity, please check out my last reply if you have a moment.

Thanks again.
0
 
LVL 9

Expert Comment

by:crazedsanity
Comment Utility
Glad to hear it all got resolved.

There's no harm in updating the serial number; it is worth noting that the serial number, while it can take any form as long as the updated numeric value is higher than before, is usually: yyyymmddnn (four-digit year, month with leading zero, day with leading zero, number of times edited that day [usually 00]).  Take that as you will...  I'd update it to be 2011091600 just to be sure.

The serial number is basically just a number.  Other servers will query the authoritative DNS server for a domain they've received a query for; if there is no change, they continue to use their cached value (if available).  There's a lot more to it than that, but you get the idea (hopefully).

I don't see anything in the zone file that jumps out at me as being wrong.  I suggest running a query against the important DNS records (e.g. mail, ns1, ns2, etc) to make sure they resolve, just to be sure.  Setting up a monitoring service (i.e. Nagios) is a pretty worthwhile investment to ensure you're aware of problems at least as quickly as your users.

As for your last question... I don't know anything specific about WHM or CPanel, but I'll help however I can.  

Thanks for the points!
0
 

Author Comment

by:qeng
Comment Utility
crazed sanity,

All great advice.  I've updated the DNS Zone serial number.  I follow your explanation.  I assumed it worked that way but this is not my area of expertise so I never know what i might be overlooking.

Regarding querying the DNS records, is the best way to do this to use a web based service like say:  www.network-tools.com or is there a simple cmd line function like (figuratively)  'query domainname.com records=*.*', or should I just skip this and delve into Nagios.

Nagios seems very interesting.  I'm not too surprised that such facilities exist but I've never gone looking for them.  Seems like it's open source as well.  Big bonus.  If you're familiar with that service, can I trouble you to give me a quick hint (to save me a ton of reading trying to decipher which of their platforms, add-ons, plug-ins, etc. I would need).  I have about two dozen sites I'd monitor.

I'll post my other question now and return here to post the link to it in case you want to take a look at it.

Thanks again.  

0
 

Author Comment

by:qeng
Comment Utility
Here is my other question pertaining to basic management of a reseller account on a VPS.

http://www.experts-exchange.com/Software/Server_Software/Web_Servers/Apache/Q_27312253.html

Thanks for any help.
0
 
LVL 9

Expert Comment

by:crazedsanity
Comment Utility
Using that website for DNS checking is just fine.  Windows has a command-line utility "nslookup" (as does Linux), that works like:
nslookup www.domain.com ns.server.tld

Open in new window


Linux also has a "dig" utility that is recommended over nslookup, though not quite as simple to look at (differentiating "no records found" versus "found something" isn't straight-forward).

If you have the time & energy (and lack of budget), setting up a Nagios server works, though it takes a fair amount of time to get to the point that it is working properly.  If you have the budget for a subscription, I'd recommend finding an online equivalent that simply allows you to configure what is being checked (how often, how to notify, etc), as that option is usually distributed enough to deal with localized outages.
0
 

Author Comment

by:qeng
Comment Utility
Present budget suggests I try the Nagios route first and see how far i can get before getting bogged down.  

Thanks again for the guidance.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now