[DNS] Email & domain becomes inaccessible every few hours

boriskourt · September 23, 2018, 10:00pm

I have been using a standard mail-in-a-box setup for almost two years now. The server has been the same during that time, and almost nothing has gone wrong so far.

After upgrading to 0.28 almost two months ago I have what appear to be DNS outages. The server is not crashing, but I am unable to resolve the host every few hours, for a few hours. These windows of ‘downtime’ are rather random, but they do happen at least once a day.

I spoke with my hosting provider and they don’t see anything on their end. On my end, I am not sure what I need to look for.

When the admin panel is accessible I can see that all status checks are green. I’ve tried re-running the MIAB setup twice now.

What is the best way to debug this?

boriskourt · September 25, 2018, 11:31am

Is there a way to get the logs for just the DNS service?

I’ve also saved the Pingability information from when the box is unreachable, and when it is reachable. It looks like everything is nominal when it is reachable (up-check.txt) not sure if there is some hint in that information.

gist.github.com

https://gist.github.com/BorisKourt/e7676c06c65908f49718f100d04a7f92

down-check.txt


  DNS Information for 'kourtoukov.com'
    Zone Info: kourtoukov.com (1 Warning)
    Parent Name Servers
    kourtoukov.com Name Servers (1 Error)

        Zone Conﬁguration (SOA Record)
        ns1.box.kourtoukov.com (1 Error, 2 Warnings)
        ns2.box.kourtoukov.com (1 Error, 1 Warning)

This file has been truncated. show original

up-check.txt


  DNS Information for 'kourtoukov.com'
    Zone Info: kourtoukov.com
    Parent Name Servers
    kourtoukov.com Name Servers

        Zone Conﬁguration (SOA Record)
        ns1.box.kourtoukov.com
        ns2.box.kourtoukov.com

This file has been truncated. show original

thedude · September 26, 2018, 8:15pm

I’m experiencing the exact same issue. My server is running miab for 2 years, and the past days the custom domains I add do not resolve.

The server is on DigitalOcean and the domain provider Gandi.

thedude · September 26, 2018, 8:47pm

I’m wondering why there’s no configuration for a log file. Open /etc/nsd/nsd.conf and under the server section add:

logfile: "/var/log/nsd.log"

Then restart NSD with sudo service nsd restart. That should give you some log output to at least see what’s going on. In my case, i got:

[1537994682] nsd[7201]: error: example.com.txt.signed:106: CNAME and other data at the same name
[1537994682] nsd[7201]: error: example.com.txt.signed:107: CNAME and other data at the same name
[1537994682] nsd[7201]: error: zone example.com file example.com.txt.signed read with 2 errors

boriskourt · September 26, 2018, 8:52pm

Ah interesting. Will make the change and see if I have the same issue. Do you have any ideas why you would be getting those errors?

thedude · September 26, 2018, 8:54pm

It seems to have been a wrong entry? Open the offending file in the line it says and you should see it. It’s in /etc/nsd/zones/example.com.txt.signed. I then removed it from the admin interface and the domains I added after that change worked

thedude · September 26, 2018, 9:06pm

I submitted a PR https://github.com/mail-in-a-box/mailinabox/pull/1434, let’s see what the maintainers have to say

boriskourt · September 28, 2018, 9:11pm

Unfortunately I don’t see any errors in this file. It also seems to be often regenerated/rotated? (I only see the service shutdown and restart messages there, and only about 8 lines, but with new timestamps.)

Is there a proper way to regenerate these configuration files from scratch? In case I am missing the failing lines when the log is wiped?

falconm7 · October 5, 2018, 10:19am

I am also using the mail-in-a box for a long time. I have faced the similar issue few time. The server issue may be due to internet connection or IP problem. If you have any problem with server or router then simply contact Belkin Support