Local DNS is not working [was: Unable to check system status]

Luke · November 9, 2014, 9:01am

Just did a fresh install and when I use the Check System Status or Backup Status I get the error
"Error Something went wrong, sorry." What does this mean? I am able to send and receive email, I just cannot view the status at all.

JoshData · November 9, 2014, 1:42pm

See if anything is reported in the log:

tail -f /var/log/syslog

And see what happens when you load those admin pages.

Luke · November 10, 2014, 9:38am

Well I ran that command and then opened the Status page and this is what I got:

Nov 10 20:31:49 box kernel: [98406.199438] [UFW BLOCK] IN=eth0 OUT= MAC=08:00:27:39:31:50:78:a0:51:07:81:2c:08:00 SRC=10.1.1.1 DST=10.1.1.10 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=53 DPT=59853 LEN=59
Nov 10 20:32:01 box named[1147]: success resolving ‘mountainstronghold.net.dbl.spamhaus.org/A’ (in ‘dbl.spamhaus.org’?) after reducing the advertised EDNS UDP packet size to 512 octets
Nov 10 20:32:11 box kernel: [98427.511994] [UFW BLOCK] IN=eth0 OUT= MAC=08:00:27:39:31:50:78:a0:51:07:81:2c:08:00 SRC=10.1.1.1 DST=10.1.1.10 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=53 DPT=52536 LEN=59
Nov 10 20:32:19 box dovecot: imap-login: Login: user=luke.dibben@mountainstronghold.net, method=PLAIN, rip=::1, lip=::1, mpid=21863, TLS, session=
Nov 10 20:32:19 box dovecot: imap(luke.dibben@mountainstronghold.net): Disconnected: Logged out in=91 out=904
Nov 10 20:32:28 box kernel: [98445.479299] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:01:68:5b:35:8b:bd:1d:08:00 SRC=10.1.1.25 DST=224.0.0.1 LEN=44 TOS=0x00 PREC=0x00 TTL=1 ID=32034 PROTO=UDP SPT=64544 DPT=8612 LEN=24

JoshData · November 10, 2014, 12:31pm

Can you log out / log in to the control panel?

radek · November 10, 2014, 3:53pm

Hi i had similar problem with “Backup Status” and i solved it with:

sudo mkdir /home/user-data/backup/duplicity

I found solution here: https://github.com/mail-in-a-box/mailinabox/issues/158

Luke · November 11, 2014, 8:47am

Checked and found the duplicity directory was already there. Also Logged out and back in but no effect other than I can now view Backup Status, which seems to be backing up fine. So the inability to view the Status Check remains. The server seems to work ok for everything, but it would be nice to be sure from seeing what the Backup Status has to say.

JoshData · November 11, 2014, 11:52am

It might be a different error now, so please check the logs again.

If there’s nothing there, you could also use your browser’s debugger to grab the output of the network requests the admin page makes. One of those requests is returning an error. The response data may have an error message.

Luke · November 11, 2014, 12:37pm

Ok, nothing of note when I ran tail -f /var/log/syslog but…
when I run the browser debug and got this:

Unexpected CSS token: : bootstrap.min.css:5
Unexpected CSS token: : bootstrap-theme.min.css:5
Failed to load resource: the server responded with a status of 403 (Forbidden) https://10.1.1.10/admin/dns/dump
Failed to load resource: the server responded with a status of 504 (Gateway Time-out) https://10.1.1.10/admin/system/status

poorjudge · November 19, 2014, 3:45pm

Can confirm. Having same error on status page. Browser debug shows following –
POST https://box.XXXXX.com/admin/system/status 504 (Gateway Time-out)

chainsaw · November 20, 2014, 3:06am

Having the same problem.

Mine happened right after installing SSL.

It was working before I did that.

The POST to /admin/system/status returns 500

My emails also don’t sent/arrive, is that a seperate problem? Anyone else have this?

(Host or domain name not found. Name service error for name=******.com type=MX: Host not found, try again)

chainsaw · November 20, 2014, 3:13am

I guess I’m having a seperate issue:

ntpd_intres[1196]: host name not found: 0.ubuntu.pool.ntp.org
ntpd_intres[1196]: host name not found: 1.ubuntu.pool.ntp.org
ntpd_intres[1196]: host name not found: 2.ubuntu.pool.ntp.org
ntpd_intres[1196]: host name not found: 3.ubuntu.pool.ntp.org

sqeezy80 · November 20, 2014, 3:48pm

Please check if bind is running.

/etc.init.d/bind9 status

output should be something like this

bind9 is running

stevetoza · November 20, 2014, 10:57pm

Check /etc/resolv.conf

I had an issue where this wasn’t working and there was no name servers listed. Once added, I logged out and back in this resolved the issue.

Luke · November 20, 2014, 11:26pm

Checked to see if bind9 was running and it was. Also checked /etc/resolve.conf. Sure enough the only nameserver reference it had was to 127.0.0.1. I modified this, but after restarting it was overwritten and set back to the original content.

stevetoza · November 21, 2014, 9:03am

Hello,

The below should stop resolv.conf from being overwritten

nano or vi /etc/resolvconf/resolv.conf.d/head

Add the name servers in save and exit

Run resolvconf -u

Reboot, check resolv.conf

JoshData · November 21, 2014, 12:43pm

Luke, the correct content of resolv.conf is 127.0.0.1. (Stevetoza, setting outside nameservers is not how the box is intended to operate.)

The box has bind9 running and listening on 127.0.0.1 so that the box acts as its own DNS server. (Running a local nameserver ensures that DNS responses that support DNSSEC can’t be tampered with in transit between the box’s services and the DNS server.)

bind9 seems to not be listening on 127.0.0.1. Restarting bind9 and checking the system logs might reveal a problem when it attempts to start listening.

It could be that nsd (the nameserver used to answer public queries about the box’s hosted domains) is listening on 127.0.0.1 instead. It’s not supposed to. The best way to test this is to sudo service nsd stop then sudo service bind9 start. Then things might start working again — except for nsd (which is now stopped). If a sudo service nsd start fixes it, then the services just needed to all be restarted. If nsd won’t start now, it may not be configured right.

Please take a look at /etc/nsd/nsd.conf and let me know what appears on any ip-address lines.

Hopefully we can get this resolved. The problem has come up a bunch of times and I’d really like to nail a solution.

stevetoza · November 21, 2014, 1:18pm

Josh,

Changing resolv.conf is the only way to get the box working at present for myself. Would like to help you get this resolved. Send me an email or contact me direct I will allow you access to the box.

Luke · November 21, 2014, 1:30pm

Hi and thanks all for you help!
I tried as you said and looking at the nsf.conf ip-address line, there is only the IP of the server (10.1.1.10). Also looking at the log files, this appeared after testing regarding nod and bind9 stop/starts:
Nov 22 00:24:54 box Exception on /system/status [POST]#012Traceback (most recent call last):#012 File “/usr/lib/python3/dist-packages/flask/app.py”, line 1817, in wsgi_app#012 response = self.full_dispatch_request()#012 File “/usr/lib/python3/dist-packages/flask/app.py”, line 1477, in full_dispatch_request#012 rv = self.handle_user_exception(e)#012 File “/usr/lib/python3/dist-packages/flask/app.py”, line 1381, in handle_user_exception#012 reraise(exc_type, exc_value, tb)#012 File “/usr/lib/python3/dist-packages/flask/_compat.py”, line 33, in reraise#012 raise value#012 File “/usr/lib/python3/dist-packages/flask/app.py”, line 1475, in full_dispatch_request#012 rv = self.dispatch_request()#012 File “/usr/lib/python3/dist-packages/flask/app.py”, line 1461, in dispatch_request#012 return self.view_functionsrule.endpoint#012 File “/usr/local/bin/mailinabox-daemon”, line 35, in newview#012 return viewfunc(*args, **kwargs)#012 File “/usr/local/bin/mailinabox-daemon”, line 281, in system_status#012 run_checks(env, output)#012 File “/home/lukedibben/mailinabox/management/status_checks.py”, line 24, in run_checks#012 run_domain_checks(env)#012 File “/home/lukedibben/mailinabox/management/status_checks.py”, line 114, in run_domain_checks#012 check_primary_hostname_dns(domain, env, dns_domains, dns_zonefiles)#012 File “/home/lukedibben/mailinabox/management/status_checks.py”, line 140, in check_primary_hostname_dns#012 ip = query_dns(“ns1.” + domain, “A”) + ‘/’ + query_dns(“ns2.” + domain, “A”)#012 File “/home/lukedibben/mailinabox/management/status_checks.py”, line 349, in query_dns#012 response = dns.resolver.query(qname, rtype)#012 File “/usr/lib/python3/dist-packages/dns/resolver.py”, line 972, in query#012 raise_on_no_answer, source_port)#012 File “/usr/lib/python3/dist-packages/dns/resolver.py”, line 816, in query#012 timeout = self._compute_timeout(start)#012 File “/usr/lib/python3/dist-packages/dns/resolver.py”, line 731, in _compute_timeout#012 raise Timeout#012dns.exception.Timeout

stevetoza · November 21, 2014, 1:46pm

Think I have found the solution theres two bind services

bind9 and bind9.dpkg-dist

I started bind9.dpkg-dist instead of bind9 (as in the bind9 start script there is no content in there)

root@box:/etc/init.d# cat bind9
#!/bin/sh

exit 0

everything now resolves with the nameserver as 127.0.0.1 in /etc/resolv.conf and the Check System Status screen works correctly

chainsaw · November 24, 2014, 8:07am

Hi Josh,

I followed your advice, but I am still getting the post error on system status.

root@box:~# sudo service nsd stop

nsd stop/waiting

root@box:~# sudo service bind9 start

root@box:~# sudo service nsd start

nsd start/running, process 1306

Then I tried through browser but still got same problem.

/etc/nsd/nsd.conf

ip-address: my vps ip address (external, not 127.0.0.1)
then another ip-address under there with the ipv6

identify the server (CH TXT ID.SERVER entry).

identity: “”