Local NSD not resolving box' host with 127.0.0.1

kypeli · July 31, 2016, 5:47pm

I have a new Mail-in-a-box setup running on Digital Ocean and everything seems to be pretty ok. However, the status page indicates that the box’ hostname and IP do not resolve. Which is weird, since for example Google’s DNS server can resolve them. So I looked a bit closer.

I found out that /etc/resolve.conf points to 127.0.0.1 which is used for resolving the host information. But if I - on the same box - use the box’ external IP as the DNS server, then the host will resolve. Any ideas what’s wrong? I tried running setup again with sudo mailinabox but that didn’t help.

139.59.130.180 is the external IP of the box.

root@mailbox:~# host mailbox.kypelihosting.com 127.0.0.1
Using domain server:
Name: 127.0.0.1
Address: 127.0.0.1#53
Aliases:

Host mailbox.kypelihosting.com not found: 3(NXDOMAIN)

root@mailbox:~# host mailbox.kypelihosting.com 139.59.130.180
Using domain server:
Name: 139.59.130.180
Address: 139.59.130.180#53
Aliases:

mailbox.kypelihosting.com has address 139.59.130.180
mailbox.kypelihosting.com mail is handled by 10 mailbox.kypelihosting.com.

It seems the NSD is running and working ok for other domains, because it can resolve google.com:

root@mailbox:~# host google.com 127.0.0.1
Using domain server:
Name: 127.0.0.1
Address: 127.0.0.1#53
Aliases:

google.com has address 216.58.214.46
google.com has IPv6 address 2a00:1450:4001:810::200e
google.com mail is handled by 10 aspmx.l.google.com.
google.com mail is handled by 30 alt2.aspmx.l.google.com.
google.com mail is handled by 50 alt4.aspmx.l.google.com.
google.com mail is handled by 20 alt1.aspmx.l.google.com.
google.com mail is handled by 40 alt3.aspmx.l.google.com.
root@mailbox:~# host google.com 127.0.0.1
Using domain server:
Name: 127.0.0.1
Address: 127.0.0.1#53
Aliases:

google.com has address 216.58.214.46
…

It seems to just have problems with its own host name.

kypeli · August 6, 2016, 6:59am

Reading this (Update broke mailinabox) other thread, I concluded that the problem is that bind9 is not playing nice with nsd, thus bind9 which is listening on localhost is not forwarding requests to nsd that actually knows about the domain. And that’s why the local box can’t resolve the domain.

But unfortunately I have no idea how to debug or fix this issue. Any hints on what to check next?

I can see that both nsd and named are running:

root@mailbox:/etc/bind# lsof -i :53
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nsd 1445 nsd 4u IPv4 11291 0t0 UDP mailbox.kypelihosting.com:domain
nsd 1445 nsd 5u IPv4 11292 0t0 TCP mailbox.kypelihosting.com:domain (LISTEN)
nsd 1448 nsd 4u IPv4 11291 0t0 UDP mailbox.kypelihosting.com:domain
nsd 1448 nsd 5u IPv4 11292 0t0 TCP mailbox.kypelihosting.com:domain (LISTEN)
named 1478 bind 20u IPv4 11399 0t0 TCP localhost:domain (LISTEN)
named 1478 bind 512u IPv4 11398 0t0 UDP localhost:domain
nsd 1482 nsd 4u IPv4 11291 0t0 UDP mailbox.kypelihosting.com:domain
nsd 1482 nsd 5u IPv4 11292 0t0 TCP mailbox.kypelihosting.com:domain (LISTEN)

I don’t see any errors either in syslog. named seems to start normally:

Aug 6 09:49:44 mailbox named[1478]: starting BIND 9.9.5-3ubuntu0.8-Ubuntu -u bind -4
Aug 6 09:49:44 mailbox named[1478]: built with ‘–prefix=/usr’ ‘–mandir=/usr/share/man’ ‘–infodir=/usr/share/info’ ‘–sysconfdir=/etc/bind’ ‘–localstatedir=/var’ ‘–enable-threads’ ‘–enable-largefile’ ‘–with-libtool’ ‘–enable-shared’ ‘–enable-static’ ‘–with-openssl=/usr’ ‘–with-gssapi=/usr’ ‘–with-gnu-ld’ ‘–with-geoip=/usr’ ‘–with-atf=no’ ‘–enable-ipv6’ ‘–enable-rrl’ ‘–enable-filter-aaaa’ ‘CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2’
Aug 6 09:49:44 mailbox named[1478]: ----------------------------------------------------
Aug 6 09:49:44 mailbox named[1478]: BIND 9 is maintained by Internet Systems Consortium,
Aug 6 09:49:44 mailbox named[1478]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
Aug 6 09:49:44 mailbox named[1478]: corporation. Support and training for BIND 9 are
Aug 6 09:49:44 mailbox named[1478]: available at Professional Support for Open Source - ISC
Aug 6 09:49:44 mailbox named[1478]: ----------------------------------------------------
Aug 6 09:49:44 mailbox named[1478]: adjusted limit on open files from 4096 to 1048576
Aug 6 09:49:44 mailbox named[1478]: found 1 CPU, using 1 worker thread
Aug 6 09:49:44 mailbox named[1478]: using 1 UDP listener per interface
Aug 6 09:49:44 mailbox named[1478]: using up to 4096 sockets
Aug 6 09:49:44 mailbox named[1478]: loading configuration from ‘/etc/bind/named.conf’
Aug 6 09:49:44 mailbox named[1478]: reading built-in trusted keys from file ‘/etc/bind/bind.keys’
Aug 6 09:49:44 mailbox named[1478]: using default UDP/IPv4 port range: [1024, 65535]
Aug 6 09:49:44 mailbox named[1478]: using default UDP/IPv6 port range: [1024, 65535]
Aug 6 09:49:44 mailbox named[1478]: no IPv6 interfaces found
Aug 6 09:49:44 mailbox named[1478]: listening on IPv4 interface lo, 127.0.0.1#53
Aug 6 09:49:44 mailbox named[1478]: generating session key for dynamic DNS
Aug 6 09:49:44 mailbox named[1478]: sizing zone task pool based on 5 zones
Aug 6 09:49:44 mailbox named[1478]: using built-in root key for view _default
Aug 6 09:49:44 mailbox named[1478]: set up managed keys zone for view _default, file ‘managed-keys.bind’
Aug 6 09:49:44 mailbox named[1478]: automatic empty zone: 10.IN-ADDR.ARPA
Aug 6 09:49:44 mailbox named[1478]: automatic empty zone: 16.172.IN-ADDR.ARPA
…
Aug 6 09:49:44 mailbox named[1478]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Aug 6 09:49:44 mailbox named[1478]: automatic empty zone: D.F.IP6.ARPA
Aug 6 09:49:44 mailbox named[1478]: automatic empty zone: 8.E.F.IP6.ARPA
Aug 6 09:49:44 mailbox named[1478]: automatic empty zone: 9.E.F.IP6.ARPA
Aug 6 09:49:44 mailbox named[1478]: automatic empty zone: A.E.F.IP6.ARPA
Aug 6 09:49:44 mailbox named[1478]: automatic empty zone: B.E.F.IP6.ARPA
Aug 6 09:49:44 mailbox named[1478]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Aug 6 09:49:44 mailbox named[1478]: command channel listening on 127.0.0.1#953
Aug 6 09:49:44 mailbox named[1478]: managed-keys-zone: journal file is out of date: removing journal file
Aug 6 09:49:44 mailbox named[1478]: managed-keys-zone: loaded serial 7
Aug 6 09:49:44 mailbox named[1478]: zone 0.in-addr.arpa/IN: loaded serial 1
Aug 6 09:49:44 mailbox named[1478]: zone 127.in-addr.arpa/IN: loaded serial 1
Aug 6 09:49:44 mailbox named[1478]: zone 255.in-addr.arpa/IN: loaded serial 1
Aug 6 09:49:44 mailbox named[1478]: zone localhost/IN: loaded serial 2
Aug 6 09:49:44 mailbox named[1478]: all zones loaded
Aug 6 09:49:44 mailbox named[1478]: running

I haven’t touched neither bind’s nor nsd conf files. I have tried to reboot.

system · August 13, 2016, 6:59am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.