Nameserver/DNS issues with MIAB box

pohutukawa · August 16, 2017, 2:26am

Hi all, MAIB is fantastic/amazing!

Thanks to Josh and everyone else involved in community, etc.

I’ve set up MAIB successfully on a Linode box but am finding nameserver/DNS issues challenging!

Box is rewarewa.rakino.nz [172.104.79.116] at Linode
Glue record for rakino.nz domain set ns1.rewarewa.rakino.nz=172.104.79.116 at registry
Setup secondary DNS at Linode.com and 1984.is

Intention is for rewarewa.rakino.nz the handle email and web for rakino.nz, rakino.net and tikouka.net (low volume email/web).

When I run through a DNS check https://intodns.com/rakino.nz it throws up various issues including:

Recursive Queries I could use the nameservers listed below to performe recursive queries. It may be that I am wrong but the chances of that are low. You should not have nameservers that allow recursive queries as this will allow almost anyone to use your nameservers and can cause problems. Problem record(s) are: 162.159.27.72

(162.159.27.72=ns1.linode.com)

When I repeat the DNS check with rakino.net it throws up:

Missing nameservers reported by parent FAIL: The following nameservers are listed at your nameservers as nameservers for your domain, but are not listed at the parent nameservers (see RFC2181 5.4.1). You need to make sure that these nameservers are working.If they are not working ok, you may have problems!
ns1.rewarewa.rakino.nz
Error Missing nameservers reported by your nameservers ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are:
ns1.rakino.nz
This is listed as an ERROR because there are some cases where nasty problems can occur (if the TTLs vary from the NS records at the root servers and the NS records point to your own domain, for example).

Would really appreciate any feedback regarding:

(a) how I can address these issues, and

(b) if there is a better way of setting up DNS/nameservers.

One issue I’m not clear on is whether or not I should use ns1.rakino.nz (added to MAIB custom DNS) as primary nameserver for rakino.nz (+glue record), rakino.net and tikouka.net.

Context: rakino.nz is a primary business domain (rakino.net previously) and tikouka.net a personal domain.

Thank you!

Robin

murgero · August 17, 2017, 9:55pm

nameservers can take up to 48 hours to propagate at the registrar. Just give it some time

pohutukawa · August 17, 2017, 10:06pm

Thanks Murgero, am aware of this but a good reminder!

murgero · August 18, 2017, 12:40am

hey no problem, I checked your DNS and it’s still throwing an error, who is your registrar and did you name the nameservers “ns1.domain.tld” and “ns2.domain.tld”? You will need to make sure they are like that. Also make sure the right IP Address as well. I checked my MIAB instance and it is working as expected with similar setup to what you described.

murgero · August 18, 2017, 12:41am

Also - I would remove the ns1.linode.com record from the nameservers and use your DNS server’s in MIAB as your primary.

pohutukawa · August 18, 2017, 12:56am

Registrar is sitehost.co.nz

Nameservers are set to ns1.rewarewa.rakino.nz and ns2.rewarewa.rakino.nz (box name is rewarewa.rakino.nz).

rewarewa.rakino.nz resolves to 172.104.79.116 which is correct.

the Linode MAIB box is primary NS for the domain as far as I can see.

pohutukawa · August 18, 2017, 12:59am

Hmmm. 162.159.27.72=ns1.linode.com is listed with the registrar as secondary NS with the MIAB box as primary.

I’m wondering why ns1.linode.com is allowing recursive lookups.

murgero · August 18, 2017, 1:40am

That would be the cause of the problem as the error is specifically stating it as the problem. I would check to see if you can remove that (Not needed as MIAB should be your complete DNS/NS server anyway)

pohutukawa · August 18, 2017, 2:22am

Thanks Murgero for taking the time to reply again with more suggestions!

Linode is a pretty solid infrastructure player. I’d like to have ns1.linode.com as a backup nameserver should something happen to the MIAB box DNS.

I guess, if the DNS is down, it probably means the box is down, so … not much use.

Then again, if the internet can see that the box still lives (DNS still present) but the box is down, mail will be delayed but eventually delivered (assuming the box comes online within the applicable period within which the mail should be accepted - there will be an RFC for this somewhere I’m positive).

So on balance, secondary nameservers are worthwhile it seems, but I could have it wrong (if I have, please anyone, correct my ignorance!).

Cheers

Robin

murgero · August 19, 2017, 12:13am

In that case linode should be your primary nameserver and you should configure (see the admin web panel) MIAB as the secondary.

system · August 26, 2017, 12:13am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.