Nameserver gluerecords namecheap

kuabi · May 5, 2021, 2:39pm

I’ve set up glue records on my domain which is hosted with namecheap and used custom dns to forward them to my custon namesevers, however I am still getting the following in my status.

Nameserver glue records are incorrect error

I have contacted namecheap support who have responded with the following:

According to our check, the Glues records "my 2 ns server names with IP address which are glued to them, have been registered properly. Before pointing any domain name to these DNS, please ensure that corresponding A Records for your private nameservers “ns1.box.domain.uk and ns2.box.domain.uk” are created on the side of the hosting provider. Otherwise, they will not be functioning and returning host records for your domain name.

I assume that mail-in-a-box already will have set these records up?

I have run sudo mailinabox and restarted my computer but still no joy.

Any help is appreciated.

openletter · May 5, 2021, 2:49pm

In the Advanced DNS section of example.net

Scroll down to ‘PERSONAL DNS SERVER’ section and in the ‘Find Nameservers’ drop-down menu, select ‘Custom Nameservers’.

In the ‘Host’ field enter ns1.box.example.net and click ‘SEARCH’.

Verify the record is the IP address of your MiaB server.

Repeat the previous two steps for ns2.box.example.net.

On the ‘Domain’ section of example.net, verify ‘NAMESERVERS’ is set to ‘Custom DNS’ and that ns1.box.example.net is on one line and ns2.box.example.net is on the second line.

From the command line, run dig ns example.net to view the current name server for the domain.

kuabi · May 5, 2021, 2:59pm

Many thanks for your quick reply.

The glue records have been set up correctly and come back with the correct ip in the personal DNS server search.

On the domain page the two custom name servers are set up correctly.

running dig ns mydoman returns the following.

; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> ns mydomain
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 35029
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 6cf935ae20da92a7eddae4cd6092b09dac15fd952ef8ba92 (good)
;; QUESTION SECTION:
;mydomain. IN NS

;; Query time: 64 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed May 05 15:50:05 BST 2021
;; MSG SIZE rcvd: 70

I’m getting caught with the new user 2 link rule, so being careful how they are put.

openletter · May 5, 2021, 3:02pm

What is meant by this?

Oh, you mean the forum.

You need to put the out put in code tags. Just highlight the whole section then click the </> icon.

kuabi · May 5, 2021, 3:06pm

Ok thanks.

les@box:~$ dig ns mydomain.uk

; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> ns mydomain.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 30761
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: cd4968b30736bef7318226866092b224ec874be782bca779 (good)
;; QUESTION SECTION:
;mydomain.			IN	NS

;; Query time: 58 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed May 05 15:56:36 BST 2021
;; MSG SIZE  rcvd: 70

openletter · May 5, 2021, 3:17pm

What is the output of dig @1.1.1.1 ns example.net

kuabi · May 5, 2021, 3:33pm

les@box:~$ dig @1.1.1.1 ns mydomain.uk

; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> @1.1.1.1 ns mydomain.uk
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 24228
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; OPT=15: 00 16 ("..")
; OPT=15: 00 06 ("..")
;; QUESTION SECTION:
;mydomain.uk.			IN	NS

;; Query time: 3924 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Wed May 05 16:32:03 BST 2021
;; MSG SIZE  rcvd: 54

openletter · May 5, 2021, 3:37pm

There is something very weird going on.

Do you have any other server you can use?

Or maybe try using gwhois.org?

kuabi · May 5, 2021, 3:44pm

From gwhois.org

## [mydomain.uk + DNS](https://gwhois.org/mydomain.uk+dns)

**whois.iana.org** (root)

Raw

**whois.nic.uk** (registry)

Raw

|Domain Name|mydomain.uk|
| --- | --- |
|Data Validation|Nominet was able to match the registrant's name and address against a 3rd party data source on 24-Jan-2021|
|Registrar|Namecheap, Inc. [Tag = NAMECHEAP-INC]
URL: https://www.namecheap.com|
|Registered On|21-Feb-2021Sunday, February 21, 2021|
|Expiry Date|21-Feb-2023Tuesday, February 21, 2023|
|Last Updated|05-May-2021Wednesday, May 5, 2021|
|Registration Status|Registered until expiry date.|
|Name Servers|ns1.box.mydomain.uk "correct ip"
ns2.box.mydomain.uk "correct ip"|
|DNSSEC|Signed|
|WHOIS lookup made at 16:40:12 05-May-2021|

mydomain.uk @**h.root-servers.net** (198.97.190.53)

Failed to resolve the following nameservers: **[ns1.box.mydomain.uk](https://gwhois.org/dns/ns1.box.mydomain.uk)**, **[ns2.box.mydomain.uk](https://gwhois.org/dns/ns2.box.mydomain.uk)**

openletter · May 5, 2021, 3:48pm

Do you see a whole bunch of records (A, AAAA, DNSKEY, MX, NS, RRSIG, SOA, TXT, etc.) in the DNS section on right?

kuabi · May 5, 2021, 3:57pm

Nothing, just the failed to resolve message. It’s like it’s not hitting my box?

openletter · May 5, 2021, 3:59pm

Try doing a port scan of your IP address.

kuabi · May 5, 2021, 4:00pm

If I do “dig +short myip.opendns.com @resolver1.opendns.com” it returns my correct ip for the box.

kuabi · May 5, 2021, 4:02pm

can you recommend a scanner that will scan all ports?

openletter · May 5, 2021, 4:09pm

Nmap:
https://nmap.org/download.html

In Ubuntu you can install from repositories.

Run the command nmap -F <ip address> to do the scan.

openletter · May 5, 2021, 4:13pm

Oh, and for an online tool (that is also rather slow):

https://www.dnsqueries.com/en/online_portscaner.php

kuabi · May 5, 2021, 4:17pm

It looks like it is a firewall issue.
les@box:~$ dig @1.1.1.1 ns mydomain.uk

; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> @1.1.1.1 ns mydomain.uk
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62219
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;mydomain.uk.			IN	NS

;; ANSWER SECTION:
mydomain.uk.		86400	IN	NS	ns1.box.mydomain.uk.
mydomain.uk.		86400	IN	NS	ns2.box.mydomain.uk.

;; Query time: 1658 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Wed May 05 17:12:25 BST 2021
;; MSG SIZE  rcvd: 82

It is still not resolving though

kuabi · May 5, 2021, 4:20pm

Starting Nmap 7.80 ( https://nmap.org ) at 2021-05-05 17:19 BST
Nmap scan report for mydomain.uk (*.*.*.*)
Host is up (0.0012s latency).
Not shown: 92 filtered ports
PORT    STATE SERVICE
22/tcp  open  ssh
25/tcp  open  smtp
53/tcp  open  domain
80/tcp  open  http
443/tcp open  https
587/tcp open  submission
993/tcp open  imaps
995/tcp open  pop3s

Nmap done: 1 IP address (1 host up) scanned in 1.86 seconds

openletter · May 5, 2021, 4:21pm

Did you run this from outside the server firewall?

kuabi · May 5, 2021, 4:26pm

I did yes. I just need to get ready for work but I will be checking all feedback, just not as quick. I appreciate the time you’re spending trying to find the issue.