Upgrade to v70 from v67 - DNS broke?

1

During the upgrade I was getting:

sudo: unable to resolve host XX.XX.XX: Temporary failure in name resolution

a few times and now on the status page (Loads very slowly):
xx.xx


DNSSEC ‘DS’ record is set correctly at registrar. (Records using algorithm other than ECDSAP256SHA256 and digest types other than SHA-256/384 should be removed.)

:heavy_multiplication_x:
The nameservers set on this domain are incorrect. They are currently [timeout]. Use your domain name registrar’s control panel to set the nameservers to ns1.mail.xx.xx; ns2.mail.xx.xx.

:heavy_multiplication_x:
This domain’s DNS MX record is not set. It should be ‘10 mail.xx.xx’. Mail will not be delivered to this box. It may take several hours for public DNS to update after a change. This problem may result from other issues listed here.


Domain is not blacklisted by dbl.spamhaus.org.

:heavy_multiplication_x:
This domain should resolve to this box’s IP address (A xx.xx.xx.xx) if you would like the box to serve webmail or a website on this domain. The domain currently resolves to [timeout] in public DNS. It may take several hours for public DNS to update after a change. This problem may result from other issues listed here.

:heavy_multiplication_x:
www.xx.xx: This domain should resolve to this box’s IP address (A xx.xx.xx.xx) if you would like the box to serve webmail or a website on this domain. The domain currently resolves to [timeout] in public DNS. It may take several hours for public DNS to update after a change. This problem may result from other issues listed here.

:heavy_multiplication_x:
autoconfig.xx.xx: This domain should resolve to this box’s IP address (A xx.xx.xx.xx) if you would like the box to serve webmail or a website on this domain. The domain currently resolves to [timeout] in public DNS. It may take several hours for public DNS to update after a change. This problem may result from other issues listed here.

:heavy_multiplication_x:
autodiscover.xx.xx: This domain should resolve to this box’s IP address (A xx.xx.xx.xx) if you would like the box to serve webmail or a website on this domain. The domain currently resolves to [timeout] in public DNS. It may take several hours for public DNS to update after a change. This problem may result from other issues listed here.

when I do host domain: communications error to 127.0.0.1#53: timed out

Note this server is not hosted on a VPS as its a VM on at my hosted server at a DC.

any ideas?

Thanks!

2

Is bind running?

service bind status

what is in your /etc/hosts file?

does your box know that its the dns server for that domain/subdomain?

nslookup box.mydomain.com

Does things resolve externally (not on the mailserver vps) if you try the same?

nslookup should work on cmd for windows too.

3

bind doesn’t work but bind9 does:

● named.service - BIND Domain Name Server
     Loaded: loaded (/lib/systemd/system/named.service; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2024-10-11 19:00:44 MDT; 5 days ago
       Docs: man:named(8)
    Process: 57815 ExecStart=/usr/sbin/named $OPTIONS (code=exited, status=0/SUCCESS)
   Main PID: 57816 (named)
      Tasks: 14 (limit: 9394)
     Memory: 28.6M
        CPU: 58.145s
     CGroup: /system.slice/named.service
             └─57816 /usr/sbin/named -u bind -4

Oct 17 07:26:22 mail.xxxx.xx named[57816]: success resolving '190.91.108.193.zen.spamhaus.org/A' after disab>
Oct 17 07:26:22 mail.xxxx.xx named[57816]: success resolving '24.24.204.23.zen.spamhaus.org/A' after disabli>
Oct 17 07:26:22 mail.xxxx.xx named[57816]: success resolving '97.21.204.23.zen.spamhaus.org/A' after disabli>
Oct 17 07:26:22 mail.xxxx.xx named[57816]: success resolving '172.64.154.156.zen.spamhaus.org/A' after disab>
Oct 17 07:26:31 mail.xxxx.xx named[57816]: shut down hung fetch while resolving 'greenhouse.io.dob.sibl.supp>
Oct 17 07:26:31 mail.xxxx.xx named[57816]: shut down hung fetch while resolving 'googleapis.com.dob.sibl.sup>
Oct 17 07:26:31 mail.xxxx.xx named[57816]: shut down hung fetch while resolving 'privacy.com.dob.sibl.suppor>
Oct 17 07:26:33 mail.xxxx.xx named[57816]: shut down hung fetch while resolving 'citicards.com.dob.sibl.supp>
Oct 17 07:26:33 mail.xxxx.xx named[57816]: shut down hung fetch while resolving 'accountonline.com.dob.sibl.>
Oct 17 07:26:33 mail.xxxx.xx named[57816]: shut down hung fetch while resolving 'citibankonline.com.dob.sibl>
lines 1-22/22 (END)

For the hosts file:

127.0.0.1 localhost
127.0.1.1 mail

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

Nslookup on the box itself:

;; communications error to 127.0.0.1#53: timed out
;; Got SERVFAIL reply from 127.0.0.1
Server:         127.0.0.1
Address:        127.0.0.1#53

nslookup on my workstation:

Server:  dns.google
Address:  8.8.8.8

Non-authoritative answer:
Name:    mail.xxxx.xx
Address:  6x.xx.xxx.xxx

Nslookup shows DNS on my workstation but not on the server, emails are coming in but I am worried about the errors.

Thank you for the reply.

4

The shut down hung fetch while resolving entries don’t look normal, check the full log journalctl -xe -u named

Do you by any chance have ipv6 disabled? (no output in ip -6 addr)