Hello,
Today all of my older domains weren't reachable because the zone files were expired. Changing the serials of the zone files solved the problem. Is there a way to disable the expiring of zone files ?
Gretings,
T0mcat
Domains not reachable, zone files expired
- T0mcat
- Closed
- Thread is marked as Resolved.
-
-
You use bind9? And a secondary nameserver?
Afaik the expire means how long to wait for a result. Not the age of the domainrecord. Maybe there is a problem with the nameserver?
-
-
Hello,
I'm using Bind9 and a second nameserver. I never had any problems before upgrading to 1.1.5. Both servers were working for 3 years now (with ispcp and then i.mscp).
-
Pleas post one sample of your zonefiles and anonymize it.
-
-
Thanls ciscllc for your help. Here is my anonymized zone file:
QuoteDisplay More$ORIGIN .
$TTL 10800 ; 3 hours
domain.tld IN SOA ns1.myserver.com. hostmaster.myserver.com. (
2014042500 ; serial
10800 ; refresh (3 hours)
3600 ; retry (1 hour)
1209600 ; expire (2 weeks)
3600 ; minimum (1 hour)
)
NS ns1.myserver.com.
NS ns2.mysecondserver.com.
A 78.x.y.z
MX 10 mail.domain.tld.
TXT "v=spf1 a mx ip4:78.x.y.z ip4:78.x.y.z ~all"
$ORIGIN domain.tld.
ftp CNAME www
imap CNAME mail
localhost A 127.0.0.1
mail A 78.x.y.z
pop CNAME mail
pop3 CNAME mail
relay CNAME mail
smtp CNAME mail
www A 78.x.y.zGreetings,
T0mcat -
Mine looks nearly the same.
And this one is way older than 2 weeks. But at an other Server I have seen a rebuild of the files 2 weeks ago (16 april 2014 as we have the 2nd may today...) Maybe @Nuxwin can tell us what file is doing that (as I have not done that myself)EDIT: 16.04.2014 I made an update! Thats why the files have changed... Sorry
Display MoreCode- $ORIGIN .
- $TTL 10800 ; 3 hours
- domain.de IN SOA ns1.domain.de. postmaster.domain.de. (
- 2014030400 ; serial
- 10800 ; refresh (3 hours)
- 3600 ; retry (1 hour)
- 1209600 ; expire (2 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns1.domain.de.
- A 107.X.Y.Z
- MX 10 mail.domain.de.
- TXT "v=spf1 a mx -all"
- SPF "v=spf1 a mx -all"
- $ORIGIN domain.de.
- mail._domainkey TXT "v=DKIM1\; k=rsa\; p=SomeTeStgoEshere"
- ftp CNAME domain.de.
- imap CNAME mail
- mail A 107.X.Y.Z
- ns1 A 107.X.Y.Z
- pop CNAME mail
- pop3 CNAME mail
- relay CNAME mail
- smtp CNAME mail
- www CNAME domain.de.
Regards
-
-
Is it possible that your first NS is not reachable to the world, as the secondary serves the data only as long as the expire is set if the secondary can not connect to the master dns.
What result do you get if you enter your domain here: http://dnscheck.pingdom.com/ ?
-
Hello ;
All this is managed through the expiry and refresh fields of the SOA record.
If the secondary nameserver is unable to update its zone by contacting the primary DNS server in the interval time as stated by the expiry field, the zone will be considered as expired, meaning that your services (web, smtp..) will become unreachable in few time. In default configuration as provided by iMSCP, the slave zones are refreshed every 3 hours normally. This should avoid the expiry time to be reached. Because the expiry time is reseted on every refresh.
To solve your problem here, you must ensure that your secondary DNS server is able to refresh its zone file by contacting the primary DNS server. If it's not the case, you should provide us the log and open a ticket.
-
-