Posts by kess

  • What is your preferred method to setup your local resolver?

    @Nuxwin,
    sorry for late reply.


    To answer your questions:
    - Every DNS Server is configured as local resolver for himself only
    - I'm queringg my DNS Server from outside networks, to resolve names/services configured on that specific DNS server (not as forwarder)


    Another question: If I don't configure forwarders in the named .conf.options, and if my servers are configured to use 127.0.0.1 to resolve names, how can bind9 know where to forward queries of non locally managed records ?
    Does it use root hints ? (because I don't want to use them)...


    But anyway, if I remove the forwarders instruction, my servers can't resolve external names...

  • What is your preferred method to setup your local resolver?

    In fact without that listener my bind 9 resolves perfectly DNS queries, but only for local domains or records directly inserted in the local database. I've built that listener (starting from one of yours) because my DNS wasn't able to resolve external names like google.com or security.debian.org or every other external domain.


    I must say that these are not fresh debian installations. I've started time ago with ispcp on lenny, then it became i-MSCP in squeeze, then wheezy and now jessie. So perhaps something strange during upgrades and/or server moves and now on VMware has happened.


    But the fact (in my specific situations) is that if I don't configure forwarders for bind9, external names are not resolved.


    If you'd like to investigate more, it's not a problem for me, just tell me which additional informations you need :-)

  • What is your preferred method to setup your local resolver?

    Personally i use the standard way provided by i-MSCP setup to use my local resolver. The resolv.conf file is static for me, the entries are managed by i-MSCP.
    I just use a listener in order to modify the DNS forwarders in /etc/bind/named.conf.options as shown below:


    Perl
    1. #!/usr/bin/perl=head1 NAME Listener::Bind9::Forwarders=cut# i-MSCP - internet Multi Server Control Panel# Copyright (C) 2013-2014 by Laurent Declercq## This program is free software; you can redistribute it and/or# modify it under the terms of the GNU General Public License# as published by the Free Software Foundation; either version 2# of the License, or (at your option) any later version.## This program is distributed in the hope that it will be useful,# but WITHOUT ANY WARRANTY; without even the implied warranty of# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the# GNU General Public License for more details.## You should have received a copy of the GNU General Public License# along with this program; if not, write to the Free Software# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.## @category i-MSCP# @copyright 2013-2014 by Laurent Declercq# @author Laurent Declercq <[email protected]># @link http://i-mscp.net i-MSCP Home Site# @license http://www.gnu.org/licenses/gpl-2.0.html GPL v2package Listener::Bind9::Forwarders;use iMSCP::EventManager;use iMSCP::TemplateParser;=head1 DESCRIPTION Hook file which lets you configure your own Nameserver forwarders. Hook file compatible with i-MSCP >= 1.1.0=head1 PUBLIC METHODS=over 4=item addBind9Forwarders Add Nameserver Forwarders. Return int 0=cutsub addBind9Forwarders{ my ($cfgTpl, $tplName) = @_; if($tplName eq 'named.conf.options') { # Insert here your comma separated DNS Forwarders my $myForwarders = "1.2.3.4,5.6.7.8"; # END DNS Forwarders my @forwardersvalues = split(',', $myForwarders); $mysplitForwarders = ""; foreach my $forwarder (@forwardersvalues) { $mysplitForwarders = $mysplitForwarders . " " . $forwarder . ";\n"; } $$cfgTpl = replaceBloc( " // forwarders {\n // 0.0.0.0;\n", " // };\n", " forwarders {" . getBloc( " // forwarders {\n // 0.0.0.0;", " // };\n", $$cfgTpl ) . $mysplitForwarders . " };\n", $$cfgTpl ); } 0;}iMSCP::EventManager->getInstance()->register('afterNamedBuildConf', \&addBind9Forwarders);=back=head1 AUTHOR Laurent Declercq <[email protected]>=cut1;

    File /etc/resolv.conf:

    Code
    1. # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
    2. # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
    3. nameserver 127.0.0.1
    4. search xxxyyyzzz.com

  • Another problem upgrade 1.1.17 to 1.3.0

    Code
    1. mysql -u root -p<type your mysql root password here>use imscp;update plugin set plugin_status='disabled';

    Then:

    Code
    1. perl imscp-autoinstall -d


    Then open your panel, update all your plugins with the latest version, configure them again and the enable your new plugins.

  • OpenDKIM Services Restart

    Hello guys,
    as written in the other post, today I installed the last version on OpenDKIM plugin.


    I'm using i-MSCP 1.3.0 on Debian 8 x 64 with php-fpm, proftpd, and OpenDKIM plugin is 1.1.1


    In order to make OpenDKIM work correctly, after each domain activation (as reseller) I need to restart postfix and opendkim services.
    If I don't restart both services after activating OpenDKIM for a specific domain, the e-mails are going out but without signature.


    In the plugin log I can just find:

    Code
    1. [Fri Aug 12 13:20:26 2016] [debug] Modules::Plugin::_call: Calling run() method on Plugin::OpenDKIM


    If you need any further informations, please feel free to ask.
    Thank you, bye Kess.

  • OpenDKIM DNS record

    Hello guys,
    I installed today the OpenDKIM plugin and everything seems to work more or less correctly.


    Just a cosmetic issue with DNS record that is created.
    Generally when I create a custom resource record and I type for example _dmarc, i-MSCP creates automatically something like _dmarc.domain.tld. (in the name column I mean)
    The record created by OpenDKIM remains just mail._domainkey (without the ending dot)


    It works, but just for you to know.


    I'm using i-MSCP 1.3.0 on Debian 8 x 64 with php-fpm, proftpd, and OpenDKIM plugin is 1.1.1


    Thank you, bye Kess