Creating ns1.domain.tld & ns1.domain.tld, not working

ss11111×927 56.3 KB

Screenshots of my setup, anything I missed?
I tried to ping the ns, Ping request could not find host ns1.xxxxxxxxxxxxxx. Please check the name and try again.

I didn’t add my main domain to web list, is it ok?

ss3969×686 39.7 KB

from my registrar

Create the A records for ns1 and ns2 aswell…

I added both on registar and panel

In Hestia but 1 record should be enough …

What is the domain?

cybereverweb.my.id

image1426×81 6.42 KB

Just wait …

I checked it before using dns tool, it’s been 18 hours

It should be working fine now …

At least here it resolved to your server ip…

I tried the ns on my other domain, Chrome showed cant find server

jaapmarcus@Jaaps-MacBook-Air hestiacp % ping ns1.cybereverweb.my.id

PING ns1.cybereverweb.my.id (213.35.110.37): 56 data bytes

Currently the ns servers used by your domain belong to mysrx.tld

$ whois cybereverweb.my.id | grep -i 'name server:'
Name Server: ns1.mysrsx.com
Name Server: ns1.mysrsx.net
Name Server: ns2.mysrsx.com
Name Server: ns2.mysrsx.net

Or it would take more time to be updated or something went wrong changing the ns servers on your registrar’s panel.

so far still doesn’t work
I tried to use the nameserver for my other donain with no success

it’s just how my registrar configure the dns, they need to point it to their ns so I can use custom dns management

image1453×297 14.9 KB

I checked the ns lookup and it showed this, it’s parent domain

so far still not resolving, any idea what’s wrong?

Your dns conf is pretty strange but what i can say is that your server doesn’t answer to dns requests on port 53 for UDP protocol but it does for TCP protocol:

$ dig @213.35.110.37 cybereverweb.my.id ns +short
;; communications error to 213.35.110.37#53: timed out
;; communications error to 213.35.110.37#53: timed out
;; communications error to 213.35.110.37#53: timed out

; <<>> DiG 9.18.19-1~deb12u1-Debian <<>> @213.35.110.37 cybereverweb.my.id ns +short
; (1 server found)
;; global options: +cmd
;; no servers could be reached

$ dig @213.35.110.37 cybereverweb.my.id ns +tcp +short
ns1.cybereverweb.my.id.
ns2.cybereverweb.my.id.

You should open port 53 for UDP too.

Isn’t the protocol will be automatically changed to TCP whenever UDP fails?

Btw, I opened UDP port and still no access (server not found)

No. the protocol will change to TCP if the UDP response is too large that can’t be managed in a single UDP packet but a connection to UDP is needed. It would work if the client starts the connection using TCP but it is not the way it works, dns queries use UDP by default for a reason, performance (it must be as fast as possible).

You said to me that your registrar told to you that all is ok in their side but I can’t see how they are delegating the dns resolution to your server.

whois shows that your domain is using mysrsx ns servers:

$ whois cybereverweb.my.id | grep 'Name Server'
Name Server: ns1.mysrsx.com
Name Server: ns1.mysrsx.net
Name Server: ns2.mysrsx.com
Name Server: ns2.mysrsx.net

But if you perform a dns trace, they are not delegating the dns resolution to your Hestia Server:

$ dig cybereverweb.my.id ns +trace -4 +nodnssec

; <<>> DiG 9.18.19-1~deb12u1-Debian <<>> cybereverweb.my.id ns +trace -4 +nodnssec
;; global options: +cmd
.                       28331   IN      NS      h.root-servers.net.
.                       28331   IN      NS      d.root-servers.net.
.                       28331   IN      NS      g.root-servers.net.
.                       28331   IN      NS      b.root-servers.net.
.                       28331   IN      NS      a.root-servers.net.
.                       28331   IN      NS      k.root-servers.net.
.                       28331   IN      NS      e.root-servers.net.
.                       28331   IN      NS      i.root-servers.net.
.                       28331   IN      NS      j.root-servers.net.
.                       28331   IN      NS      l.root-servers.net.
.                       28331   IN      NS      m.root-servers.net.
.                       28331   IN      NS      f.root-servers.net.
.                       28331   IN      NS      c.root-servers.net.
;; Received 239 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms

id.                     172800  IN      NS      b.dns.id.
id.                     172800  IN      NS      c.dns.id.
id.                     172800  IN      NS      d.dns.id.
id.                     172800  IN      NS      e.dns.id.
id.                     172800  IN      NS      ns4.apnic.net.
;; Received 362 bytes from 192.5.5.241#53(f.root-servers.net) in 3 ms

cybereverweb.my.id.     3600    IN      NS      ns1.mysrsx.net.
cybereverweb.my.id.     3600    IN      NS      ns1.mysrsx.com.
cybereverweb.my.id.     3600    IN      NS      ns2.mysrsx.net.
cybereverweb.my.id.     3600    IN      NS      ns2.mysrsx.com.
;; Received 167 bytes from 103.19.179.179#53(b.dns.id) in 223 ms

cybereverweb.my.id.     86400   IN      NS      ns1.mysrsx.com.
cybereverweb.my.id.     86400   IN      NS      ns4.mysrsx.org.
cybereverweb.my.id.     86400   IN      NS      ns2.mysrsx.net.
cybereverweb.my.id.     86400   IN      NS      ns3.mysrsx.biz.
;; Received 187 bytes from 188.226.161.195#53(ns2.mysrsx.com) in 19 ms

How a client will reach your dns server is they don’t delegate it?

Also, this is not related to the main issue but you removed ns2 from your dns server and even if it points to the same ip, you should have 2 ns records.

$ dig @213.35.110.37 cybereverweb.my.id ns +short
ns1.cybereverweb.my.id.