Hello, I’m new at this. I have a vps and I have created some custom name servers (dns) since outside of my server there is a domain that needs those name servers to point to the vps.
I created them two days ago but when I use the tool https://mxtoolbox.com/ I check them and they don’t point to my IP… it’s as if they don’t exist, does anyone have an idea?
So, your domain right now is using 4 NS records;
$ dig aztecahonduras.com +trace -4 +nodo
[...]
aztecahonduras.com. 172800 IN NS ns3.aztecaservicios.mx.
aztecahonduras.com. 172800 IN NS ns4.aztecaservicios.mx.
aztecahonduras.com. 172800 IN NS ns1.f5clouddns.com.
aztecahonduras.com. 172800 IN NS ns2.f5clouddns.com.
;; Received 236 bytes from 192.52.178.30#53(k.gtld-servers.net) in 35 ms
;; Received 47 bytes from 107.162.176.221#53(ns2.f5clouddns.com) in 43 ms
And none of those dns server are able to resolve the domain, all are refusing the queries:
$ dig @ns2.f5clouddns.com aztecahonduras.com | grep status
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 22530
$ dig @ns3.aztecaservicios.mx aztecahonduras.com | grep status
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 43353
$ dig @ns1.f5clouddns.com aztecahonduras.com | grep status
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 40957
$ dig @ns4.aztecaservicios.mx aztecahonduras.com | grep status
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 2792
Could you please explain in detail how are you trying to configure the dns servers and records for your domain and what are the right ns servers that should resolve your domain?
Hi, thanks for your response.
Of course, in fact I have my vps on hostinger, they give a tutorial to create DNS and I attach it here.
Just that step by step expressed there is what I do to create the dns. I have done it with method 2
I have done the step by step according to the tutorial and the result has appeared correctly as it appears there, could it be that when creating a dns like hestiacp it has to be done differently? sorry my bad inglish!!!
You added these dns servers to your control panel in Hostinger:
ns3.aztecaservicios.mx
ns4.aztecaservicios.mx
ns1.f5clouddns.com
ns2.f5clouddns.com
And those nameservers are pointing to 4 different ips
❯ dig ns3.aztecaservicios.mx +short
200.38.113.11
❯ dig ns4.aztecaservicios.mx +short
200.38.112.4
❯ dig ns1.f5clouddns.com +short
107.162.234.197
❯ dig ns2.f5clouddns.com +short
107.162.176.221
Are you sure those ips point to your Hestia server?
Also, if you are using Hestia you shouldn’t follow the tutorial to edit manually bind zones.
Maybe you should use Method 1, it could be easier to you.
Hello, I did not add those DNS, the person who owns the domain changed (domain to which I do not have access) the DNS in the early morning to test if the error was due to my DNS and registered those that do work.
So your recommendation is not to register DNS that way. What would be the way to use the Hestia panel?
So, you don’t own the domain aztecahonduras.com but you want to resolve the domain using Hestia Control Panel. If you only have 1 Hestia server you will need at least two ns records like ns1.example.com and ns2.example.com and both must have an A record pointing to the ip of your Hestia server.
Do you already have the ns records you want to use from any other domain you are using?
Or, do you want to use ns1.aztecahonduras.com and ns2.aztecahonduras.com as ns records for domain aztecahonduras.com? Because if that is the case, you must add glue records on the domain registrar for those ns records pointing to your Hestia server ip.
And of course, you should create the domain and dns zone for aztecahonduras.com in Hestia.
ok, just the last two points is what I did.
Through the hostinger tutorial for VPS I created those dns ns1.aztecahonduras.com and ns2.aztecahonduras.com, in fact I created up to ns4, the issue is that there I also had the records that you mention. but I don’t understand the term “glue records”
Maybe that is what is failing and that is why my DNS is wrong, it is a step that I have skipped.
Do you have any way to tell me where I can find for this specific case, such as how to create custom DNS (with HESTIA) so that an external domain can point to my vps? thanks for your patience bro
What I understand is that I must create all this from the HESTIA panel and not as hostinger tells me, is that correct?
Yes forgot editing zones manually, just use Hestia, add the domain and when adding the web domain select the option DNS Support and maybe also Mail Support.
Once done, go to DNS section and check that your ns records are the right ones and that you have the right A records for those ns records. Something like this:
If the ns records are not the right ones, add first the ns1 and ns2 A records pointing to your server ip and after that modify the NS records to point to ns1.aztecahonduras.com and ns2.aztecahonduras.com.
Once done, talk to your client and tell them that they must talk to their domain registrar (in this case seems it is Network Solutions) and they must add glue records for the domain (if they don’t know how to do that, they should ask to Network Solutions support) and they must add these ns records: ns1.aztecahonduras.com and ns2.aztecahonduras.com pointing both of them to your Hestia server ip (in my example I used 203.0.113.1)
Once done, your Hestia server should be able to resolve dns queries for the domain.
Thank you very much, I have a question here, I added the domain in HestiaCP and this appears in the DNS, I should also add the ns
It won’t let me send you multiple images at the same time. In the next image I will send what exists within that domain.
Now, what I understand is that after creating the domain, I check the records in the newly created DNS.
I must later create this
ns1.aztecahonduras.com
ns2.aztecahonduras. com
ns3.aztecahonduras .com
ns4.aztecahonduras. com
and verify the records that match the ones you just sent me (obviously changing the IP and ensuring that the values are the newly created DNS)
I think thanks to your image I could see what was wrong before. One last question… should I create the new name servers with the default template or the ns-child?
No, you don’t need to add a new DNS Zone with the nsX domains.
Just go to the dns zone you already created and you shown in the screenshot and add the A records for the nsX subdomains and after that, modify the existing NS records or delete them and add the new NS records.
Also, there is no need to use 4 nsX subdomains, use only 2, indeed there is no sense to create more than 2 (it is the minimum required) because all of them will point to only 1 server.
ok, then this would be like this, In the DNS that has been created for me I have already added the necessary records.
I should wait about 24 hours, right? Thank you very much for your help and for your patience, blessings
Yes, those records look ok but:
1.- If I try to query your server it doesn’t show the right data for some records like txt for @ and _dmarc or webmail. Also, the ttl used by the records is 10800 instead of 14400.
So I suppose the issue is because you created the zone previously using the hostinger doc and you didn’t remove it. If that is the case, you should remove the zone data you added manually to /etc/bind/named.conf.local and restart bind.
2.- Change for .com domains are really quick, usually in a couple of minutes they are updated. Are you sure the domain registrar (Network Solutions) added the right nameservers pointing to your ip?
$ dig @a.gtld-servers.net aztecahonduras.com ns
[...]
;; AUTHORITY SECTION:
aztecahonduras.com. 172800 IN NS ns4.aztecaservicios.mx.
aztecahonduras.com. 172800 IN NS ns3.aztecaservicios.mx.
aztecahonduras.com. 172800 IN NS ns1.f5clouddns.com.
aztecahonduras.com. 172800 IN NS ns2.f5clouddns.com.
;; ADDITIONAL SECTION:
ns1.f5clouddns.com. 172800 IN A 107.162.234.197
ns1.f5clouddns.com. 172800 IN AAAA 2604:e180:1071::3:1
ns2.f5clouddns.com. 172800 IN A 107.162.176.221
ns2.f5clouddns.com. 172800 IN AAAA 2604:e180:1071::ffff:6ba2:b0dd
;; Query time: 27 msec
;; SERVER: 192.5.6.30#53(a.gtld-servers.net) (UDP)
;; WHEN: Fri Mar 15 23:44:32 CET 2024
;; MSG SIZE rcvd: 236
Hello, thank you again for your observations.
I have had to reinstall the vps as it has caused me a tremendous headache.
I will send you a screenshot of how it is now and when you can, you could review or tell me which program you use to see the errors that my DNS has.
Greetings and thank you very much again
I checked it again and now it’s working fine 
To check it I just execute a few queries to your server using dig commands like:
$ dig @89.116.49.244 aztecahonduras.com txt +short
"v=spf1 a mx ip4:89.116.49.244 -all"
$ dig @89.116.49.244 _dmarc.aztecahonduras.com txt +short
"v=DMARC1; p=quarantine; pct=100"
$ dig @89.116.49.244 aztecahonduras.com ns +short
ns1.aztecahonduras.com.
ns2.aztecahonduras.com.
$ dig @89.116.49.244 webmail.aztecahonduras.com +short
89.116.49.244
To view the name servers defined in the domain registrar just use whois command:
$ whois aztecahonduras.com | grep '\sName Server'
Name Server: NS1.F5CLOUDDNS.COM
Name Server: NS2.F5CLOUDDNS.COM
Name Server: NS3.AZTECASERVICIOS.MX
Name Server: NS4.AZTECASERVICIOS.MX
Also you can use dig to check if dns servers for top level domain have added the new ns records to their zones:
$ dig aztecahonduras.com ns +trace -4 +nodo
; <<>> DiG 9.18.24-1-Debian <<>> aztecahonduras.com ns +trace -4 +nodo
;; global options: +cmd
. 61695 IN NS j.root-servers.net.
. 61695 IN NS h.root-servers.net.
. 61695 IN NS b.root-servers.net.
. 61695 IN NS i.root-servers.net.
. 61695 IN NS d.root-servers.net.
. 61695 IN NS e.root-servers.net.
. 61695 IN NS g.root-servers.net.
. 61695 IN NS a.root-servers.net.
. 61695 IN NS k.root-servers.net.
. 61695 IN NS m.root-servers.net.
. 61695 IN NS f.root-servers.net.
. 61695 IN NS c.root-servers.net.
. 61695 IN NS l.root-servers.net.
;; Received 239 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
;; Received 843 bytes from 170.247.170.2#53(b.root-servers.net) in 23 ms
aztecahonduras.com. 172800 IN NS ns4.aztecaservicios.mx.
aztecahonduras.com. 172800 IN NS ns3.aztecaservicios.mx.
aztecahonduras.com. 172800 IN NS ns1.f5clouddns.com.
aztecahonduras.com. 172800 IN NS ns2.f5clouddns.com.
;; Received 236 bytes from 192.31.80.30#53(d.gtld-servers.net) in 19 ms
;; Received 47 bytes from 107.162.176.221#53(ns2.f5clouddns.com) in 7 ms
