I’m having a little trouble with my DNS configuration and would like to ask for your help. I have some basic experience with management panels like aaPanel, DirectAdmin, and other tools, and I’ve never had issues with DNS configurations before.
Currently, I’m trying to set up the DNS so that NS1 points to IP1 and NS2 points to IP2. However, on Registro.br (the Brazilian site for .com.br domain registrations), I’m getting the following error message:
Query refused (ns2.x)
I followed the instructions in this post: Multiple IP on Same DNS - Forum HestiaCP, but even after waiting several hours for propagation, I’m still receiving the same error.
Does anyone have any tips or a solution for this issue? I appreciate any help in advance!
-A InstanceServices -d 169.254.169.254/32 -p udp -m udp --dport 53 -m comment --comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule" -j ACCEPT
-A InstanceServices -d 169.254.169.254/32 -p tcp -m tcp --dport 53 -m comment --comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule" -j ACCEPT
Well, seems your hosting provider doesn’t assign the ips directly so it is some kind of NAT so I don’t know whether both ips are being redirected to your server.
Also, I can’t see the UDP output for lsof command.
Those rules are not added by Hestia but your hosting porovider and if you use the firewall managed by Hestia, you shold have two rules like this:
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
But again, seems your hosting provider is adding the firewall rules so don’t know what is your conf.
Sorry, I don’t know what you mean.
If you share your ips and domain, I could check it from my side. If you don’t want to share them publicly, you can send me a private message.
I have configured NS1 and NS2, but I am encountering an error with NS2, even though both NS1 and NS2 are correctly configured and are using the same IP.
You didn’t say what is the domain you are havin issues with but I’ll assume it is flamhosting.com.br.
I’ve tested to resolve it using the 3 public ips you provided in above post and all os them are resolving with no issues.
$ for i in 164.152.104.214 149.130.208.166 149.130.211.168;do echo "Checking $i";dig @$i flamhosting.com.br ns +noall +ans +add
;echo;done
Checking 164.152.104.214
flamhosting.com.br. 14400 IN NS ns1.flamhosting.com.br.
flamhosting.com.br. 14400 IN NS ns2.flamhosting.com.br.
ns1.flamhosting.com.br. 14400 IN A 164.152.104.214
ns2.flamhosting.com.br. 14400 IN A 149.130.211.168
Checking 149.130.208.166
flamhosting.com.br. 14400 IN NS ns2.flamhosting.com.br.
flamhosting.com.br. 14400 IN NS ns1.flamhosting.com.br.
ns1.flamhosting.com.br. 14400 IN A 164.152.104.214
ns2.flamhosting.com.br. 14400 IN A 149.130.211.168
Checking 149.130.211.168
flamhosting.com.br. 14400 IN NS ns1.flamhosting.com.br.
flamhosting.com.br. 14400 IN NS ns2.flamhosting.com.br.
ns1.flamhosting.com.br. 14400 IN A 164.152.104.214
ns2.flamhosting.com.br. 14400 IN A 149.130.211.168
I’ve also checked all cTLD DNS server for br and all is fine too:
$ for i in a b c d e f;do echo "Checking $i.dns.br";dig @$i.dns.br flamhosting.com.br +noall +auth +add
;echo;done
Checking a.dns.br
flamhosting.com.br. 3600 IN NS ns1.flamhosting.com.br.
flamhosting.com.br. 3600 IN NS ns2.flamhosting.com.br.
ns1.flamhosting.com.br. 3600 IN A 164.152.104.214
ns2.flamhosting.com.br. 3600 IN A 149.130.211.168
Checking b.dns.br
flamhosting.com.br. 3600 IN NS ns1.flamhosting.com.br.
flamhosting.com.br. 3600 IN NS ns2.flamhosting.com.br.
ns2.flamhosting.com.br. 3600 IN A 149.130.211.168
ns1.flamhosting.com.br. 3600 IN A 164.152.104.214
Checking c.dns.br
flamhosting.com.br. 3600 IN NS ns1.flamhosting.com.br.
flamhosting.com.br. 3600 IN NS ns2.flamhosting.com.br.
ns1.flamhosting.com.br. 3600 IN A 164.152.104.214
ns2.flamhosting.com.br. 3600 IN A 149.130.211.168
Checking d.dns.br
flamhosting.com.br. 3600 IN NS ns1.flamhosting.com.br.
flamhosting.com.br. 3600 IN NS ns2.flamhosting.com.br.
ns1.flamhosting.com.br. 3600 IN A 164.152.104.214
ns2.flamhosting.com.br. 3600 IN A 149.130.211.168
Checking e.dns.br
flamhosting.com.br. 3600 IN NS ns1.flamhosting.com.br.
flamhosting.com.br. 3600 IN NS ns2.flamhosting.com.br.
ns2.flamhosting.com.br. 3600 IN A 149.130.211.168
ns1.flamhosting.com.br. 3600 IN A 164.152.104.214
Checking f.dns.br
flamhosting.com.br. 3600 IN NS ns2.flamhosting.com.br.
flamhosting.com.br. 3600 IN NS ns1.flamhosting.com.br.
ns2.flamhosting.com.br. 3600 IN A 149.130.211.168
ns1.flamhosting.com.br. 3600 IN A 164.152.104.214
So I see no problem. If you are using other domain, let me know.
Flamhosting is the main site on the server, but I also have other websites hosted on it. For example, I am trying to point ribeirocavalcante.adv.br to ns1.flamhosting.com.br and ns2.flamhosting.com.br. However, ns2 is not responding, which is causing the domain registrar to reject the changes.
Can you help me troubleshoot why ns2 is not responding for this other domain?
I also tried with freijurandir.com.br, which belongs to a priest from my church whose website I host, and the result is the same.
I am able to create domains with child NS records and manually point them to the provided IPs. However, the ideal situation would be to simply specify ns1.flamhosting.com.br and ns2.flamhosting.com.br when creating the domain on the hosting service, without needing to manually configure the child NS records.
From my side, ns1 and ns2 are working as expected, no problem at all. You should contact the domain provider to know the reason they don’t validate ns2.
I don’t know if they are checking whether those name servers are authoritative for the domain but if that is the reason, ns1 shouldn’t be validated because it is refusing to resolve domain ribeirocoelho.adv.br
Regarding domain freijurandir.com.br it is using ns1.freijurandir.com.br and ns2.freijurandir.com.br and it is working fine but don’t know if you are trying to replace them by ns1.flamhosting.com.br and ns2.flamhosting.com.br
$ dig @b.dns.br freijurandir.com.br +noall +auth +add
freijurandir.com.br. 3600 IN NS ns2.freijurandir.com.br.
freijurandir.com.br. 3600 IN NS ns1.freijurandir.com.br.
ns2.freijurandir.com.br. 3600 IN A 149.130.211.168
ns1.freijurandir.com.br. 3600 IN A 164.152.104.214
