Custom DNS broken (after update v63?)

Question

Custom DNS broken (after update v63?)

JJWTimmer opened this issue a year ago · comments

Hi,

I had a perfectly working setup some time ago. Now I did an upgrade last weekend, and I added some custom DNS records. But the internet says no about the new records.

blog.jaspertimmer.nl is a CNAME for ghs.google.com, this was already present and still works.
but I need to verify the domain in blogger, so I have to add a CNAME:
3nlfpsjcvp75 is a CNAME for gv-3szxb57mxjaneg.dv.googlehosted.com, which is new and is not even found by the box itself!

It's in the list on the Custom DNS page:

But the box is saying no:

Help is appericiated!

Jasper

Kiru Mondictwtz · Answer 1 · Wed Aug 02 2023 21:32:45 GMT+0800 (China Standard Time)

Do you have a user setup for that subdomain?

Jasper Timmer · Answer 2 · Wed Aug 02 2023 22:45:58 GMT+0800 (China Standard Time)

No I don't, but I see the subdomains in /etc/nsd/zones/jaspertimmer.nl.txt listed, isn't that the file that is served?

Kiru Mondictwtz · Answer 3 · Wed Aug 02 2023 23:22:29 GMT+0800 (China Standard Time)

To make mail-in-a-box happy and to properly serve the dns there needs to be a user for that subdomain.

Jasper Timmer · Answer 4 · Wed Aug 02 2023 23:36:14 GMT+0800 (China Standard Time)

Oh that's shitty. It's custom DNS, nothing to do with email, right? Op wo 2 aug. 2023 17:22 schreef Kiru Mondictwtz ***@***.***>:

…

To make mail-in-a-box happy and to properly serve the dns there needs to be a user for that subdomain. — Reply to this email directly, view it on GitHub <#2290 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAEU2BGEGU5PN6HOMEDL4RLXTJWEBANCNFSM6AAAAAA3AGUV74> . You are receiving this because you authored the thread.Message ID: ***@***.***>

Jasper Timmer · Answer 5 · Wed Aug 02 2023 23:41:01 GMT+0800 (China Standard Time)

Also an alias isn't enough? And should be for subdomain, not for domain?
It worked before, blog.jaspertimmer.nl CNAME exists, but new ones won't 'activate'... is it recent change?

Joshua Tauberer · Answer 6 · Wed Aug 02 2023 23:51:30 GMT+0800 (China Standard Time)

A user or alias on the domain or any parent domain is enough. If /etc/nsd/zones/jaspertimmer.nl.txt is being updated with your DNS changes (i.e. if the CNAME is in the file), that indicates that you have everything set up correctly. If it's not being served, there may be another issue. You could check the nsd logs (/var/log/nsd.log I think) for possible clues.

Jasper Timmer · Answer 7 · Thu Aug 03 2023 00:24:03 GMT+0800 (China Standard Time)

hm, alias doesn't help, and the logfile doesn't exist, only some output from journalctl -u nsd.service.
something is wrong with permissions ons nsd.log and there are errors in a signed file? Wwhat is that?
Should i worry about those 'received notify response error REFUSED'?

Aug 02 18:11:26 box.jt-cloud.nl systemd[1]: Starting Name Server Daemon...
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.401] nsd[4077]: error: Cannot open /var/log/nsd.log for appending (Permission denied), logging to stderr
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.402] nsd[4077]: notice: nsd starting (NSD 4.3.9)
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.440] nsd[4078]: error: jaspertimmer.nl.txt.signed:37: CNAME and other data at the same name
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.443] nsd[4078]: error: jaspertimmer.nl.txt.signed:38: CNAME and other data at the same name
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.443] nsd[4078]: error: jaspertimmer.nl.txt.signed:39: CNAME and other data at the same name
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.444] nsd[4078]: error: jaspertimmer.nl.txt.signed:40: CNAME and other data at the same name
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.444] nsd[4078]: error: jaspertimmer.nl.txt.signed:41: CNAME and other data at the same name
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.444] nsd[4078]: error: jaspertimmer.nl.txt.signed:42: CNAME and other data at the same name
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.445] nsd[4078]: error: jaspertimmer.nl.txt.signed:106: CNAME and other data at the same name
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.445] nsd[4078]: error: jaspertimmer.nl.txt.signed:107: CNAME and other data at the same name
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.446] nsd[4078]: error: jaspertimmer.nl.txt.signed:108: CNAME and other data at the same name
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.446] nsd[4078]: error: jaspertimmer.nl.txt.signed:109: CNAME and other data at the same name
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.447] nsd[4078]: error: jaspertimmer.nl.txt.signed:110: CNAME and other data at the same name
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.447] nsd[4078]: error: jaspertimmer.nl.txt.signed:111: CNAME and other data at the same name
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.447] nsd[4078]: error: jaspertimmer.nl.txt.signed:112: CNAME and other data at the same name
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.448] nsd[4078]: error: jaspertimmer.nl.txt.signed:113: CNAME and other data at the same name
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.448] nsd[4078]: error: jaspertimmer.nl.txt.signed:114: CNAME and other data at the same name
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.448] nsd[4078]: error: jaspertimmer.nl.txt.signed:115: CNAME and other data at the same name
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.449] nsd[4078]: error: zone jaspertimmer.nl file jaspertimmer.nl.txt.signed read with 16 errors
Aug 02 18:11:26 box.jt-cloud.nl nsd[4078]: [2023-08-02 18:11:26.460] nsd[4078]: notice: nsd started (NSD 4.3.9), pid 4077
Aug 02 18:11:26 box.jt-cloud.nl systemd[1]: Started Name Server Daemon.
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.474] nsd[4077]: error: xfrd: zone jaspertimmer.nl: received notify response error REFUSED from 195.135.195.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.475] nsd[4077]: error: xfrd: zone jtechtics.com: received notify response error REFUSED from 2a01:7c8:dddd:195::195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.476] nsd[4077]: error: xfrd: zone jtechtics.nl: received notify response error REFUSED from 195.135.195.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.476] nsd[4077]: error: xfrd: zone y3pp3r.nl: received notify response error REFUSED from 195.135.195.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.477] nsd[4077]: error: xfrd: zone jt-cloud.nl: received notify response error REFUSED from 2a01:7c8:dddd:195::195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.477] nsd[4077]: error: xfrd: zone jspr.dev: received notify response error REFUSED from 195.135.195.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.477] nsd[4077]: error: xfrd: zone jaspertimmer.nl: received notify response error REFUSED from 37.97.199.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.478] nsd[4077]: error: xfrd: zone jtechtics.com: received notify response error REFUSED from 195.135.195.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.478] nsd[4077]: error: xfrd: zone jtechtics.nl: received notify response error REFUSED from 37.97.199.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.479] nsd[4077]: error: xfrd: zone y3pp3r.nl: received notify response error REFUSED from 37.97.199.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.479] nsd[4077]: error: xfrd: zone jt-cloud.nl: received notify response error REFUSED from 195.135.195.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.479] nsd[4077]: error: xfrd: zone jspr.dev: received notify response error REFUSED from 37.97.199.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.480] nsd[4077]: error: xfrd: zone jaspertimmer.nl: received notify response error REFUSED from 195.8.195.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.480] nsd[4077]: error: xfrd: zone jtechtics.com: received notify response error REFUSED from 37.97.199.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.481] nsd[4077]: error: xfrd: zone jtechtics.nl: received notify response error REFUSED from 195.8.195.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.481] nsd[4077]: error: xfrd: zone y3pp3r.nl: received notify response error REFUSED from 195.8.195.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.481] nsd[4077]: error: xfrd: zone jt-cloud.nl: received notify response error REFUSED from 37.97.199.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.482] nsd[4077]: error: xfrd: zone jspr.dev: received notify response error REFUSED from 195.8.195.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.482] nsd[4077]: error: xfrd: zone jaspertimmer.nl: received notify response error REFUSED from 2a01:7c8:dddd:195::195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.482] nsd[4077]: error: xfrd: zone jtechtics.com: received notify response error REFUSED from 195.8.195.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.483] nsd[4077]: error: xfrd: zone jtechtics.nl: received notify response error REFUSED from 2a01:7c8:f:c1f::195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.483] nsd[4077]: error: xfrd: zone y3pp3r.nl: received notify response error REFUSED from 2a01:7c8:dddd:195::195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.483] nsd[4077]: error: xfrd: zone jt-cloud.nl: received notify response error REFUSED from 195.8.195.195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.483] nsd[4077]: error: xfrd: zone jspr.dev: received notify response error REFUSED from 2a01:7c8:dddd:195::195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.483] nsd[4077]: error: xfrd: zone jaspertimmer.nl: received notify response error REFUSED from 2a01:7c8:f:c1f::195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.484] nsd[4077]: error: xfrd: zone jtechtics.com: received notify response error REFUSED from 2a01:7c8:f:c1f::195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.484] nsd[4077]: error: xfrd: zone jtechtics.nl: received notify response error REFUSED from 2a01:7c8:dddd:195::195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.484] nsd[4077]: error: xfrd: zone y3pp3r.nl: received notify response error REFUSED from 2a01:7c8:f:c1f::195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.484] nsd[4077]: error: xfrd: zone jt-cloud.nl: received notify response error REFUSED from 2a01:7c8:f:c1f::195
Aug 02 18:11:26 box.jt-cloud.nl nsd[4077]: [2023-08-02 18:11:26.484] nsd[4077]: error: xfrd: zone jspr.dev: received notify response error REFUSED from 2a01:7c8:f:c1f::195

Joshua Tauberer · Answer 8 · Thu Aug 03 2023 00:27:19 GMT+0800 (China Standard Time)

error: jaspertimmer.nl.txt.signed:41: CNAME and other data at the same name

This is the error. You can't have a CNAME and other records on the same subdomain.

You can look at line 41 of jaspertimmer.nl.txt.signed to see what it's talking about.

Jasper Timmer · Answer 9 · Thu Aug 03 2023 00:37:13 GMT+0800 (China Standard Time)

I removed all new custom records and the alias, and I added the alias first for the subdomain for ownership proof of Blogger.
Then I added the CNAME custom record. Still nothing. What should the right procedure be?

Jasper Timmer · Answer 10 · Thu Aug 03 2023 00:47:53 GMT+0800 (China Standard Time)

so the alias / email records were colliding with the CNAME, removing the email domain aliasses, also for an existing CNAME, fixed the DNS again. Just the CNAME is enough!