When accesing the Registration server from url in docker logs i am getting Error was : NoRoute

mstegeman · June 15, 2020, 5:30pm

Also, why are those NS records using a different domain? Those should be like “ns1.uk.ms”.

himesh_gupta · June 15, 2020, 5:31pm

when i had done nslookup on uk.ms i got them

mstegeman · June 15, 2020, 5:35pm

You need to configure your domain registrar to not use its own nameservers, and instead use yours.

himesh_gupta · June 15, 2020, 5:39pm

its mandatory because in my domain there are no ns servers

himesh_gupta · June 15, 2020, 5:41pm

why this error:-

registration-server | Jun 15 10:33:49 Could not retrieve security status update for ‘4.1.6-3.Debian’ on ‘auth-4.1.6-3.Debian.security-status.secpoll.powerdns.com.’, RCODE = Non-Existent domain

himesh_gupta · June 15, 2020, 6:05pm

but there name servers are resolved our subdomain then what is the issue Screenshot_20200615_233523

mstegeman · June 15, 2020, 6:38pm

Don’t worry about that error, it’s just an issue with Debian’s packaging of PowerDNS.

mstegeman · June 15, 2020, 6:40pm

Look at the difference in output here, and you can see why you need to configure your NS records properly. The registration server needs to be able to handle resolution for the entire domain, including for the ns* subdomains.

$ dig +short NS mozilla-iot.org
ns2.mozilla-iot.org.
ns1.mozilla-iot.org.

$ dig +short NS uk.ms
ns4.afraid.org.
ns2.afraid.org.
ns3.afraid.org.
ns1.afraid.org.

$ dig ANY api.mozilla-iot.org

; <<>> DiG 9.10.6 <<>> ANY api.mozilla-iot.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31873
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;api.mozilla-iot.org.		IN	ANY

;; ANSWER SECTION:
api.mozilla-iot.org.	35	IN	A	52.25.215.5
api.mozilla-iot.org.	35	IN	NS	ns2.mozilla-iot.org.
api.mozilla-iot.org.	35	IN	NS	ns1.mozilla-iot.org.
api.mozilla-iot.org.	35	IN	SOA	ns1.mozilla-iot.org. dns-admin.mozilla-iot.org. 2018082801 900 900 1209600 60
api.mozilla-iot.org.	35	IN	MX	10 inbound-smtp.us-west-2.amazonaws.com.
api.mozilla-iot.org.	35	IN	CAA	0 issue "letsencrypt.org"

;; ADDITIONAL SECTION:
ns1.mozilla-iot.org.	35	IN	A	52.25.215.5
ns2.mozilla-iot.org.	35	IN	A	18.197.113.199

;; Query time: 379 msec
;; SERVER: 192.168.86.1#53(192.168.86.1)
;; WHEN: Mon Jun 15 10:38:15 AKDT 2020
;; MSG SIZE  rcvd: 480

$ dig ANY api.uk.ms

; <<>> DiG 9.10.6 <<>> ANY api.uk.ms
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOTIMP, id: 60501
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;api.uk.ms.			IN	ANY

;; Query time: 352 msec
;; SERVER: 192.168.86.1#53(192.168.86.1)
;; WHEN: Mon Jun 15 10:38:25 AKDT 2020
;; MSG SIZE  rcvd: 38

himesh_gupta · June 15, 2020, 6:40pm

i tried with one ns server still it is showing that error :was no route.

any problem with aws

mstegeman · June 15, 2020, 6:41pm

Yes, the problem is still that your domain is set up with 4 NS records at the registrar level.

himesh_gupta · June 15, 2020, 6:42pm

ohh that’s great thanks.

now i got it i have configure name server

himesh_gupta · June 17, 2020, 4:41am

I am confused i had setup dns server in different machine with bind and how to access that registration server with api.something.xxx.

I create the api.something.xxx as origin domain in zone configuration.

mstegeman · June 17, 2020, 6:20am

You don’t need to do any of that. The registration server itself serves the DNS records for the whole domain.

himesh_gupta · June 17, 2020, 9:10am

I tried accessing it using http://127.0.0.1:81 getting below error:-

Error:- https://pastebin.com/T5kLLB9m
config.otml:- https://pastebin.com/ng6GtvwS
other-config :- https://pastebin.com/Mh1vidZb

mstegeman · June 17, 2020, 4:40pm

Assuming your domain is still uk.ms…

config.toml:

domain should be:
```
domain = "uk.ms"
```

ns_records should be:

ns_records = [
  [ "ns1.uk.ms", "<IP address of your server>" ],
]

soa_record should be:

soa_record = "ns1.uk.ms hostmaster.uk.ms 1592378223  7200 3600 604800 300"

The geoip sections should look like this:

  [pdns.geoip]
  default = "<IP address of your server>"

    [pdns.geoip.continent]
    # nothing else in this section

pagekite.conf:

authdomain should be:
```
--authdomain=uk.ms
```

docker-compose.yml:

Why are you binding the DNS ports to 543 locally? Those need to be on 53, and should be open to the world (so that DNS resolution actually works).

Additionally:

Externally, you need to open ports 53 (TCP), 53 (UDP), 443 (TCP), and 8443 (TCP) to the world.

himesh_gupta · June 17, 2020, 8:40pm

still getting same error.

help me i have to deploy it for company

mstegeman · June 18, 2020, 7:54pm

Your NS records are still not correct:

$ dig +short NS mozilla-iot.org
ns1.mozilla-iot.org.
ns2.mozilla-iot.org.

$ dig +short NS uk.ms
ns1.afraid.org.
ns4.afraid.org.
ns2.afraid.org.
ns3.afraid.org.

himesh_gupta · June 18, 2020, 8:04pm

Where to create these records??. As you told i made changes in config.otml.

I am using adpar.us domain

mstegeman · June 18, 2020, 8:13pm

$ dig +short NS adpar.us
ns2dqx.name.com.
ns4bty.name.com.
ns3dgj.name.com.
ns1fkl.name.com.

As I’ve told you multiple times, you need to change your domain registrar’s settings to not use its own name servers, but to instead use yours.

himesh_gupta · June 18, 2020, 8:22pm

It will not create any problem right if i remove default name servers from there.

api.adpar.us should point our server.(A record)

ns1.adpar.us should point our server.(NS name server for that domain)