# dig +trace SERVER-BUSINESS.RU
...
SERVER-BUSINESS.ru. 345600 IN NS oxygen.ns.hetzner.com.
SERVER-BUSINESS.ru. 345600 IN NS hydrogen.ns.hetzner.com.
SERVER-BUSINESS.ru. 345600 IN NS helium.ns.hetzner.de.
;; Received 644 bytes from 194.190.124.17#53(d.dns.ripn.net) in 72 ms
...
SERVER-BUSINESS.RU. 3600 IN A 135.181.20.85
SERVER-BUSINESS.RU. 3600 IN NS robotns3.second-ns.com.
SERVER-BUSINESS.RU. 3600 IN NS robotns2.second-ns.de.
SERVER-BUSINESS.RU. 3600 IN NS oxygen.ns.hetzner.com.
SERVER-BUSINESS.RU. 3600 IN NS ns2.SERVER-BUSINESS.RU.
SERVER-BUSINESS.RU. 3600 IN NS helium.ns.hetzner.de.
SERVER-BUSINESS.RU. 3600 IN NS hydrogen.ns.hetzner.com.
SERVER-BUSINESS.RU. 3600 IN NS ns1.first-ns.de.
SERVER-BUSINESS.RU. 3600 IN NS ns1.SERVER-BUSINESS.RU.
;; Received 316 bytes from 193.47.99.5#53(helium.ns.hetzner.de) in 77 msТо есть, на родительском NS-сервере указаны только три NS-сервера, а на основном NS-сервере их указано восемь. А эти списки должны совпадать.
exim, почта
0
1
Добрый день!!
есть у меня сайт centr-sushi.ru. крутится все на VDS на firstvds.ru
Настроил почту. проверяю на https://mxtoolbox.com
пишет Primary Name Server Not Listed At Parent. Как решить эту проблему ??
Прикладываю скрин с настройками домена
https://yadi.sk/d/SBY5l4pIsiciv
P.s Проблема в том что письма с моего домена на gmail.com идут в спам, вот из за этого весь сыр бор
- Ссылка
на картинке в SOA запись не соответствует реали
dig @ns1.firstvds.ru. centr-sushi.ru soa
centr-sushi.ru. 3600 IN SOA firstvds_ru. tech.firstvds.ru. 2016062100 10800 3600 604800 86400
firstvds_ru. — это по-твоему имя NS сервера ?
если бы там было ns1.firstvds.ru или ns2.firstvds.ru — все было бы нормально.
vel ★★★★★
(22.06.16 21:13:20 MSK)
- Показать ответ
- Ссылка
Ответ на:
комментарий
от vel 22.06.16 21:13:20 MSK
Я немного не догоняю, В чем может быть причина точто SOA запись может не соотыествовать реали. Ns сервера я проверил .. все записи вродебы в норме.
/etc/bind/centr-sushi.ru
$TTL 3600
centr-sushi.ru. IN SOA centr-sushi.ru. admin.centr-sushi.ru. (2016062029 10800 3600 604800 86400)
centr-sushi.ru. IN NS ns1.firstvds.ru.
centr-sushi.ru. IN NS ns2.firstvds.ru.
centr-sushi.ru. IN MX 10 mail
centr-sushi.ru. IN MX 20 mail
centr-sushi.ru. IN A 83.220.171.226
www IN A 83.220.171.226
ftp IN A 83.220.171.226
mail 3600 IN A 83.220.171.226
pop 3600 IN A 83.220.171.226
smtp 3600 IN A 83.220.171.226
centr-sushi.ru. 3600 IN TXT "v=spf1 ip4:83.220.171.226 a mx ~all"
dkim._domainkey 3600 IN TXT "v=DKIM1; k=rsa; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfACTt1Y8OCuLdyIVZob8CLqLsrwBTSvuWjRe+aoKSW+hfrQuOR0uHg+P78iaJlTET0j9DD19aNNv8v7pOKRnnDvUq2I1cq4Fjd3wjQnPi16HXEtg6BW3RUrX0USx6KQEXtgODqWF7TpMOeDMzGtZJRKs2LMvlZtYHwvHJ27cG7wIDAQAB"
_dmarc 3600 IN TXT "v=DMARC1; p=none; sp=none; rua=mailto:admin@centr-sushi.ru"
Fast126
(23.06.16 08:34:13 MSK)
- Показать ответ
- Ссылка
Ответ на:
комментарий
от Fast126 23.06.16 08:34:13 MSK
Ответ на:
комментарий
от Fast126 23.06.16 08:35:26 MSK
Все я кажется понял.. У меня просто данные не передаются DNS менеджер.
Пишет Поле » имеет недопустимое значение. Только что это за поле не понятно
Fast126
(23.06.16 10:48:54 MSK)
- Ссылка
Ответ на:
комментарий
от Fast126 23.06.16 08:35:26 MSK
В твоем файле такая же ошибка — основной dns сервер (centr-sushi.ru.) указанный в записи SOA отсутствует в списке dns-серверов.
А строки
centr-sushi.ru. IN NS centr-sushi.ru. нет
vel ★★★★★
(23.06.16 10:56:18 MSK)
- Показать ответ
- Ссылка
Ответ на:
комментарий
от vel 23.06.16 10:56:18 MSK
Так Все исправил. Спасибо.. Еще маленький вопрос ..
На том же сайте выдает мне предупреждение:
Reverse DNS is not a valid Hostname
насколько я понял это запись ptr. Но она у меня вроде верна..
Fast126
(23.06.16 15:44:22 MSK)
- Показать ответ
- Ссылка
Ответ на:
комментарий
от Fast126 23.06.16 15:44:22 MSK
Это для почтовика?
Ну у тебя mail.centr-sushi.ru. -> 83.220.171.226
а 83.220.171.226 -> centr-sushi.ru. -> 83.220.171.226
Есть такая проблема, гуглить «multiple ptr records for one ip»
Обратный dns сейчас востребован в первую очередь в smtp.
vel ★★★★★
(23.06.16 16:01:11 MSK)
- Показать ответ
- Ссылка
Ответ на:
комментарий
от vel 23.06.16 16:01:11 MSK
Да для почтовика.. Просто gmail кидает письма с моего домена в спам.. Вот и вникаю в суть вопроса..
Еще этот ISP manager многое не дает отредактировать, приходится вручную
Fast126
(23.06.16 17:37:25 MSK)
- Ссылка
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.
Похожие темы
-
Форум
Name server (2000) -
Форум
FTP-server LIST (2004) -
Форум
parent squid for isa server (2007) -
Форум
WARNING **: AT-SPI: Could not obtain desktop path or name (2017) -
Форум
Конфликт vpn server и vpn клиента на mikrotik (2016)
-
Форум
stay at home server (2008) -
Форум
access control list server (2012) -
Новости
«Securing your name servers» (1999) -
Форум
python, NameError: global name NAME is not defined (2018) -
Форум
does not name a type… (2013)
Which IP Addresses do your monitoring servers use?
In order to minimize false positives due to connection problems by our monitoring services we ask that you please whitelist these IP ranges on your firewall or network security systems:
- US-EAST-1A: 44.194.168.193/32
- US-EAST-1B: 52.55.244.91/32
- US-EAST-1C: 18.205.72.90/32
- US-EAST-1D: 18.209.86.113/32
Where can I find more information about an alert or error?
You can see details about different warnings and errors from our tools on the Problem Details page.
How do I delete a monitor from the dashboard?
To delete a monitor from the dashboard, follow these steps:
-Click on the card of the monitor you want to remove.
-Once the information populates on the right-hand side of the dashboard, do the following:
1. Click on Edit
2. Click on Delete Monitor
3. Click on Confirm Delete
How do I add tools to My Favorites?
To add lookup tools to My Favorites, please follow these steps:
1. Select the dropdown arrow from the SuperTool lookup.
2. From here, you can select Email, Network, Website, DNS, or All Tools.
3. In each tab, there is an icon that shows “Drag to Favorites+”.
4. Select the tool you want to add and drag it into the “Drag to Favorites” box.
5. Once you have added your first tool to “My Favorites”, a new “My Favorites” tab will appear on the SuperTool menu.
Where can I find more information about an alert or error?
You can see details about different warnings and errors from our tools on the DNS Problem Details page.
I have an error for Primary Name Server Not Listed at Parent. What does that mean?
We recommend that you contact your Domain’s Registrar to update the name servers on record to include the server that is not listed at the Root Servers.
————————————
About DNS Primary Server Listed at Parent
Your Primary Name Server was not on the list of name servers given to us by the root.
If your name server is not listed at the root, it could cause impaired/incorrect lookups for your domain.
Additional Information
The Primary Name Server is the name server declared in your SOA file and is usually the name server that reads your records from zone files and is responsible for distributing that data to your secondary name servers. This problem is present when this primary name server is not included in the parent referrals and is almost always accompanied by a Local Parent Mismatch problem.
RFC 1035:
Here a primary name server acquires information about one or more zones by reading master files from its local file system, and answers queries about those zones that arrive from foreign resolvers. [RFC 1035]
DNS Propagation Check
If your Primary Name Server is not listed at your Parent or is not responding, then our DNS Propagation test tool will not operate properly. You will most likely also be experiencing other real-world problems with DNS queries for your domain. Users with Basic or Pro accounts can contact our Support Team for assistance with understanding any DNS warnings or errors with specific information about your domain. If you are still a free user, upgrading your account will give you access to support, as well as many other benefits.
Have a great day!
What does «DNS Change Alerts Due to TTL Changes» mean?
If you receive a DNS change alert from MxToolbox because of TTL changes, no need to panic. These incidents are typically caused by issues at your DNS hosting provider.
DNS TTL (time to live) is a setting that tells your DNS resolver how long to cache a query before requesting a new query. The gathered information is then stored in the cache of the recursive or local resolver for the TTL before it collects new, updated details.
For example, if your DNS TTL is set to 3,600 seconds (60 minutes), the DNS resolver will have to regather the details of a website (mxtoolbox.com) every hour. If 100 users visit our site during that time, they will all see the same visual until the resolvers update their TTL.
The TTL acts as a stopwatch for how long to keep a DNS record because it represents the time each step takes for DNS to cache a record. Recorded in seconds, using the best TTL time for your situation is key to your site’s overall responsiveness.
MxToolbox often sees warning signs of issues and outages at DNS providers. Nearly every case is a problem with the specific DNS provider. For example, this outage occurred on May 5th, 2021, and affected customers’ domain DNS servers: DNS outage.
To check the propagation of DNS records across your servers and see the selected TTLs, use our DNS Propagation Tool.
Why am I receiving down alerts for Mailflow?
If you are receiving alerts for your Mailflow monitor and you are still able to send and receive email, chances are we did not receive a test message back to our system.
Click on the monitor and let it populate in the right window of the page. Under the graph you will see Outages | History | Pings | Edit > Click on Pings.
There are two (2) different results under the Pings table.
- A message with a Green Check is a successful message returned to us. You can click on the details link and it will provide you the full headers and more information about the test message.
- A message with a Red X on it is a failed message. If you click on Error, this will show you the test message’s subject.
If the message is failing:
- Use the message subject to check that it is not being filtering by an inbound appliance or spam software.
- Use the message subject to check your outbound SMTP logs to see if the message is leaving your gateway.
What does «Warning — Masked External Banner (Reverse DNS Failing)» mean?
When using the SMTP Diag tool, you see the banner you are displaying publicly is masked by asterisks:
Trying 1.2.3.4…
Connected to smtp.example.com.
220 *********************************************
The reverse check takes the banner and the PTR record for the IP address and sees if the domain is listed. Since all we get publicly is the asterisks, the comparison fails and you get the warning.
Many administrators choose to mask their banner in hopes that by not giving an attacker a domain name, they might avoid something like a directory harvest attack. If you are using a single IP address for inbound and outbound, then you need your domain in your PTR records for your outbound, so it should also be in your banner. However, this is personal preference, and nobody should deny sending or receiving mail from your server just because your banner does not contain your domain.
What does «Reverse DNS does not match your SMTP Banner» mean?
The reverse IP address name (PTR) is not contained in the server HELO or EHLO banner. In the example below, the string «someotherdomain.com» is not found anywhere in the server banner, which is reporting «example.com». This is only a warning, and in some cases you might not have control over it.
Example of incorrectly matching pair:
220 mx.example.com StrongMail SMTP Service at Wed, 09 Sep 2009 17:00:01 -0700
Not an Open Relay.
0 seconds – Good on Connection time
0.156 seconds – Good on Transaction time
OK – 1.2.3.4 resolves to mail.someotherdomain.com
Best practice would have 1.2.3.4 resolve to mx.example.com
Some mail servers look for this and use it to mark messages you send as questionable. Most mail systems will not reject your messages outright, but this might affect your spam score, increasing the likelihood that your messages will be marked as spam. We recommend that you contact your ISP and ask them to set up a reverse record (PTR) that matches the hostname of your mail server.
What does «Reverse DNS FAILED! This is a problem» mean?
When a sending server makes a connection to the recipient server, the recipient server notes the sending IP address and performs a reverse lookup. This is done by sending a DNS query, which returns a Fully Qualified Domain Name (FQDN) registered for that IP address. If the sending SMTP address matches the domain, then it is much more likely that the message is legitimate and, therefore, will be passed on to the recipient. If the IP address does not match, it is much more likely that the sending address was spoofed and, therefore, much more likely that it is unwanted and could be considered spam.
A Fully Qualified Domain Name (FQDN) is associated to an IP with a valid PTR record. You want the domain name portion of the FQDN to match the domain of your email address (e.g., If your sending addresses follow the convention of name@mydomain.com, your PTR record should contain something like mailserver.mydomain.com). Only the organization that controls and owns the IP can set a PTR record. PTR record queries are sent to the owner of the IP address, which is the ISP, unlike other DNS queries which are sent to the DNS server of whoever owns the domain. For this reason, setting a PTR record on your own DNS servers is essentially useless since no one is asking your servers.
To make any changes to your rDNS, you will need to contact your ISP. Or, if you host your own DNS (rare), you will adjust it yourself. You will not be able to do this in your DNS control panel unless your ISP also hosts your DNS and gives you the functionality to add your own rDNS records.
I have a hosted zone created in Route53 and updated the NS records under the namespaces of the purchased domain.
Unfortunately the DNS check does not return or point to the new NS records instead gets resolved to old/ previously existing records.
I waited more than 72 hours and still i get «This site can’t be reached»failing with error DNS_PROBE_FINISHED_NXDOMAIN in the browser.
Below is a screenshot from the DNS check provided by https://mxtoolbox.com/,
It shows that the old NS records (First 4 rows with TTL to 48 hours) are present in the Parent and not in local whereas the newly updated records (The last 4 records) are present in the parent and not in the local.
Ping to the domain fails with Unknown host.
What are the next steps?
asked Mar 7, 2021 at 18:05
Vignesh T IVignesh T I
7341 gold badge6 silver badges21 bronze badges
2
When you update the name servers for a domain, remove the old name server records.
Your TTL is set to 48 hours. That means any recursive resolver such as dns.google will not refresh for 48 hours after last update. For resolvers that have not cached your resource records, they might update immediately but might also get stale data from an upstream resolver. Wait a few hours so that you do not force a new cache load with old data and then check with an Internet tool such as dnschecker.org Change the selection box from A to NS to see the name server changes.
In general I recommend that it takes 48 to 72 hours for authoritative name server changes to propagate around the world.
Google DNS supports «Flush Cache». Wait an hour or two and then request that Google update their DNS cache. Flush Cache
Cloudflare also supports Purge Cache
Google and Cloudflare are very popular DNS resolvers.
Also, do not forget to flush your local computer’s DNS cache:
- Windows:
ipconfig /flushdns - Linux:
sudo service network-manager restart(ubuntu) orsudo /etc/init.d/nscd restart - macOS:
sudo dscacheutil -flushcachefollowed bysudo killall -HUP mDNSResponder
answered Mar 7, 2021 at 23:47
John HanleyJohn Hanley
72.3k6 gold badges87 silver badges152 bronze badges
0
Gmail Help
Sign in
Google Help
- Help Center
- Community
- Gmail
- Privacy Policy
- Terms of Service
- Submit feedback
Send feedback on…
This help content & information
General Help Center experience
- Help Center
- Community
- New to integrated Gmail
Gmail
Stay on top of the new way to organize a space. Learn more about in-line threading.