In Progress CPANEL-42693 - adding domain to cpanel throws error

[JIKOmetrix]

Hello,

I get this error when trying to add a domain to cpanel.

Error: (XID acxxnt) This domain points to an IP address that does not use the DNS servers associated with this server. Transfer the domain to this server’s nameservers at the domain’s registrar or update your system to recognize the current DNS servers. To do this, use WHM’s Configure Remote Service IPs interface.

I checked the domain and it is using the name servers assigned to the server in the "Basic WebHost Manager® Setup" section of WHM.

I check the name servers are pointed to the correct IP addresses.

When domain at the registrar it shows the correct name servers in the "Basic WebHost Manager® Setup" section of WHM.

Any idea where to start?

 

[JIKOmetrix]

So this is very strange. To get cpanel to allow me to add a domain that IS POINTED to name servers in the "Basic WebHost Manager® Setup" section of WHM, I had to add the name sever IP's to the "Configure Remote Service IPs".

This seems like a bug.

 

[JIKOmetrix]

Before Dig on the domain would give serverfail not dig works like it was waiting for a valid zone, but I could have a valid zone since I could add the domain to cpanel to create the zone. Like chicken and egg issue?

 

[cPRex]

Hey there! It's definitely odd if the domain was pointed to the local nameservers and still couldn't be created with that restriction in place. As a test, can you run this command on the cPanel server and see if that returns the nameservers you expect?

/usr/local/cpanel/3rdparty/bin/perl -MCpanel::DnsRoots -MData::Dumper -e 'print Dumper(Cpanel::DnsRoots->new()->get_nameservers_for_domain("domain.com"));'

Just change domain.com, leaving the quotes, and it will give you output that looks like this:

'ns2.google.com' => '216.239.34.10',
'ns4.google.com' => '216.239.38.10',
'ns1.google.com' => '216.239.32.10',
'ns3.google.com' => '216.239.36.10'

 

[JIKOmetrix]

Of course is returns the correct DNS now.

$VAR1 = {
'ns20.jikometrix.net' => '51.222.43.204',
'ns22.jikometrix.net' => '54.39.103.115',
'ns21.jikometrix.net' => '54.39.18.56'
};

However, I have another domain doing the same thing. I ran the above command with this other domain and got this.

(XID gjutqq) DNS returned “SERVFAIL” (code 2) in response to the system’s query for “schookswizzards.com”’s “NS” records. at /usr/local/cpanel/Cpanel/DNS/Unbound.pm line 896.
$VAR1 = {};

You can see the registrar shows the correct DNS as above.

Whois schookswizzards.com

Whois Lookup for schookswizzards.com

www.whois.com

Dig looks like this:

[root@host104 ~]# dig schookswizzards.com

; <<>> DiG 9.11.36-RedHat-9.11.36-5.el8_7.2 <<>> schookswizzards.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 6784
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;schookswizzards.com. IN A

;; Query time: 45 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Wed Apr 05 15:50:15 CDT 2023
;; MSG SIZE rcvd: 48

 

[JIKOmetrix]

I've opened a ticket on this matter, 95039652

 

[mtindor]

Did you go into Enom's interface to Domains --> Advanced Tools --> Register a Nameserver and actually make sure that all of your nameservers are registered [at the root servers] ?

Nevermind. I checked. Looks like they've been registered for a long time.

 

[cPRex]

I'm following along with that ticket now.

 

[JIKOmetrix]

Did you go into Enom's interface to Domains --> Advanced Tools --> Register a Nameserver and actually make sure that all of your nameservers are registered [at the root servers] ?

Nevermind. I checked. Looks like they've been registered for a long time.

Yes, I actually did check this yesterday too.

This is a head scratcher.

I really think it is a DNS issue where the cPanel is looking for name servers from the DNS zone and not the registrar. Since there is not zone to query for nameservers it throws an error, however, it should be getting the nameservers from enom the registrar.

 

[JIKOmetrix]

Hello,

So cPanel support says, "That looks to be the underlying issue. The dnsamdin request is not returning all the IPs so the /etc/ips.dnsmaster file is not accurate."

I have the workaround in place. I've added my own nameservers to the remote service IP addresses for now.

 

[cPRex]

Thanks for giving us so many good details through the ticket. We have added this information to case CPANEL-42693 and our developers are working on that now. I'll be sure to post an update here as well if I hear any news on my end.

 

[whipworks]

Thanks for giving us so many good details through the ticket. We have added this information to case CPANEL-42693 and our developers are working on that now. I'll be sure to post an update here as well if I hear any news on my end.

Getting the same issue. Will wait for resolution. Thanks.

 

[JIKOmetrix]

Try setting up a static route?

Exim config to route email to certain domains through another provider?

Hi folks, There's a regional bank with which a ton of people in our area do business. We route all our mail out through SpamExperts. The bank has a rule on their Barracuda ESS that prohibits any mail from a non-US IP address from being delivered to their accounts. I have tried numerous times...

forums.cpanel.net

Getting the same issue. Will wait for resolution. Thanks.

Yes, It looks like we will be waiting a very long time for a fix. Ticket was open in April 2023.

 

[mathx]

Hello,

So cPanel support says, "That looks to be the underlying issue. The dnsamdin request is not returning all the IPs so the /etc/ips.dnsmaster file is not accurate."

I have the workaround in place. I've added my own nameservers to the remote service IP addresses for now.

But what is ips.dnsmaster used for and how to rebuild it? (from 2011) says:

"The file /etc/ips.dnsmaster is no longer used by cPanel / WHM for any functions directly. It has been replaced by the dnsadmin utility (/usr/local/cpanel/whostmgr/bin/dnsadmin). You would not need to update the file as it has been deprecated for use."

 

[JIKOmetrix]

I do not know.

 

[cPRex]

@whipworks and @mathx - if you can reproduce this, can you please submit a ticket to our team and reference the case number? It looks like we're still trying to find more servers experiencing the issue before we apply a fix.

 

[JIKOmetrix]

Yes, I tried to add a subdomain yesterday and got this same DNS pointer error.

 

[whipworks]

@whipworks and @mathx - if you can reproduce this, can you please submit a ticket to our team and reference the case number? It looks like we're still trying to find more servers experiencing the issue before we apply a fix.

Can't even create a ticket. The page just keeps on reading and processing. Page doesn't even show up.

 

[cPRex]

You can always email [email protected] to start a ticket.