Master DNS server doesn't serve the clients

Question

Until yesterday I had a dedicated server with 2 IPs and Plesk. The NS, NS2 is running on same server, I'm using Plesk to add the domain records. Everything I worked great.

Yesterday I had to buy an other server, so I decided to use it as DNS server too, but without Plesk. I installed bind9 (https://help.ubuntu.com/community/BIND9ServerHowto#Secondary_Master_Server_configuration) and I added the following lines to named.local.conf:

zone "my-domain" {
     type slave;
     file "/var/cache/bind/db.my-domain.com";
     masters { MY_SERVER_IP; };
};

I didn't modify other settings. On the website above I saw an other modification in the conf file, but honestly I don't know what is it, and I didn't add it:

zone "1.168.192.in-addr.arpa" {
     type slave;
     file "/var/cache/bind/db.192";
     masters { @ip_master; };
};

On the (A) server: In Plesk, Tools & Settings -> DNS Template Settings >> Transfer Restrictions Template, I added the IP of my (B) server to allowed list

After I restarted the bind everything looks fine ((B) syslog:

zone my-domain.com/IN: Transfer started.
transfer of 'my-domain.com/IN' from MY-SERVER-IP#53: connected using 192.96.206.50#49370
zone my-domain.com/IN: transferred serial 1425047310
transfer of 'my-domain.com/IN' from MY-SERVER-IP#53: Transfer completed: 1 messages, 14 records, 417 bytes, 0.094 secs (4436 bytes/sec)
zone my-domain.com/IN: sending notifies (serial 1425047310)

For my domains I updated the servers:

• ns.a-server.com (Server A - Plesk)
• ns2.a-server.com (Server A - Plesk)
• ns3.b-server.com (Server B)

The result of @ns3.b-server.com my-domain.com is looks fine.

I didn't finish the configuration of other applications on the server so I decided to turn it off for a night. In the morning I surprised when I tried to ping my-domain.com:

ping: cannot resolve my-domain.com: Unknown host

As far as I know the client tries to get the ip of the server from the master dns server, when it's unreachable it tries the slave server. In this situation I turned off the slave server. So where is the problem/misconfiguration?

Should I remove the ns2.a-server.com or it doesn't matter?

Answer 1

It's not clear where do you run the ping. But your assumption that

client tries to get the ip of the server from the master dns server

is plain wrong. DNS client contacts the servers of /etc/resolv.conf and only these servers. The server makes a choice to respond in only one of these ways:

• if it is a master for the domain, it responds based on it's own zone files (it's own local disk and nothing else); the answer is authoritative and it ends the processing
• if it is a slave for the domain, it responds based on it's own zone files (it's own local disk and nothing else); the answer is authoritative and it ends the processing
• if it is neither, it passes the request to the forwarders; it ends the processing
• if not master, not slave and no forwarders configured, server tries to resolve the request on its own by asking the DNS all over the internet (recursive query - for a.b.c.com. it tries to resolve "." then "com." then "c.com." then "b.c.com." then "a.b.c.com." by querying various servers as specified by various NS records); the answer can be cached by server, it is non-authoritative, and it ends the processing

In your case, your slave could time-out its own zone file, and for some reason not be able to get a fresh one from master. Just one of possible causes.