[Solved Updated] My domain is not responding

[Solved Updated] My domain is not responding

Postby mark9117 » Jul 8th, '17, 10:09

I tried to find information on this in network-support related fora, but was not successful. I hope this is the appropriate place to post this issue.

Linux 4.4.74-desktop-1.mga5 #1 SMP Mon Jun 26 07:50:58 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
Internet connection is fiber through a Buffalo Airstation WXR-1900DHP (Version 2.37)

I purchased a domain to make it easier to access files on my server at home. I don't have a static IP, I subscribe to Dyn for their DynDNSPro service. The service is managed by ddclient that checks and sync's everything every 5 minutes. According to Dyn's logs my IP hasn't changed within the past 5 days and my account is paid up until next year.

Yesterday (Thursday) afternoon my domain suddenly became unreachable. I could not ping the hostname or the IP address. Everything inside my LAN was fine - I had no trouble accessing the services directly from the server (sitting by my right foot). I rebooted everything. Did not resolve. Nmap showed all the expected open ports on the server. Nmap on the domain sees something, but it all seems filtered.

Code: Select all
[root@spike madams]# nmap adams-lan.org

Starting Nmap 6.47 ( http://nmap.org ) at 2017-07-08 00:56 MDT
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.13 seconds
[root@spike madams]# nmap -Pn adams-lan.org

Starting Nmap 6.47 ( http://nmap.org ) at 2017-07-08 00:56 MDT
Nmap scan report for adams-lan.org (64.130.94.10)
Host is up (0.052s latency).
rDNS record for 64.130.94.10: fiber-dhcp-64-130-94-10.yucca.net
All 1000 scanned ports on adams-lan.org (64.130.94.10) are filtered

Nmap done: 1 IP address (1 host up) scanned in 190.28 seconds


I called my isp and they claim nothing has changed on their end, and yup, my domain is down. No more help available.

I looked at my account at namecheap.com where I purchased the domain - all is well there.

I wound up reinstalling and rebuilding the box (I have excellent backups). A fresh install resulted in the same condition - local services all okay, domain shows no sign of life.

At this point, I'm stumped. I've no idea where else to look. I'm not totally sure the SSL component is working. I made sure I restored all of the files related to apache and had to install the ssl and ldap mod's to get it to start. The server does start without error but the ssl checker I tested it with (https://www.sslshopper.com/ssl-checker. ... ms-lan.org) sees no ssl cert, but does see a valid domain.

Image

Port 443 is open on the router and the firewall is open. I've even taken it down completely for testing. It doesn't help. The box shows Port 443 open on the server LAN, but again, it appears all ports on adams-lan.org are filtered.

Help?
Last edited by mark9117 on Jul 12th, '17, 08:34, edited 2 times in total.
Let's just reboot everything all the time.
User avatar
mark9117
 
Posts: 395
Joined: Sep 12th, '11, 20:32
Location: Eastern New Mexico -- Not Hell, but you can see it from here.

Re: My domain is not responding

Postby mark9117 » Jul 8th, '17, 11:07

Quick updates.

Found a site called pingdom.com. It claims to test DNS. Mine seems to test okay, which surprised me.

http://dnscheck.pingdom.com/?domain=ada ... 736&view=1
Let's just reboot everything all the time.
User avatar
mark9117
 
Posts: 395
Joined: Sep 12th, '11, 20:32
Location: Eastern New Mexico -- Not Hell, but you can see it from here.

Re: My domain is not responding

Postby RagingRaven » Jul 8th, '17, 11:40

From every DNS tool I know of I see that your DNS settings (relating to adams-lan.org) appear to be fine, all resolve to the ip 64.130.94.10.
So everyting up untill the Namecheap, Inc / registrar-servers.com systems are fine.

I've also done a few port scans on 64.130.94.10, but each test shows all ports are filtered.

The problem therefore has to be at the 64.130.94.10 end, which should be on your side.
This give 2 options in my option:

1. Despite what your ISP and ddclient claim, you are no longer at 64.130.94.10 and therefore it no longer works.
Ofcourse this should be easy to prove or disprove by going to a website like https://whatismyipaddress.com/ or one like it from your machine.

2. Something is blocking the traffic to your machine, but going by your information you have allready checked your boxes firewall and your modem/routers firewall settings.
Seeing as you allready checked this and nothing should have changed on your end (even going as far as restoring a backup) this leads me to think the problem isn't in your local settings.

Going by the information we have been given I would think that your IP has changed, but If you've allready verified that it hasn't, I would try and forward a port to a different machine (if you have one) to see if the problem is either in your modem/router (NAT/Firewall settings) or in the settings of Mageia.
Ofcourse you would have to make sure something is running on the other machine's port that you're going to forward in order to test if you can reach it. (For example an FTP server on port 21)
User avatar
RagingRaven
 
Posts: 60
Joined: Aug 18th, '14, 16:40
Location: Oud-Beijerland, Near Rotterdam, The Netherlands

Re: My domain is not responding

Postby mark9117 » Jul 8th, '17, 12:07

IP Chicken, on the other hand, says that I'm at 23.252.218.244. This IP terminates at my router. Not sure why it's not forwarding to the web server. Router shows forwarding configured correctly as near as I can figure. Just double checked that box and port 443 is open as is port 80.

Edit: I have several machines that I can forward to, but nothing running ssl. This file server is essentially my only Internet-facing machine.

I don't know but I have to get up and go to work in a few hours, so I'm calling it a night.

I'll be back and I'm off Sunday, so.....

I do appreciate the help Raven.
Let's just reboot everything all the time.
User avatar
mark9117
 
Posts: 395
Joined: Sep 12th, '11, 20:32
Location: Eastern New Mexico -- Not Hell, but you can see it from here.

Re: My domain is not responding

Postby RagingRaven » Jul 8th, '17, 12:57

If IP Chicken says that you're at 23.252.218.244, i'd say that is your current IP, I've also check it on my connection and it shows me the correct IP, so it seems an ok check.

a quick port check on 23.252.218.244 says:
Host is up (0.15s latency).
Not shown: 420 filtered ports
113/tcp closed ident

Still no go on the 443 port, but at least it sees a host, where on 64.130.94.10 it saw nothing at all.
I also tried a telnet session to 443, but no go, so it still seems something is blocking it.

When I did a traceroute to port 443 the last hop that showed any information was 68.66.94.178 (68-66-94-178.plateautel.net), but this means nothing to me, maybe it does to you?.
After this I only got timeouts.

I hope this will give you some info to fix this, as I'll be offline myself starting in about 5 hours and won't be back untill Monday.
User avatar
RagingRaven
 
Posts: 60
Joined: Aug 18th, '14, 16:40
Location: Oud-Beijerland, Near Rotterdam, The Netherlands

Re: My domain is not responding

Postby doktor5000 » Jul 8th, '17, 13:44

'It would help if you could show the relevant entries in /etc/hosts for that web server, and also the actual apache configuration for that site (or whatever webserver you're using) and in addition the output of
Code: Select all
netstat -anop | grep LISTEN
so we can see what services are actually listening on the webserver, and maybe also
Code: Select all
iptables -L
to see if there's maybe something blocking on the webserver side.
Cauldron is not for the faint of heart!
Caution: Hot, bubbling magic inside. May explode or cook your kittens!
----
Disclaimer: Beware of allergic reactions in answer to unconstructive complaint-type posts
User avatar
doktor5000
 
Posts: 17630
Joined: Jun 4th, '11, 10:10
Location: Leipzig, Germany

Re: My domain is not responding

Postby mark9117 » Jul 8th, '17, 16:20

Quickly as I'm off to work

Plateautel is my isp.

hosts file shows:

Code: Select all
192.168.1.1             gateway
192.168.0.1             modem
127.0.0.1               localhost
192.168.1.100           adamsmdk
#192.168.1.101          chrisq 
#192.168.1.102          alexa
192.168.1.103           pvr
#192.168.1.104          games
192.168.1.105           shuttle
192.168.1.106           spike
205.171.3.65            DNS1
205.171.2.65            DNS2


The DNS entries don't do anything, but I keep them here so I can find them.

netstat -anop | grep LISTEN

Code: Select all
tcp        0      0 0.0.0.0:2049            0.0.0.0:*               LISTEN      -                    off (0.00/0/0)
tcp        0      0 0.0.0.0:4003            0.0.0.0:*               LISTEN      30888/rpc.mountd     off (0.00/0/0)
tcp        0      0 0.0.0.0:4004            0.0.0.0:*               LISTEN      30889/rpc.rquotad    off (0.00/0/0)
tcp        0      0 0.0.0.0:5355            0.0.0.0:*               LISTEN      1060/systemd-resolv  off (0.00/0/0)
tcp        0      0 0.0.0.0:19150           0.0.0.0:*               LISTEN      16618/gkrellmd       off (0.00/0/0)
tcp        0      0 0.0.0.0:2222            0.0.0.0:*               LISTEN      14539/sshd           off (0.00/0/0)
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      28748/rpcbind        off (0.00/0/0)
tcp        0      0 0.0.0.0:6000            0.0.0.0:*               LISTEN      3032/X               off (0.00/0/0)
tcp        0      0 127.0.0.1:7634          0.0.0.0:*               LISTEN      764/hddtemp          off (0.00/0/0)
tcp        0      0 0.0.0.0:47349           0.0.0.0:*               LISTEN      28778/rpc.statd      off (0.00/0/0)
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN      1974/proftpd: (acce  off (0.00/0/0)
tcp        0      0 0.0.0.0:37270           0.0.0.0:*               LISTEN      -                    off (0.00/0/0)
tcp        0      0 0.0.0.0:631             0.0.0.0:*               LISTEN      1413/cupsd           off (0.00/0/0)
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      26041/master         off (0.00/0/0)
tcp        0      0 127.0.0.1:6010          0.0.0.0:*               LISTEN      30154/sshd: madams@  off (0.00/0/0)
tcp        0      0 127.0.0.1:6011          0.0.0.0:*               LISTEN      27103/sshd: madams@  off (0.00/0/0)
tcp6       0      0 :::2049                 :::*                    LISTEN      -                    off (0.00/0/0)
tcp6       0      0 :::993                  :::*                    LISTEN      26671/couriertcpd    off (0.00/0/0)
tcp6       0      0 :::4003                 :::*                    LISTEN      30888/rpc.mountd     off (0.00/0/0)
tcp6       0      0 :::35273                :::*                    LISTEN      28778/rpc.statd      off (0.00/0/0)
tcp6       0      0 :::40970                :::*                    LISTEN      -                    off (0.00/0/0)
tcp6       0      0 :::5355                 :::*                    LISTEN      1060/systemd-resolv  off (0.00/0/0)
tcp6       0      0 :::19150                :::*                    LISTEN      16618/gkrellmd       off (0.00/0/0)
tcp6       0      0 :::2222                 :::*                    LISTEN      14539/sshd           off (0.00/0/0)
tcp6       0      0 :::111                  :::*                    LISTEN      28748/rpcbind        off (0.00/0/0)
tcp6       0      0 :::143                  :::*                    LISTEN      26621/couriertcpd    off (0.00/0/0)
tcp6       0      0 :::6000                 :::*                    LISTEN      3032/X               off (0.00/0/0)
tcp6       0      0 :::80                   :::*                    LISTEN      2586/httpd           off (0.00/0/0)
tcp6       0      0 :::631                  :::*                    LISTEN      1413/cupsd           off (0.00/0/0)
tcp6       0      0 :::25                   :::*                    LISTEN      26041/master         off (0.00/0/0)
tcp6       0      0 ::1:6010                :::*                    LISTEN      30154/sshd: madams@  off (0.00/0/0)
tcp6       0      0 :::443                  :::*                    LISTEN      2586/httpd           off (0.00/0/0)
tcp6       0      0 ::1:6011                :::*                    LISTEN      27103/sshd: madams@  off (0.00/0/0)
unix  2      [ ACC ]     STREAM     LISTENING     313905   3067/dbus-daemon     @/tmp/dbus-4CwE11P8qf
unix  2      [ ACC ]     STREAM     LISTENING     314440   3167/kdeinit4: ksms  @/tmp/.ICE-unix/3167
unix  2      [ ACC ]     STREAM     LISTENING     13854    786/acpid            /var/run/acpid.socket
unix  2      [ ACC ]     STREAM     LISTENING     313843   3032/X               @/tmp/.X11-unix/X0
unix  2      [ ACC ]     STREAM     LISTENING     16579    1686/mysqld          /var/lib/mysql/mysql.sock
unix  2      [ ACC ]     STREAM     LISTENING     314441   3167/kdeinit4: ksms  /tmp/.ICE-unix/3167


And a lot more. The notable thing I found is that the box is listening for port 443 only on tcp6 - no entry for 443 in any tcp4 line. Do you need to see more of this output?

iptables -L

Code: Select all
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination


The firewall is down.

Must go or I'll be late.

I do appreciate the help.
Let's just reboot everything all the time.
User avatar
mark9117
 
Posts: 395
Joined: Sep 12th, '11, 20:32
Location: Eastern New Mexico -- Not Hell, but you can see it from here.

Re: My domain is not responding

Postby doktor5000 » Jul 8th, '17, 23:40

mark9117 wrote:The notable thing I found is that the box is listening for port 443 only on tcp6 - no entry for 443 in any tcp4 line. Do you need to see more of this output?

Nope, not for the netstat part. Only the actual apache configuration for that site (or whatever webserver you're using) is missing for the whole picture.
Cauldron is not for the faint of heart!
Caution: Hot, bubbling magic inside. May explode or cook your kittens!
----
Disclaimer: Beware of allergic reactions in answer to unconstructive complaint-type posts
User avatar
doktor5000
 
Posts: 17630
Joined: Jun 4th, '11, 10:10
Location: Leipzig, Germany

Re: My domain is not responding

Postby mark9117 » Jul 8th, '17, 23:58

Yeah, I totally missed that piece in my effort to get out the door. I'm not going to figt my phone to get that info posted. Will get it when I get hom.
Let's just reboot everything all the time.
User avatar
mark9117
 
Posts: 395
Joined: Sep 12th, '11, 20:32
Location: Eastern New Mexico -- Not Hell, but you can see it from here.

Re: My domain is not responding

Postby mark9117 » Jul 9th, '17, 06:02

If this material is not correct please let me know. It's been a while since I implemented this thing.

Code: Select all
# httpd -V
Server version: Apache/2.4.10 (Unix)
Server built:   Jul 19 2016 16:21:21
Server's Module Magic Number: 20120211:47
Server loaded:  APR 1.5.1, APR-UTIL 1.5.4
Compiled using: APR 1.5.1, APR-UTIL 1.5.4
Architecture:   64-bit
Server MPM:     prefork
  threaded:     no
    forked:     yes (variable process count)
Server compiled with....
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_FCNTL_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=128
 -D HTTPD_ROOT="/etc/httpd"
 -D SUEXEC_BIN="/usr/sbin/suexec"
 -D DEFAULT_PIDLOG="/run/httpd/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"



The contents of /etc/httpd/conf/httpd.conf is in a pastbin link here..

An excerpt from error_log for today is in a pastebin link here.

The contents of /etc/httpd/conf/sites.d/00_default_ssl_vhost.conf
Code: Select all
# less 00_default_ssl_vhost.conf
# default SSL virtual host, used for all HTTPS requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.

<VirtualHost _default_:443>
    # general configuration
    ServerAdmin root@localhost
    ServerName localhost

    # SSL configuration
    SSLEngine on
    SSLCertificateFile /etc/pki/tls/certs/httpd.pem
#    SSLCertificateFile /etc/pki/tls/certs/
    SSLCertificateKeyFile /etc/pki/tls/private/httpd.pem
#    SSLCertificateKeyFile /etc/pki/tls/private/httpd.pem
    CustomLog logs/ssl_request_log \
        "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>


The contents of /etc/pki/tls/certs:
Code: Select all
-rw-r--r-- 1 root root 1043838 Apr 21 17:20 ca-bundle.crt
-rw-r--r-- 1 root root    1159 Dec 28  2016 httpd.pem
-rwxr-xr-x 1 root root     610 Jan 27 03:48 make-dummy-cert*
-rw-r--r-- 1 root root    2240 Jan 27 03:48 Makefile
-rw-r--r-- 1 root root    1168 Dec 28  2016 postfix.pem


The contents of # ll /etc/pki/tls/private
Code: Select all
total 16
-rw------- 1 root root 2884 Dec 28  2016 courier-imap.pem
-rw------- 1 root root 1704 Dec 28  2016 httpd.pem
-rw------- 1 root root 2957 Dec 28  2016 miniserv.pem
-rw------- 1 root root 1708 Dec 28  2016 postfix.pem


That's probably more information than anyone needs, but I took the opportunity to look over it again. It all seems to be in order. I'd post any log file excerpts from the log file if there was anything notable to be found there.

I appreciate any help.
Last edited by isadora on Jul 9th, '17, 08:20, edited 1 time in total.
Reason: Placed command-output in between [CODE]-tags for better readability ;)
Let's just reboot everything all the time.
User avatar
mark9117
 
Posts: 395
Joined: Sep 12th, '11, 20:32
Location: Eastern New Mexico -- Not Hell, but you can see it from here.

Re: My domain is not responding

Postby mark9117 » Jul 9th, '17, 10:54

More stumbling around on my part.

I started comparing nslookup info on all the addresses and hostnames involved in this circus.

First, what address does my hostname return?
Code: Select all
 # nslookup adams-lan.org
Server:         208.67.222.222
Address:        208.67.222.222#53

Non-authoritative answer:
Name:   adams-lan.org
Address: 64.130.94.10


This is the IP address I'm seeing when I attempt to ping my domain. That makes sense. It says that my DNS servers relate the IP address with my domain.

Okay, so what does that IP address return when I turn it around?

Code: Select all
# nslookup 64.130.94.10
Server:         208.67.222.222
Address:        208.67.222.222#53

Non-authoritative answer:
10.94.130.64.in-addr.arpa       name = fiber-dhcp-64-130-94-10.yucca.net.

Authoritative answers can be found from:


This is interesting because I appear to be at fiber-dhcp-64-130-94-10.yucca.net.

Given all that, what do I get from the Internet facing address on my router?

Code: Select all
http://checkip.dyndns.com
Current IP Address: 23.252.218.244

# nslookup 23.252.218.244
;; Got SERVFAIL reply from 208.67.222.222, trying next server
Server:         208.67.220.220
Address:        208.67.220.220#53

** server can't find 244.218.252.23.in-addr.arpa: SERVFAIL


The current WAN side IP address of my router is not found.

I also found that if I point a browser at https://64.130.94.10/, it simply times out, just as if I had pointed it at my domain.
If I point that browser at https://23.252.218.244, it loops back around to my router interface.

No real surprises - the IP that my domain is linked to is not found and the IP address that should be associated with my domain (may actual WAN facing IP address) seems to work, but isn't connected to my domain.

Hmm, I still don't know enough about this stuff to say what's wrong. Seems as if something somewhere is not updating?
Let's just reboot everything all the time.
User avatar
mark9117
 
Posts: 395
Joined: Sep 12th, '11, 20:32
Location: Eastern New Mexico -- Not Hell, but you can see it from here.

Re: My domain is not responding

Postby mark9117 » Jul 10th, '17, 07:33

Marking this one resolved, though I am less than satisfied.

I contacted my domain name registrar this afternoon and we were able to juggle ip addresses on file there for my "@" record and deleted the redirector that points to www.adams-lan.org. At this point, my domain name is pinging, though it is miserably slow.

Code: Select all
# ping adams-lan.org
PING adams-lan.org (23.252.218.244) 56(84) bytes of data.
64 bytes from 23.252.218.244: icmp_seq=1 ttl=64 time=0.216 ms
64 bytes from 23.252.218.244: icmp_seq=2 ttl=64 time=0.246 ms
64 bytes from 23.252.218.244: icmp_seq=3 ttl=64 time=0.179 ms
64 bytes from 23.252.218.244: icmp_seq=4 ttl=64 time=0.200 ms
64 bytes from 23.252.218.244: icmp_seq=5 ttl=64 time=0.237 ms

--- adams-lan.org ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 31522ms
rtt min/avg/max/mdev = 0.179/0.215/0.246/0.029 ms


My ip address responds much more quickly.

Also, I am unable to connect to the domain from inside my LAN. I'm pretty much taking the registrar's word for it that it works. When I point a browser toward the domain name, or ip addresss, as in https://23.252.218.244, I get a certificate error. I finally cleared that with an exception that may or may not be saved, but the only page that comes up is my router web config page. I am told that this is normal.

Pointing the browser at one of my web apps (dokuwiki or owncloud, a la https://23.252.218.244/owncloud) leads to error 404 - file not found. I can access those sites fine by pointing to my LAN side hostname as in https://shuttle/owncloud. That's not very satisfying but it's more than I had last week.

I'd love to know 1) how to fix the 404 errors and 2) how to restore this stuff to get it to work like it used to. Then there's the little matter of what happened to break this mess in the first place.

So, thank you all for the support. I appreciate it. I'm marking it resolved as my domain pings again. Hopefully I will be able to put it all back together soon. If anybody has any suggestions, please do let me know.

Thanks again.
Let's just reboot everything all the time.
User avatar
mark9117
 
Posts: 395
Joined: Sep 12th, '11, 20:32
Location: Eastern New Mexico -- Not Hell, but you can see it from here.

Re: [Solved Updated] My domain is not responding

Postby mark9117 » Jul 12th, '17, 08:37

Weird. I was able to resolve this connectivity issue by NOT forwarding ports on my router.

That makes no sense to me, but as a test I turned off the forwarding for ports 443 and 80 and I was able to connect from outside the network.

I did the same thing with ssh. With ports forwarded, the connection is refused. Ports not forwarded, I connect just fine.

Makes no sense to me.

Just wanted to get that in here for posterity.
Let's just reboot everything all the time.
User avatar
mark9117
 
Posts: 395
Joined: Sep 12th, '11, 20:32
Location: Eastern New Mexico -- Not Hell, but you can see it from here.


Return to Networking

Who is online

Users browsing this forum: No registered users and 1 guest

cron