BIND DNS server is installed, however, the default primary DNS server ns1.xpalm.com does not resolve to an IP address

Howdy. Newbie here, I didn’t find much when searching for:

BIND DNS server is installed, however, the default primary DNS server ns1.xpalm.com does not resolve to an IP address

With little results I’m hoping its something elementary.
Suggestions on what to check appreciated.

Godaddy domain, has two hostnames and my host as dns servers.

thank you

SYSTEM INFORMATION
OS type and version Ubuntu Linux 24.04.1
Virtualmin version 7.20.2
Webmin version 2.202

Looks ok

can you check if you have a A record for ns2

I did not, I have since added ns2.
I’ve only one IP address currently and was focusing on the ns1 issue.

@alien_scones I think your server is now resolving

Thanks for the replies.

The bind item is still showing on the “Recheck Configuration” and I suspect it is contributing to a laundry list of other issues, which I wanted to attempt to fix on my own.

Some good news, the default website xpalm.com is loading with SSL.

The other domain nimitz85.com loads but no ssl. Attempting to request cert I get this:

All suggestions are appreciated. t y

Can you post the errors you get when you run the recheck virtualmin thing.

Also does your nimitz85.com DNS records have nameserver records? I.e. NS records

Is the DNS for this domain handled by virtualmin?

There are no other errors on the recheck server:

The status of your system is being checked to ensure that all enabled features are available and properly configured …

Your system has 15.57 GiB of memory, which is at or above the Virtualmin recommended minimum of 256 MiB

BIND DNS server is installed, however, the default primary DNS server ns1.xpalm.com does not resolve to an IP address

Mail server Postfix is installed and configured

Postfix is configured to support per-domain outgoing IP addresses

Apache is installed

Apache supports HTTP/2 on your system

The following CGI script execution modes are available : suexec fcgiwrap

The following PHP execution modes are available : fpm fcgid cgi

The following PHP versions are available : 8.3.6 (/bin/php-cgi8.3)

The following PHP-FPM versions are available : 8.3.6 (php8.3-fpm)

Apache is configured to host SSL websites

MariaDB 10.11.8 is installed and running

Logrotate is installed

SpamAssassin and Procmail are installed and configured for use

ClamAV is installed and assumed to be running

Plugin AWStats reporting is installed

Plugin Protected web directories is installed

Using network interface ens6 for virtual IPs

Default IPv4 address for virtual servers is 69.48.205.20

Detected external IPv4 address is 69.48.205.20

Quotas are not enabled on the filesystem / which contains home directories under /home and email files under /home. Quota editing has been disabled

All commands needed to create and restore backups are installed

The selected package management and update systems are installed

Chroot jails are available

… your system is ready for use by Virtualmin

the dns is handled by virtualmin. The nimiz85.com zone is identical to the xpalm.com zone as far as I can tell.

Nimitz85.com is a godaddy domain, it has two hostnames and nameservers pointing to the VPS.

The IP 69.48.205.20 address can be reverse lookup to ns1.xpalm.com ( Thanks to IONOS hosting)

Do the DNS zones have corresponding A records to go with the NS records

I think so:

On the “SSL Certificate” page you can disable the check using “Check if domain names can be resolved?” option.

I was able to select ‘no’ for check if domain names can be resolved, however got this failure:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for nimitz85.com and 4 more domains

Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: admin.nimitz85.com
Type: dns
Detail: DNS problem: looking up A for admin.nimitz85.com: DNSSEC: DNSKEY Missing: validation failure <admin.nimitz85.com. A IN>: No DNSKEY record from 69.48.205.20 for key nimitz85.com. while building chain of trust; DNS problem: looking up AAAA for admin.nimitz85.com: DNSSEC: DNSKEY Missing: validation failure <admin.nimitz85.com. AAAA IN>: No DNSKEY record from 69.48.205.20 for key nimitz85.com. while building chain of trust

Domain: mail.nimitz85.com
Type: dns
Detail: DNS problem: looking up A for mail.nimitz85.com: DNSSEC: DNSKEY Missing: validation failure <mail.nimitz85.com. A IN>: key for validation nimitz85.com. is marked as invalid because of a previous No DNSKEY record; DNS problem: looking up AAAA for mail.nimitz85.com: DNSSEC: DNSKEY Missing: validation failure <mail.nimitz85.com. AAAA IN>: No DNSKEY record from 69.48.205.20 for key nimitz85.com. while building chain of trust

Domain: nimitz85.com
Type: dns
Detail: DNS problem: looking up A for nimitz85.com: DNSSEC: DNSKEY Missing: validation failure <nimitz85.com. A IN>: key for validation nimitz85.com. is marked as invalid because of a previous No DNSKEY record; DNS problem: looking up AAAA for nimitz85.com: DNSSEC: DNSKEY Missing: validation failure <nimitz85.com. AAAA IN>: No DNSKEY record from 69.48.205.20 for key nimitz85.com. while building chain of trust

Domain: webmail.nimitz85.com
Type: dns
Detail: DNS problem: looking up A for webmail.nimitz85.com: DNSSEC: DNSKEY Missing: validation failure <webmail.nimitz85.com. A IN>: key for validation nimitz85.com. is marked as invalid because of a previous No DNSKEY record; DNS problem: looking up AAAA for webmail.nimitz85.com: DNSSEC: DNSKEY Missing: validation failure <webmail.nimitz85.com. AAAA IN>: No DNSKEY record from 69.48.205.20 for key nimitz85.com. while building chain of trust

Domain: www.nimitz85.com
Type: dns
Detail: DNS problem: looking up A for www.nimitz85.com: DNSSEC: DNSKEY Missing: validation failure <www.nimitz85.com. A IN>: No DNSKEY record from 69.48.205.20 for key nimitz85.com. while building chain of trust; DNS problem: looking up AAAA for www.nimitz85.com: DNSSEC: DNSKEY Missing: validation failure <www.nimitz85.com. AAAA IN>: key for validation nimitz85.com. is marked as invalid because of a previous No DNSKEY record

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

Again, thanks for the suggestions. I feel I’m just slightly over my head on this one.

Your DNS is missing an A record pointing to your server. Also, you should double-check if ns1.xpalm.com and ns2.xpalm.com are the correct name servers you’re expecting.

Thanks for the reply. I understand your statement, but is this the answer to your statement?

image

Please feel free to correct me, I’m sure its something elementary that I’m missing.
I run another website with over 50,000 users, and I’m embarrassed I can’t get past this point on a simple reunion website.

Have you also got a NS record for NS2 as there is a issue, its not major as everything should still work

I presume you not running mail as you have no dmarc records.

P.S. looking at your post with the screenshot I can’t the the NS record for ns2 (for either domain)

The error relate to IP6 (not IP4), have you got IP6 enabled?