I can't create dns cluster

f111 · December 26, 2022, 5:32pm

DNS Slave Auto-configuration
https://www.virtualmin.com/documentation/dns/slave-configuration/

I was working on the above.
It fails at:
1 Enabling Cluster Slave Servers

Webmin > Servers > BIND DNS Server > Cluster Slave Servers

The error contents are as follows.
HTTP/1.0 500 Perl execution failed Server: MiniServ/2.001 Date: Mon, 26 Dec 2022 16:29:37 GMT Content-type: text/html; Charset=utf-8 Connection: close
Error ? Perl execution failed

Can’t use string (“Failed to connect to nttpc.itman”…) as a HASH ref while “strict refs” in use at /usr/share/webmin/bind8/slave_add.cgi line 101.

101 my @rzones = grep { $_->{‘type’} ne ‘view’ }
102 &remote_foreign_call($s, “bind8”, “list_zone_names”);

Quite frankly, I don’t understand.

SYSTEM INFORMATION
Operating system	Ubuntu Linux 20.04.5
Webmin version	2.001
Virtualmin version	7.3-1

Joe · December 26, 2022, 9:54pm

OK, there are two problems here. One is a bug in Webmin (you shouldn’t see that messy error, it should be a bit more friendly). But, the primary issue is Webmin can’t connect to your other server. The error is “Failed to connect to nttpc.itman”.

So, have you opened the necessary ports (10000-10100)? Does the name resolve to the correct IP?

Joe · December 26, 2022, 10:06pm

It’s also maybe possible that it’s choking on the TLS certificate. I don’t know all the problems that can cause a connection failure, but TLS seems plausible, too.

f111 · December 27, 2022, 1:01pm

Not resolved yet.
Details are below, please advise.

Servers are

server2(dns master):
nttpc2.subnet.domain2.com
server1(dns slave):
nttpc.domain1.com

different network

have you opened the necessary ports (10000-10100)?

root@nttpc:~# firewall-cmd --list-services
dhcpv6-client dns dns-over-tls ftp http https imap imaps mdns pop3 pop3s smtp smtp-submission smtps ssh
root@nttpc:~# firewall-cmd --list-all
public
target: default
icmp-block-inversion: no
interfaces:
sources:
services: dhcpv6-client dns dns-over-tls ftp http https imap imaps mdns pop3 pop3s smtp smtp-submission smtps ssh
ports: 20/tcp 2222/tcp 10000-10100/tcp 20000/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:

No External Firewall Hardware(Only firewalld in a host)

Does the name resolve to the correct IP?

Server2
Webmin > Webmin > Webmin Servers Index
Click to icon server1(nttpc.itman…)
Can go server1
Login successful into server1 webmin.

TLS certificate?

When I access it with a browser, it appears to be properly SSL-enabled with Let’s Encrypt.

But…

Server2
Webmin > Cluster > Cluster webmin servers > add server
Server 1 is displayed.
Click “add server” button.

below is displayed

Failed to connect to server1(nttpc.itman…) : Invalid SSL certificate : Certificate is signed by an unknown CA : /C=US/O=Let’s Encrypt/CN=R3 (code 20)

Is it because of the above?
How can I fix this?

Joe · December 27, 2022, 6:28pm

That seems likely. You have old ca-certificates package on that server. Update your software and don’t install new systems with old distributions! If this is a new deployment, put a new operating system on it!

f111 · December 28, 2022, 5:14pm

Server 1 is running normally.
I can login to Webmin from the web browser.

I think maybe I made a mistake.

When access to server1 from server2 in webmin.
Webmin servers index > click icon “server1”.

Displayed error:
Server status Failed to connect to nttpc.itman**** : Failed to connect to nttpc.itman*******:10000 : Connection refused

why does this happen?
How can I fix this?

f111 · December 28, 2022, 5:36pm

Where can I find the above log?

system · January 5, 2023, 5:37pm

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.