DNS: Setup for Hosted Server to remote Server

[jparker3119]

I have spent quite a few days on this problem and am stumped. I have scoured the Internet and related forums looking for cases similar to mine but haven't been able to any. Perhaps if I knew more what I need to be looking for I would have found it but being a DNS newbie clueless me would really appreciate some help on this problem!!

I am attempting to install Zimbra onto a Ubuntu 6 server existing a virtual life on a VMware virtual machine running on a Ubuntu 7 server.

The problem seems to be with DNS. I am trying to route email from a hosted Verio server in California to the above Zimbra server located behind a router/firewall in Tokyo. I have opened up ports through the firewall to the internal IP address for the following:

Quote:

* SMTP
o port 25/tcp
* HTTP
o port 80/tcp
* POP3
o port 110/tcp
* IMAP
o port 143/tcp
* LDAP
o port 389/tcp
* HTTPS
o port 443/tcp
* IMAPS
o port 993/tcp
* POP3S
o port 995/tcp
* Admin Interface
o port 7071/tcp

The DNS settings that I have are the following:

Quote:

#>hostname
mail.ishous.net
#>hostname -f
mail.ishous.net

The appropriate lines in the following files are set as shown

Quote:

#>/etc/hosts

60.238.72.16 mail.ishous.net mail

#>/etc/hostname

mail.ishous.net

#>/etc/bind/named.conf.local

zone "mail.ishous.net"{

type master;

file "/etc/bind/db.ishous.net";

notify yes;

}

#>/etc/bind/db.ishous.net

$TTL 604800
@ IN SOA mail.ishous.net. admin.ishous.net (
07092405 : Serial
604800 : Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS mail
IN MX 10 mail
IN A 192.168.255.197
mail IN A 192.168.255.197

The DNS setup on the hosted domain from whence the email is supposedly being forwarded to the router IP 60.238.72.16 appears to be correct:

Quote:

#>dig mail.ishous.net

; <<>> DiG 9.3.1 <<>> mail.ishous.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64253
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;mail.ishous.net. IN A

;; ANSWER SECTION:
mail.ishous.net. 86400 IN A 60.238.72.16

;; AUTHORITY SECTION:
ishous.net. 43771 IN NS ns1.secure.net.
ishous.net. 43771 IN NS ns2.secure.net.

;; ADDITIONAL SECTION:
ns1.secure.net. 106233 IN A 192.220.124.10
ns2.secure.net. 19530 IN A 192.220.125.10

;; Query time: 44 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Sep 25 20:30:56 2007
;; MSG SIZE rcvd: 124

As I was preparing this, I found a couple of mistakes that I had made with IPs and as I shutdown and restarted a number of times, the installation procedure executed by /opt/zimbra/libexec/zmsetup.pl seemed to be having troubles with the display of lines becoming erratic. I doubt that this is related to the DNS problem, but it is rather disconcerting.

I hope that the above explanation with the logs displayed below will provide whoever can help me with enough information. If more is required, please let me know.

The following is the zmsetup.log

Quote:

Getting installed packages
checking isEnabled zimbra-core
zimbra-core not in enabled cache
enabled packages
Newinstall enabling all installed packages
Enabling zimbra-core
Enabling zimbra-ldap
Enabling zimbra-store
Enabling zimbra-mta
Enabling zimbra-snmp
Enabling zimbra-logger
Enabling zimbra-apache
Enabling zimbra-spell
Setting defaults...
Setting local config zimbra_java_home to /opt/zimbra/java
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_java_home='/opt/zimbra/java'
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled


DNS ERROR resolving MX for mail.ishous.net
It is suggested that the domain name have an MX record configured in DNS
Done

The config log is:

Quote:

AVUSER=admin@mail.ishous.net
CREATEADMIN=admin@mail.ishous.net
CREATEDOMAIN=mail.ishous.net
DEFAULTLICENSEFILE=/opt/zimbra/conf/ZCSLicense.xml
DOCREATEADMIN=yes
DOCREATEDOMAIN=yes
DOTRAINSA=yes
EXPANDMENU=no
HOSTNAME=mail.ishous.net
HTTPPORT=80
HTTPSPORT=443
IMAPPORT=143
IMAPPROXYPORT=143
IMAPSSLPORT=993
IMAPSSLPROXYPORT=993
JAVAHOME=/opt/zimbra/java
LDAPHOST=mail.ishous.net
LDAPPORT=389
LICENSEFILE=/opt/zimbra/conf/ZCSLicense.xml
MODE=http
MTAAUTHHOST=mail.ishous.net
MYSQLMEMORYPERCENT=30
NOTEBOOKACCOUNT=wiki@mail.ishous.net
POPPORT=110
POPPROXYPORT=110
POPSSLPORT=995
POPSSLPROXYPORT=995
REMOVE=no
RUNAV=yes
RUNSA=yes
SMTPDEST=admin@mail.ishous.net
SMTPHOST=mail.ishous.net
SMTPNOTIFY=yes
SMTPSOURCE=admin@mail.ishous.net
SNMPNOTIFY=yes
SNMPTRAPHOST=mail.ishous.net
SPELLURL=http://mail.ishous.net:7780/aspell.php
STARTSERVERS=yes
SYSTEMMEMORY=0.5
TOMCATMEMORYPERCENT=40
TRAINSAHAM=ham..qajpi0n@mail.ishous.net
TRAINSASPAM=spam.v.agy2ogtm@mail.ishous.net
UPGRADE=yes
USEIMAPPROXY=no
USESPELL=yes
tomcat_keystore_password=mmmmmmmm
tomcat_truststore_password=changeit
zimbraBackupReportEmailRecipients=admin@mail.ishou s.net
zimbraBackupReportEmailSender=admin@mail.ishous.ne t
zimbraPrefTimeZoneId=(GMT-08.00) Pacific Time (US & Canada)
INSTALL_PACKAGES="zimbra-apache zimbra-core zimbra-ldap zimbra-logger zimbra-mta zimbra-snmp zimbra-spell zimbra-store "

[phoenix]

Welcome to the forums.

Is this supposed to be the hosts file for the Zimbra server?

Code:

/etc/hosts

60.238.72.16 mail.ishous.net mail

If it is, it's incorrect. It should be as follows:

Code:

127.0.0.1 localhost.localdomain localhost
192.168.255.197 mail.ishous.net mail

Your MX record is also incorrect, it should be the FQDN of your server not just the hostname, check the details for Split DNS.

[jparker3119]

I updated the two files as you suggested and visited the link you posted. Unfortunately, the link is for Redhat and has some variations in files and directories from Ubuntu.
Nonetheless, I attempted to adapt where I thought appropriate as shown below (/etc/bind/db.ishous.net):

Quote:

IN SOA mail.ishous.net. admin.ishous.net. (
.......
.......)

IN NS 192.168.255.197
IN A 192.168.255.197
IN MX 10 mail.ishous.net.

but to no avail. #>dig mx mail.ishous.net showed that the setup was not yet proper.

Would /etc/resolv.conf have a relationship with this problem?
I presently have it set up as

Quote:

nameserver 202.225.94.247
nameserver 210.147.240.193

I had thought that perhaps the nameserver should point to the local server IP of 192.168.255.197 but this seem to really mess things up. hostname would give correct results but hostname -f failed to.

What I am overlooking? I am sure it is probably staring me right in the face but I sure can't see it.
Thanks in advance.
Jim

[phoenix]

Yes. the resolv.conf should point to your local server. What happens when you change resolv.conf? Change it and run the following commands on the Zimbra server:

Code:

host `hostname`   <-- type that exactly with backticks not single quotes
dig ishous.net mx
dig ishous.net any

[jparker3119]

I change the contents from IPs used for the external DNS servers to the IP of the localhost 192.168.255.197

I did a shutdown -r now and then checked hostname and hostname -f with the respective results of mail.ishous.net and host name lookup failure

I then did #> host `hostname` (hostname is the literal word to be used, correct? or would be be mail.ishous.net A really newbie question , I am sure.....)

The result is:

Quote:

;; connection timed out; no servers could be reached.

Next, I followed up with

Quote:

#> dig mail.ishous.net mx (as well as ishous.net mx)

with the results:

Quote:

;; global options: printcmd
;; connection timed out; no servers could be reached

I next put set /etc/resolv.conf back to the two external DNS servers and ran the above commands again.

Quote:

#>hostname
mail.ishous.net
#>hostname -f
mail.ishous.net

Just in case I may be missing something, I then tried the following commands

Quote:

#>host hostname 'mail.ishou.net'
bash: mail.ishous.net: command not found
;; connection timed out; no server could be reached

#>host `hostname
;; connection timed out; no server could be reached

#host `mail.ishous.net`
bash: mail.ishous.net: command not found
Usage.............

So, I am not further closer to the light at the end of the tunnel than before!!!
What should I try next, Bill?
Thanks in advance!

[phoenix]

You did change your hosts file earlier as I suggested, didn't you? The IP address for your DNS server is correct (it's the same server as Zimbra, isn't it)? Is there a firewall and/or SElinux active (does Ubuntu have SElinux)? If there's any firewall or SELinux on the Zimbra server then please disable them.

[jparker3119]

Thanks some more Bill!
The hosts file is:

Quote:

127.0.0.1 localhost.localdomain localhost
192.168.255.197 mail.ishous.net mail
#......
::1 .......
I have not setup a firewall on the Zimbra server.

/etc/hostname:

Quote:

mail.ishous.net

/etc/bind/named.conf.options

Quote:

options {
directory "/var/cache/bind";
......
fetch-glue no;
.....
query-source address * port 53;
.....
forwarders {
202.225.94.247 210.147.240.193;
};
auth-nxdomain no;
};

/etc/bind/named.conf.local

Quote:

zone "mail.ishous.net"{
type master;
file "/etc/bind/db.ishous.net";
};

/etc/bind/db.ishous.net

Quote:

$TTL 604800
@ IN SOA mail.ishous.net. admin.ishous.net. (
.......
.......)
IN NS 192.168.255.197
IN A 192.168.255.197
IN MX 10 mail.ishous.net

/etc/resolv.conf

Quote:

nameserver 192.168.255.197

I failed to answer some of your questions earlier, Bill. I apologize.
1. Is there a firewall?
Yes, there is. It is in the physical modem/router. I have routed what I understand the required ports through the firewall to the 192.168.255.197 (Zimbra) server in the following manner:

Quote:

Connected name: ISP1
LAN IP Address: 192.168.255.197
WAN IP Address: Automatic WAN Address
Protocol: TCP and UDP
LAN Port: smtp
WAN Port: smtp
for the following ports: smtp, www, pop3, 389, 443, 993, 995, 1071

I also earlier tried a DMZ connection for the Zimbra server but the error stated above replicated itself in this environment as well. I have not setup a firewall within the Zimbra server either.

2. SElinux Issue
Bill, I found the following here.

Quote:

The Debian packaged Linux kernels have had SELinux support complied in (but disabled by default) since version 2.6.9. In order to activate SELinux the parameter selinux=1 must be passed to the kernel when booting. .....

I have not purposely activated SELinux so I "assume" that it is not enabled when I boot the Zimbra server up.

I think that covers most of the pertinent files. Please let me know if there is anything you need, Bill
Thanks again.
Jim

[jparker3119]

I re-installed on a new VMWare-mounted Ubuntu 6 server. All to no avail.
As you recommended Bill, I ran the following:

Quote:

#>host `hostname`
;; connection timed out; no servers could be reached

#>dig mail.ishous.net
;; connection timed out; no servers could be reached

I can ping out using IP addresses but FQDN, such as google.com, do not resolve unless resolv.conf points to external DNS. Using the server IP does not work.