I receive error emails every day about failed DNS resolvers. Is there anything wrong with my cPanel server DNS ? Could you please have a look?
That was a recent customer request we received in our help-desk for Server Management Services.
DNS errors can make websites down. When a DNS resolver fails, the DNS queries on the server stop working. Therefore, it’s really critical to have an immediate fix.
In this write-up, we’ll see the major causes for the Partial dns resolver failure error and how our Dedicated Engineers fix it.
What is DNS resolver?
At this point, let’s get an idea on DNS resolver first.
To connect to any website on the internet, the computer should know the website’s IP address. To get this IP number, this computer has to contact a DNS resolver, and it gets the current IP address of domain.com.
In simple terms, a resolver is a file that tells the server about the DNS server that it should use. Setting up a DNS resolver for the server to a valid IP address is very important. Basically, DNS resolver is the first DNS server used while executing any DNS query from the server. As a result, when the DNS resolvers do not work correctly, it affects all the services.
For example, an attempt to fetch package using a repository link fail. Also, connection to remote database servers or mail servers can also result in an error.
Usually, the network administrator or internet provider decides on the DNS resolver that your server should use.
In Linux servers, the file /etc/resolv.conf hold the details of resolvers. It has entries for “Primary Resolver”, “Secondary Resolver” and “Tertiary Resolver”.
For instance, the resolv.conf on one of our servers appear as:
[root@myserver ~]# cat /etc/resolv.conf
search any-server.xx
nameserver 116.xx.xx.211
nameserver 116.xx.xx.104
nameserver 2001:xxxx:xxxx::8888
What causes Partial dns resolver failure error?
We just saw the importance of the DNS resolvers for the proper working of any server. Unfortunately, often connection to these DNS servers can fail causing dns resolver failure. This can be a complete failure when none of the DNS resolvers work. Or, when one or two name-servers work, while the others fail, it shows a partial DNS failure error.
In cPanel servers, a notification mail is sent to the server owner about this failure. For example, the cPanel server owner received the message as :
Now, let’s take a look on what causes the dns resolver failure error.
1. Firewall
Usually, a major reason for resolver failures will be firewall restrictions. By default, most servers allow trusted IP address in the firewall. If for any reason the connection server IP is not white-listed, all DNS queries will fail. And, the DNS resolvers become unreachable.
2. Timeout errors
Similarly, the connection to the DNS resolver can even time out too. The reason for timeout can be network errors, ISP restrictions and many more.
In this case, the primary and secondary DNS resolvers were showing timeout which triggered the Partial DNS resolver failure notification.
How we correct DNS resolver settings?
DNS resolver failure, whether it is partial or complete requires immediate correction. Let’s see how our Dedicated Engineers corrected the resolver configuration for this customer.
We started troubleshooting by trying to connect to the resolvers from the server itself. However, connection attempt was failing. We double-checked the firewall and found that the nameservers were already in whitelist.
Further, we tried to connect to the failing resolvers from outside. This was also not connecting. Thus, we found that the problem was with remote resolvers.
We then edited the file /etc/resolv.conf and updated the primary and secondary resolver to Google DNS servers – 8.8.8.8 and 8.8.4.4.
If there is trouble in updating the file directly via SSH, it can be edited using the “Resolver Configuration” interface in WHM too. The wizard will help to update the system’s DNS resolvers.
[Still worried on setting correct DNS resolvers for your server? We are available 24×7 to make things work on your server.]
Conclusion
In a nutshell, partial dns resolver failure happens when connection to nameservers fail. It can affect server updates, website resolution, email delivery, etc. Today, we saw the typical causes for resolver failure and how our Support Engineers fixed it for our customer.