been fighting this few days now, not really sure whats going on. trouble free for years

Your message is too ambiguous, you'd better be as more specific as you can. Post here all error messages you see there, or attach screenshots. Without detailed information I can suggest you only either adding more details or hiring somebody from these forums (me for example) or some other sites.

The only idea ive got is that should be a dns problem.. but really too few information, actually none.. usefull..

Regards

OK. If EoNetworks.com was mentioned, then yes, it seems to be a DNS issue.

http://intodns.com/EoNetworks.com

And if other domains are deligated with the same NS servers, that is the core of the problem. As both NS servers point to one IP:

ns4.EoNetworks.com. ['64.34.192.206']
pop.EoNetworks.com. ['64.34.192.206']

And it does not respond on DNS quieries:


ERROR: One or more of your nameservers did not respond:
The ones that did not respond are:
64.34.192.206

OK. If EoNetworks.com was mentioned, then yes, it seems to be a DNS issue.

http://intodns.com/EoNetworks.com

And if other domains are deligated with the same NS servers, that is the core of the problem. As both NS servers point to one IP:

ns4.EoNetworks.com. ['64.34.192.206']
pop.EoNetworks.com. ['64.34.192.206']

And it does not respond on DNS quieries:


Oct 25 10:06:44 eon1 named[2916]: client 207.115.20.131#7225: query (cache) '86.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:44 eon1 named[2916]: client 64.233.168.87#54910: query (cache) '230.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:44 eon1 named[2916]: client 207.115.36.32#44388: query (cache) '70.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:44 eon1 named[2916]: client 207.115.20.46#48265: query (cache) '17.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:44 eon1 named[2916]: client 207.115.36.138#9746: query (cache) '75.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:44 eon1 named[2916]: client 207.115.36.140#54917: query (cache) '66.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 68.230.240.102#26764: query (cache) '245.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 207.115.36.48#60146: query (cache) '79.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 207.115.20.47#5577: query (cache) '79.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 207.115.20.124#23954: query (cache) '5.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 207.115.20.121#62186: query (cache) '70.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 207.115.20.161#14869: query (cache) '84.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 207.115.36.153#22040: query (cache) '69.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 70.169.32.135#2737: query (cache) '231.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 207.115.20.160#40344: query (cache) '74.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 207.115.36.52#57865: query (cache) '253.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 207.115.20.129#57617: query (cache) '75.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 74.125.90.84#64911: query (cache) '225.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 207.115.20.119#45323: query (cache) '253.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 207.115.20.133#14858: query (cache) '70.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 207.115.20.47#41241: query (cache) '65.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 74.125.92.89#52738: query (cache) '91.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 207.115.20.121#60357: query (cache) '238.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 74.125.92.81#58197: query (cache) '82.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 74.125.44.95#53122: query (cache) '83.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 74.125.44.92#42277: query (cache) '76.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:45 eon1 named[2916]: client 207.115.36.151#4738: query (cache) '241.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 70.169.32.132#43147: query (cache) '86.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 207.115.36.151#33192: query (cache) '241.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 207.115.36.162#34959: query (cache) '232.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 207.115.36.38#53615: query (cache) '253.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 207.115.36.134#60662: query (cache) '249.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 206.196.234.137#61692: query (cache) '251.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 216.234.108.227#54038: query (cache) '252.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 207.115.36.56#29017: query (cache) '245.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 207.115.20.163#58527: query (cache) '231.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 207.115.20.17#22659: query (cache) '250.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 64.233.168.87#45394: query (cache) '78.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 68.230.240.103#23658: query (cache) '233.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 70.169.32.132#57276: query (cache) '252.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 207.115.20.16#5465: query (cache) '235.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 70.169.32.132#31696: query (cache) '245.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 170.146.224.9#50321: query (cache) '246.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 207.115.20.157#23556: query (cache) '24.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:46 eon1 named[2916]: client 207.115.20.133#45547: query (cache) '233.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:47 eon1 named[2916]: client 207.115.20.155#61984: query (cache) '93.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:47 eon1 named[2916]: client 207.115.36.34#18662: query (cache) '247.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:47 eon1 named[2916]: client 68.230.240.107#24732: query (cache) '242.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:47 eon1 named[2916]: client 70.169.32.136#2378: query (cache) '226.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:47 eon1 named[2916]: client 207.115.36.36#50020: query (cache) '3.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:47 eon1 named[2916]: client 207.115.20.158#28304: query (cache) '93.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:47 eon1 named[2916]: client 207.115.36.124#32000: query (cache) '70.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:47 eon1 named[2916]: client 207.115.20.126#21762: query (cache) '228.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:47 eon1 named[2916]: client 156.154.63.103#57759: query (cache) '18.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:47 eon1 named[2916]: client 207.115.20.161#5319: query (cache) '70.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 207.115.20.47#19967: query (cache) '27.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 207.115.20.48#5531: query (cache) '30.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 216.32.180.10#27190: query (cache) '240.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 162.115.42.1#37530: query (cache) '85.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 207.115.36.122#22298: query (cache) '91.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 207.115.20.46#19771: query (cache) '26.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 68.230.240.106#9360: query (cache) '239.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 70.169.32.133#9098: query (cache) '76.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 68.230.240.103#3335: query (cache) '73.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 207.115.36.38#16819: query (cache) '225.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 208.65.40.98#56994: query (cache) '9.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 207.115.20.155#46564: query (cache) '76.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 207.115.36.46#31960: query (cache) '30.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 70.169.32.136#18267: query (cache) '240.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 68.230.240.106#19182: query (cache) '240.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 207.115.36.150#29315: query (cache) '226.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 74.125.64.85#52546: query (cache) '235.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 207.115.20.123#29702: query (cache) '86.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:48 eon1 named[2916]: client 74.125.90.86#50213: query (cache) '230.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 65.175.128.164#23569: query (cache) '244.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 207.115.36.53#20369: query (cache) '13.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 207.115.20.124#36264: query (cache) '245.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 207.115.20.129#56033: query (cache) '6.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 207.115.36.153#43661: query (cache) '239.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 68.230.240.101#36273: query (cache) '87.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 68.230.240.103#41596: query (cache) '90.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 70.169.32.135#26432: query (cache) '71.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 74.125.44.84#65480: query (cache) '227.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 70.169.32.135#37963: query (cache) '242.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 68.230.240.102#11573: query (cache) '238.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 68.230.240.104#25731: query (cache) '80.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 74.125.90.89#42900: query (cache) '226.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 64.233.168.81#64793: query (cache) '225.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 207.115.36.39#6271: query (cache) '73.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 68.230.240.104#59867: query (cache) '77.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 207.115.36.155#63043: query (cache) '242.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 207.115.20.15#20894: query (cache) '3.24.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 207.115.20.46#40069: query (cache) '75.25.59.216.in-addr.arpa/PTR/IN' denied
Oct 25 10:06:49 eon1 named[2916]: client 68.230.240.106#36457: query (cache) '247.24.59.216.in-addr.arpa/PTR/IN' denied

[Tue Oct 25 00:11:04 2011] [notice] SIGHUP received. Attempting to restart
[Tue Oct 25 00:11:05 2011] [warn] RSA server certificate CommonName (CN) `localhost' does NOT match server name!?
[Tue Oct 25 00:11:05 2011] [warn] Init: SSL server IP/port conflict: www.jack.eonetworks.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:395) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:11:05 2011] [warn] Init: SSL server IP/port conflict: www.files.eonetworks.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:317) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:11:05 2011] [warn] Init: SSL server IP/port conflict: www.esther.eonetworks.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:239) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:11:05 2011] [warn] Init: SSL server IP/port conflict: www.droidtweak.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:54) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:11:05 2011] [warn] Init: SSL server IP/port conflict: localhost:443 (/etc/httpd/conf/extra/httpd-vhosts.conf:38) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:11:05 2011] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!
[Tue Oct 25 00:11:05 2011] [notice] Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17 configured -- resuming normal operations
[Tue Oct 25 00:14:01 2011] [notice] caught SIGTERM, shutting down
[Tue Oct 25 00:14:03 2011] [warn] RSA server certificate CommonName (CN) `localhost' does NOT match server name!?
[Tue Oct 25 00:14:03 2011] [warn] Init: SSL server IP/port conflict: www.jack.eonetworks.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:395) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:14:03 2011] [warn] Init: SSL server IP/port conflict: www.files.eonetworks.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:317) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:14:03 2011] [warn] Init: SSL server IP/port conflict: www.esther.eonetworks.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:239) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:14:03 2011] [warn] Init: SSL server IP/port conflict: www.droidtweak.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:54) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:14:03 2011] [warn] Init: SSL server IP/port conflict: localhost:443 (/etc/httpd/conf/extra/httpd-vhosts.conf:38) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:14:03 2011] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!
[Tue Oct 25 00:14:03 2011] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue Oct 25 00:14:04 2011] [warn] RSA server certificate CommonName (CN) `localhost' does NOT match server name!?
[Tue Oct 25 00:14:04 2011] [warn] Init: SSL server IP/port conflict: www.jack.eonetworks.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:395) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:14:04 2011] [warn] Init: SSL server IP/port conflict: www.files.eonetworks.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:317) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:14:04 2011] [warn] Init: SSL server IP/port conflict: www.esther.eonetworks.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:239) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:14:04 2011] [warn] Init: SSL server IP/port conflict: www.droidtweak.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:54) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:14:04 2011] [warn] Init: SSL server IP/port conflict: localhost:443 (/etc/httpd/conf/extra/httpd-vhosts.conf:38) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:14:04 2011] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!
[Tue Oct 25 00:14:04 2011] [notice] Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17 configured -- resuming normal operations
[Tue Oct 25 00:37:11 2011] [notice] caught SIGTERM, shutting down
[Tue Oct 25 00:39:48 2011] [warn] RSA server certificate CommonName (CN) `localhost' does NOT match server name!?
[Tue Oct 25 00:39:48 2011] [warn] Init: SSL server IP/port conflict: www.jack.eonetworks.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:395) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:39:48 2011] [warn] Init: SSL server IP/port conflict: www.files.eonetworks.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:317) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:39:48 2011] [warn] Init: SSL server IP/port conflict: www.esther.eonetworks.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:239) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:39:48 2011] [warn] Init: SSL server IP/port conflict: www.droidtweak.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:54) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:39:48 2011] [warn] Init: SSL server IP/port conflict: localhost:443 (/etc/httpd/conf/extra/httpd-vhosts.conf:38) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:39:48 2011] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!
[Tue Oct 25 00:39:48 2011] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue Oct 25 00:39:49 2011] [warn] RSA server certificate CommonName (CN) `localhost' does NOT match server name!?
[Tue Oct 25 00:39:49 2011] [warn] Init: SSL server IP/port conflict: www.jack.eonetworks.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:395) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:39:49 2011] [warn] Init: SSL server IP/port conflict: www.files.eonetworks.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:317) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:39:49 2011] [warn] Init: SSL server IP/port conflict: www.esther.eonetworks.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:239) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:39:49 2011] [warn] Init: SSL server IP/port conflict: www.droidtweak.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:54) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:39:49 2011] [warn] Init: SSL server IP/port conflict: localhost:443 (/etc/httpd/conf/extra/httpd-vhosts.conf:38) vs. www.1firetech.com:443 (/usr/local/directadmin/data/users/firetech/httpd.conf:52)
[Tue Oct 25 00:39:49 2011] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!
[Tue Oct 25 00:39:49 2011] [notice] Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17 configured -- resuming normal operations
[Tue Oct 25 01:25:38 2011] [error] [client 50.17.88.207] File does not exist: /var/www/html/topic
[Tue Oct 25 01:25:38 2011] [error] [client 50.17.88.207] File does not exist: /var/www/html/404.shtml
[Tue Oct 25 02:56:04 2011] [error] [client 50.17.88.207] File does not exist: /var/www/html/topic
[Tue Oct 25 02:56:04 2011] [error] [client 50.17.88.207] File does not exist: /var/www/html/404.shtml
[Tue Oct 25 02:56:19 2011] [error] [client 50.17.88.207] File does not exist: /var/www/html/topic
[Tue Oct 25 02:56:19 2011] [error] [client 50.17.88.207] File does not exist: /var/www/html/404.shtml
[Tue Oct 25 07:55:54 2011] [error] [client 212.192.253.246] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)

And what? That's rather useless.

What do the reverse requests have common with the named above issue? When your server does not respond on DNS queries for EoNetworks.com?

adding a 2nd ip as we speak, but we was running a single ip for a while without problems

Are we talking about the same things? Do you get that your server does not respond on DNS queries for EoNetworks.com?

Try to do nslookup and dig from your PC, or whatever you use there to browse in Internet.

Are we talking about the same things? Do you get that your server does not respond on DNS queries for EoNetworks.com?

Try to do nslookup and dig from your PC, or whatever you use there to browse in Internet.

zones are in place, and checked dns.. all are correct

Actually named running doesnt mean everything is working...

Check your firewall, i suppose is blocking port 53.

Regards

Actually named running doesnt mean everything is working...

Check your firewall, i suppose is blocking port 53.

Regards


i have, is really weird how this came from no where

# /sbin/iptables -F

flushed, nada

os? selinux? iptables -L?

Regards

CentOS release 5.7 (Final)

[root@main eaccelerator]# /sbin/iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

try
setenforce 0

and change this file:
/etc/sysconfig/selinux


to be like this


# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted

# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0


Regards

i think that what i see,


# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted

# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0

reboot?

[root@main /]# /usr/sbin/setenforce 0
/usr/sbin/setenforce: SELinux is disabled

Post result for:


netstat -ant | grep :53

Regards

Hello,

This is the guide I've posted for when named is running, but not responding:
http://help.directadmin.com/item.php?id=387

John

Post result for:


netstat -ant | grep :53

Regards

[root@main /]# netstat -ant | grep :53
tcp 0 0 64.34.182.182:53 0.0.0.0:* LISTEN
tcp 0 0 64.34.192.206:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
tcp 0 0 :::53 :::* LISTEN
[root@main /]#

Thanks John.

Take a look here please: http://www.directadmin.com/forum/showthread.php?t=41734

Is getting annoying cause many guys sometimes happen that doesnt get any reply from you.

If you need a hand to manage the support request im avaible.

Regards

You should ask to the housing company where you get the server why port 53 isnt working, maybe they are blocking it on firewall for some reason...

Regards

Ive just noticed that those two IP reply on a telnet connection but not on a dig request...

Thats curios...

Also checking here: http://intodns.com/EoNetworks.com

Seems that your ns configuration at domain registar level is a mess...

you should have ns1 and ns2... while you have ns4 pop and two external one.. you should fix that too...

use just ns1 and ns2 (using 2 different ips) for your nameserver for all domains.

Regards

Another curios thing:


>dig 64.34.192.206

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>> 64.34.192.206
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7802
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;64.34.192.206. IN A

;; AUTHORITY SECTION:
. 10705 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2011102501 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 89.97.218.93#53(89.97.218.93)
;; WHEN: Tue Oct 25 22:24:54 2011
;; MSG SIZE rcvd: 106




>dig 64.34.182.182

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>> 64.34.182.182
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56613
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;64.34.182.182. IN A

;; AUTHORITY SECTION:
. 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2011102501 1800 900 604800 86400

;; Query time: 30 msec
;; SERVER: 89.97.218.93#53(89.97.218.93)
;; WHEN: Tue Oct 25 22:25:19 2011
;; MSG SIZE rcvd: 106


Contacting just the IP work, asking them to be "nameserver" and give information for a domain doesnt work....

Thats strange, at this point i suggest you to reinstall named, or, hire someone to fix your server cause is a little messed up.

Regards

I was able to login to the box.

Everything appears to be correct...
When testing with forced tcp, it works fine.

However udp is not working at all.

Eg, this works remotely:
[root@server ~]# dig +tcp eonetworks.com @64.34.192.206 +nocomments

; <<>> DiG 9.3.3rc2 <<>> +tcp eonetworks.com @64.34.192.206 +nocomments
; (1 server found)
;; global options: printcmd
;eonetworks.com. IN A
eonetworks.com. 14400 IN A 64.34.182.182but when it uses udp, it doesn't work:
[root@server ~]# dig +notcp eonetworks.com @64.34.192.206 +nocomments

; <<>> DiG 9.3.3rc2 <<>> +notcp eonetworks.com @64.34.192.206 +nocomments
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reachedBut that's as far as I could get. I'm not sure what would cause udp to be blocked while tcp works fine.

Note that this behavior also exists on the box itself. The same results happen when doing a dig locally to the IP.

However, doing both udp/tcp digs to 127.0.0.1 works fine. But to the external IPs, they don't.

The named.conf is the default.

Some sort of udp block for the external IPs (from all IPs, including locally).. but I'm not sure where.

John

Also, you won't be getting an email reply from me.. as you sent it from the eonetworks.com domain.. so we'll just work on it here.

John

Shouldnt be a datacenter block?

The block also exists on the box itself. When doing @64.34.192.206 from the box itself (no external network would apply), it still didn't work with udp.

Then a firewall or some software is blocking it.

What about route settings?

Have you tryed stop iptables?

Indeed I've shut off iptables. If there is some other firewall, then it's beyond me (not sure what else is out there which may block just udp).

It could be a route, I'm not too farmilar with routing settings:
[root@eon1 ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
server12.bmbpar * 255.255.255.255 UH 0 0 0 eth0
p2400176.pubip. * 255.255.255.255 UH 0 0 0 eth0
64.34.192.192 * 255.255.255.224 U 0 0 0 eth0
64.34.182.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
default 64.34.192.193 0.0.0.0 UG 0 0 0 eth0However... from my understanding, they would be IP based.. and tcp/udp would be a networking level above the IP? If that's true.. when tcp works, then the routing would be correct... this would point back to some software or firewall blocking udp. (perhaps in named itself).

I've shut off iptables, confirmed the default named.conf is being used, and fully removed bind, bind-utils, bind-libs, and reinstall via yum. CentOS 5.7, 32-bit.

John

route -n

Yep, thats a very strange issue, and im heavy supposing it depend on a firewall.. but... if file /etc/hosts is not well set than maybe the ip request should be done going outside the network and coming back (not a local route lets say) and that would be the reason cause doesnt work locally..

This is just a suggestion, maybe will give you an idea about that...

Actually ive never saw something like that...

Also, you won't be getting an email reply from me.. as you sent it from the eonetworks.com domain.. so we'll just work on it here.

The link from "SeLLeRoNe" was not to a thread from user "EoNetworks" but from a different user "jiffy".

The forum thread startet almost a month ago, so please have a look now: http://directadmin.com/forum/showthread.php?t=41734 This have been going on for too long time. The user need this communication problem to be solved now.

[root@eon1 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
64.34.182.182 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
64.34.192.206 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
64.34.192.192 0.0.0.0 255.255.255.224 U 0 0 0 eth0
64.34.182.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 64.34.192.193 0.0.0.0 UG 0 0 0 eth0
[root@eon1 ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
64.34.192.206 p2400176.pubip.serverbeach.com p2400176
64.34.192.206 main.eonetworks.com
64.34.192.206 eon1.eonetworks.com
[root@eon1 ~]# hostname
eon1.eonetworks.com


I'll also leaning to the local firewall block theory.

Especially since +notcp @127.0.0.1 (using udp) works fine, but @64.34.192.206 and @64.34.182.182 does not (using udp).
Tcp works for all cases, including externally.

John

Thanks ditto, i did lost this reply from John :)

Yep i was relating to another important thread of a user that seems to be unable to comunicate with you.

Actually i dont have other ideas... selinux disabled, iptables disabled... hosts file not totally correct but should work...route seems ok (just the third ip have a different netmask and that should cause problem if is it wrong)...

ive read around on google someone was talking about /etc/hosts.deny that should be empty...

my english is not that good to try a best search on google for a so defined problem so i had no luck...

Here in italy actually is night, so, now i need to go sleep or tomorrow ill not be able to think to anythink...

But please, if you find a solution for this post it here that is always usefull learn something new.

Regards

i havent had any other firewalls installed. we dont reallt touch this server at all matter a fact for months.

DC also having problems getting this to work, I grab the backup and i need get this server up so i downloading the 14gb backup and having them reload OS

personally, i think is hacked. going have to clean wipe and reload and restore.

Yep at this point wipe the box and reinstall would be suggested.

Regards

Yep at this point wipe the box and reinstall would be suggested.

Regards


Ok, box is wiped... fresh OS! new DA still same problem..

Did you verify that named is actually listening on udp port? I dont see how if you do a local lookup on the box it still wont work.

Do this and make sure it says udp and tcp:



netstat -na | grep 53

I'm still not sure where the problem lies, but I'm going to look here:

eonetworks.com. 172800 IN NS ns4.eonetworks.com.
eonetworks.com. 172800 IN NS pop.eonetworks.com.
eonetworks.com. 172800 IN NS pop.dns-stn.com.
eonetworks.com. 172800 IN NS plus.googlelife.us.
The above comes from a dig trace. This comes from the nameservers registered at your registrar where the domain is registered.

I can't find NS records for any of these. This could be because they're all pointing to your broken server. Are they?

But did you register these nameserves anywhere? ns4.eonetworks.com appears to be registered at 64.34.182.182. Is that an IP# pointing to your server? If so, then probably something is broken because neither apache, nor exim, nor BIND is answering at that IP#.

What about the other nameservers?
[code]pop.EoNetworks.com. ['64.34.192.206']
pop.dns-stn.com. ['64.34.192.206']
plus.googlelife.us. [] (NO GLUE)[code]
pop.eonetworks.com and pop.dns-stn.com appear to be registered at the registrar at 64.34.192.206 and digs at those nameservers, by IP#, do work.

64.34.192.206 is working, and is responding to requests for apache, exim, and BIND. Is that IP# on your server?

And as for plus.googlelife.us, it appears it has never been registered as a nameserver at your registrar and therefore you should not be using it.

For me, the eonetworks.com site DOES work, and it resolves to a DirectAdmin placeholder. Is that where you expect it to resolve?

The only way I'm going to be able to resolve this is to do some forensic (investigative) work on your server. If you're interested in learning how to hire me, please send an email to the address below in my siglines. I do guarantee my work; if I can't fix the problem, I will refund your payment, based on the agreement we come to before we begin work.

Jeff

I'm still not sure where the problem lies, but I'm going to look here:

eonetworks.com. 172800 IN NS ns4.eonetworks.com.
eonetworks.com. 172800 IN NS pop.eonetworks.com.
eonetworks.com. 172800 IN NS pop.dns-stn.com.
eonetworks.com. 172800 IN NS plus.googlelife.us.
The above comes from a dig trace. This comes from the nameservers registered at your registrar where the domain is registered.

I can't find NS records for any of these. This could be because they're all pointing to your broken server. Are they?

But did you register these nameserves anywhere? ns4.eonetworks.com appears to be registered at 64.34.182.182. Is that an IP# pointing to your server? If so, then probably something is broken because neither apache, nor exim, nor BIND is answering at that IP#.

What about the other nameservers?
[code]pop.EoNetworks.com. ['64.34.192.206']
pop.dns-stn.com. ['64.34.192.206']
plus.googlelife.us. [] (NO GLUE)[code]
pop.eonetworks.com and pop.dns-stn.com appear to be registered at the registrar at 64.34.192.206 and digs at those nameservers, by IP#, do work.

64.34.192.206 is working, and is responding to requests for apache, exim, and BIND. Is that IP# on your server?

And as for plus.googlelife.us, it appears it has never been registered as a nameserver at your registrar and therefore you should not be using it.

For me, the eonetworks.com site DOES work, and it resolves to a DirectAdmin placeholder. Is that where you expect it to resolve?

The only way I'm going to be able to resolve this is to do some forensic (investigative) work on your server. If you're interested in learning how to hire me, please send an email to the address below in my siglines. I do guarantee my work; if I can't fix the problem, I will refund your payment, based on the agreement we come to before we begin work.

Jeff

Hi Jeff long time no hear :) is Ivan.

all works now restoring, but i noticed these attacks
199.180.131.179 1436 Oct 26 23:35 Oct 26 23:35 Yes IP Info
202.102.89.81 770 Oct 26 23:35 Oct 26 23:35 Yes IP Info

i had to block it in the deny area, once i block them everything was working (should of look there before the new os and all this restoring)

Can we add a option right after "IP Info" with " block " ? or auto block after so many failed?

There are a few firewalls discussed on these forums which will automatically block. I'm in testing mode now; I don't generally like automatic blocking. For example during my testing I accidentally locked myself out of the test server I was on.

In my opinion if you autoblock, unless you have static IP# from your office and can whitelist yourself, you may want to set up a startup script so your firewall won't start for five minutes after a system start. That way as long as you have remote power switch, if you lock yourself out you can restart your server and log back in before the firewall kicks in.

Or consider another method, such as wiping the last hour or two of entries (if you can track that) on system start.

I don't have any easy answers yet.

Jeff