bind/DNS setup in WHM/cpanel is faulty!

[cyberspirit]

The way WHM/cpanel sets up bind is that the default TTL time for records is 14400 seconds which is 4 hours. But the refresh time for secondary (and more) DNS servers is set to 8 hours! That of course does not work. It would mean that if you change a record in the primary DNS server that after 4 hours a client could get mixed answers depending on which DNS server is used for the query. And DNS servers are used not in an order like some believe!
Of course some will say that there is a notify message sent after changes but these messages do fail.
So one rule is to always set the refresh time to the same or lower value than the TTL time of the zone or the lowest record!
So if Josh or Nick see this please make sure you change the defaults in the next update!!!

 

[amdmachine]

You can edit the correct files yourself and change the default TTL time.

Or you can just do what I did, and make a script automatically resync all DNS entries on your secondary DNS server every 4 hours;

See this thread: http://forums.cpanel.net/showthread.php?s=&threadid=19457

 

[cyberspirit]

amdmachine,
The whole purpose of DNS is to be self-sufficient!
If set up right DNS needs to no syncing scripts. Of course there are always ways to tweak things or correct behaviour.
But if set up right DNS works very reliably and the way bind is set up with cpanel it does not.
For example bind in cpanel allows recursive queries and is open to zonetransfer requests from just anyone!
This would not pass any security check in a larger corporation and I have pointed this out over and over again but no change!