Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SOLVED Can I benefit from one DNSOnly or do I need two?

Discussion in 'Bind/DNS/Nameserver' started by ronaldst, Mar 11, 2018.

  1. ronaldst

    ronaldst Well-Known Member

    Joined:
    Feb 22, 2016
    Messages:
    73
    Likes Received:
    9
    Trophy Points:
    8
    Location:
    Norway
    cPanel Access Level:
    Root Administrator
    I have a small VPS in another datacenter, and cosider running DNS Only on it. I have read up a little on the DNS cluster configuration, and it seem that any logical setup requires two DNS Only servers. I'm having a hard time to wrap my head around this, dns is probably my weakest area of expertise.

    I got two dedicated servers with their own nameservers running. My current setup:
    server1.domain.com (running ns5.domain.com, ns6.domain.com)
    server2.domain.com (running ns7.domain.com, ns8.domain.com)

    vps1.domain.com (dnsonly, ns1.domain.com, ns2.domain.com)

    Is there any benefit of running this kind of setup and how would it best be configured?
     
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,214
    Likes Received:
    1,936
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    There's still a benefit from using DNS clustering with a single DNSOnly server. It adds redundancy in the event the web server fails because the name server is hosted outside of the primary web server. You would enable clustering and then configure NS5, NS6, NS7, and NS8 to IP addresses associated with the DNSOnly server.

    Guide to DNS Cluster Configurations - cPanel Knowledge Base - cPanel Documentation

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. ronaldst

    ronaldst Well-Known Member

    Joined:
    Feb 22, 2016
    Messages:
    73
    Likes Received:
    9
    Trophy Points:
    8
    Location:
    Norway
    cPanel Access Level:
    Root Administrator
    I apologize for my clumsyness on this one. How exactly is this done?

    If I understand this correctly I am to enable clustering ("DNS Cluster" in WHM) on server1.domain.com and server2.domain.com, and on vps1.domain.com.

    This leaves me with the option "Add a new server to the cluster", where I am prompted to enter "Remote cPanel & WHM DNS host", "Remote server username" and "Remote server API token or access hash". Once I type in a host, I am also given a "Generate API Token" option, so I assume this is the way to go.

    These things aren't explained in the documentation, and as I said before, understanding how the DNS cluster and configurations are set is something I'm not grasping at the moment.
     
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,214
    Likes Received:
    1,936
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    You actually only need to configure clustering on the two web servers using the "WHM >> DNS Cluster" option. Use this option via WHM on each web server to add the DNSONLY server. You can choose "Synchronize" or "Write-Only" as the DNS role when doing this:
    If you use "Synchronize" instead of "Write-Only" as the DNS roles, then it will prevent the creation of a DNS zone on any hosting server in the cluster if it already exists (e.g. Customer on Web Server 1 can't create addondomain123.tld if a customer on Web Server 2 has already created addondomain123.tld).

    Also, remember to enable "Setup Reverse Trust Relationship" for the DNSONLY server you add when configure clustering using the "WHM >> DNS Cluster" option on the web servers. If you select this option, you will not need to log in to WHM's DNS Cluster interface on the remote DNSONLY server.

    As far as the authentication credentials, that's explained on the following document:

    DNS Cluster - Version 70 Documentation - cPanel Documentation

    Let us know if you have any additional questions.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. ronaldst

    ronaldst Well-Known Member

    Joined:
    Feb 22, 2016
    Messages:
    73
    Likes Received:
    9
    Trophy Points:
    8
    Location:
    Norway
    cPanel Access Level:
    Root Administrator
    That makes things a lot clearer, thank you.

    Once this is set, do I assume correctly if my server domain should point from my registrar (godaddy) to ns1/ns2 on vps1?

    Am I correct to keep running ns6/7 on server1, and ns7/8 on server2?

    Do I change the nameservers in WHM on server1 to use ns1/ns2/ns6, and server2 to use ns1/ns2/ns8? Or do I keep them as is once the cluster is set up?
     
  6. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,214
    Likes Received:
    1,936
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    The most common approach would be to create two name servers at the domain registrar. EX:

    ns1.domain.tld - DNS-Only IP Address
    ns2.domain.tld - DNS-Only IP Address

    Then, set ns1.domain.tld and ns2.domain.tld as your default name servers for both hosting servers in "WHM >> Basic WebHost Manager Setup". Once you do this, you would change the name servers for each domain name at their domain registrars so they use
    "ns1.domain.tld" and "ns2.domain.tld". This way, if you ever want to transfer an account from one hosting server to another, the customer does not have to alter their name servers.

    That said, as long as the existing name servers are setup at the domain registrar to point to the DNS-Only IP addresses, you can continue using the existing name servers (e.g. NS6/NS7) without issue. EX:

    ns1.domain.tld - DNS-Only IP 10.1.1.2
    ns2.domain.tld - DNS-Only IP 10.1.1.3
    ns6.domain.tld - DNS-Only IP 10.1.1.2
    ns7.domain.tld - DNS-Only IP 10.1.1.3

    It's acceptable to use the same IP address for multiple name servers at the registrar.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. ronaldst

    ronaldst Well-Known Member

    Joined:
    Feb 22, 2016
    Messages:
    73
    Likes Received:
    9
    Trophy Points:
    8
    Location:
    Norway
    cPanel Access Level:
    Root Administrator
    Thank you, appreciate the detailed guidance on this.

    I have set everything up on server1.domain.com and vps1.domain.com (dnsonly) for testing. Things seem to be working fine, I do however have issues on the main domain now, and a few questions still. Let me explain.

    First off, I've enabled DNS Cluster on vps1.domain.com, and I've created API Tokens on the vps1.domain.com (dnsonly) with the privileges "Account Information, DNS, Clustering" (recursive, all options in those categories).

    On server1.domain.com I've added ns1.domain.com and ns2.domain.com in the DNS Cluster configuration. I've choosen "Setup Reverse Trust Relationship" and enabled "Debug mode". I've chosen "Write Only" for DNS Role.

    I have not done anything on the DNS Only server other than that. Have not linked any API Tokens located on server1.domain.com.

    I've changed nameservers at the registrar to ns1.domain.com and ns2.domain.com on the main domain (domain.com). I've also "Edited DNS Zone" on domains bound to accounts on server1.domain.com (example.account1.com, example.account2.com and so on) to use ns1.domain.com and ns2.domain.com.

    The result is good, the domain server2.domain.com, server3.domain.com, and the account domains are resolving, email is working and so on.

    However, my main domain is not resolving. I got an account on server1.domain.com where the server domain's website is hosted from (www.domain.com, shared ip to server1.domain.com) and this, is not resolving. I am thinking I have missed something, but I am not able to figure out what.

    I've edited the nameservers in "Edit DNS Zone" for www.domain.com to use ns6.domain.com and ns7.domain.com (which still runs and points to server1.domain.com dns server), and it is now working.

    Is this normal behaviour or have I missed something?

    Thanks again.
     
    #7 ronaldst, Mar 14, 2018
    Last edited: Mar 14, 2018
  8. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,214
    Likes Received:
    1,936
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    To clarify, did you add two servers to the cluster? You should have only added the single DNS-Only server here since both NS1 and NS2 point to the DNS-Only server.

    Generally, there's no separate DNS zone for the "www" subdomain. Instead, "www" is simply an alias an exists as a record in the DNS zone of the parent domain (e.g. domain.com). Were you just using "www" as an example? If so, then it's possible that updating the zone is what solved the issue as opposed to changing the name servers in the zone. For instance, if you change the name servers back to NS1 and NS2 in the zone, does the issue occur again?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. ronaldst

    ronaldst Well-Known Member

    Joined:
    Feb 22, 2016
    Messages:
    73
    Likes Received:
    9
    Trophy Points:
    8
    Location:
    Norway
    cPanel Access Level:
    Root Administrator
    That does make sense now, I should have realized. I have removed ns2.domain.com from the Cluster.

    It was only an example. I was referring to domain.com. I have changed the zone back to ns1/ns2 and it does seem to be working as intended now.

    I tested domain.com in pingdom's dns check tool, and some errors shows up.
    Delegation
    Name servers listed at parent: ns1.domain.com,ns2.domain.com
    Name servers listed at child: ns7.domain.com,ns8.domain.com
    Superfluous name server listed at parent: ns1.domain.com
    Superfluous name server listed at parent: ns2.domain.com
    Total parent/child glue mismatch.

    Additional name server listed at child: ns7.domain.com
    Additional name server listed at child: ns8.domain.com
    No IPv6 name servers found.
    Parent glue for domain.com found: ns1.domain.com (ip.ip.ip.213)
    Parent glue for domain.com found: ns2.domain.com (ip.ip.ip.214)
    Checking glue for ns1.domain.com (ip.ip.ip.213).
    Child glue for domain.com found: ns1.domain.com (ip.ip.ip.213)
    Checking glue for ns2.domain.com (ip.ip.ip.214).
    Child glue for domain.com found: ns2.domain.com (ip.ip.ip.214)
    Parent glue for domain.com found: ns1.domain.com (ip.ip.ip.213)
    Parent glue for domain.com found: ns2.domain.com (ip.ip.ip.214)

    At this point I have not done anything with ns7/ns8. These are running on their separate IP's and have zones listed on server1. Are you able to shed any light on this?

    Thanks again!
     
  10. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,214
    Likes Received:
    1,936
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    I'm glad to see the DNS is propagating well now. The warning messages from that online checker appear because the DNS zone for that domain name uses NS7/NS8 instead of NS1/NS2. You can update the name servers for this domain name at the domain registrar or in it's DNS zone to ensure they match. That said, those are just warning messages and shouldn't actually affect DNS propagation unless the IP addresses were different.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    ronaldst likes this.
  11. ronaldst

    ronaldst Well-Known Member

    Joined:
    Feb 22, 2016
    Messages:
    73
    Likes Received:
    9
    Trophy Points:
    8
    Location:
    Norway
    cPanel Access Level:
    Root Administrator
    Great. You have helped me in so many ways in this thread, and I want you to know I appreciate you have taken time to look at this. Thanks!
     
    cPanelMichael likes this.
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice