Cpanel will not overwrite existing dns entries anymore.

[WebHostPro]

When I try to move a account or restore a back up, I have to delete the dns first.

It used to just overwrite it.

Is this a bug or something or should I report as a bug. Thanks, Chaze

 

[chirpy]

Are you running EDGE? There was a thread a short time ago about migrating users between DNS cluster members where the transfer failed because the zone already existed and there was talk of having a Tweak Settings option or something similar to avoid the issue. It's possible that this has creeped into EDGE, though I'm only speculating because the change log is currently not being updated. Either way, I'd log it in bugzilla and/or raise a support ticket if you can easily recreate it.

 

[cPanelBilly]

Are you running EDGE? There was a thread a short time ago about migrating users between DNS cluster members where the transfer failed because the zone already existed and there was talk of having a Tweak Settings option or something similar to avoid the issue. It's possible that this has creeped into EDGE, though I'm only speculating because the change log is currently not being updated. Either way, I'd log it in bugzilla and/or raise a support ticket if you can easily recreate it.

Here is the issue with that.
If we allow DNS zones to be overridden then you cna hijack a domain if you are on the same cluster as it is on by adding the domain on a new server.
The retore accounts script just creates a new account and then restores the data, so there is no way for cPAnel to tell the difference between a transfer and a possible hijacking.

 

[chirpy]

That does make sense, but isn't it root that controls the transfer anyway so the risk is your own, or is this a reseller issue?

Billy, sorry for going off-topic, but do you know what's up with the ChangeLog:
http://forums.cpanel.net/showthread.php?t=40243

 

[WebHostPro]

Actually that was exactly my thought, since root is making the new account then it should have this right. But say you use cpanel with a dedicated server on the cluster then can the dedicated server webmaster change the dns of another server just because they have root access?

I see the issue,

Maybe you can add a option in the dns only version to change the dns of multiple dns zones to a certain i.p.? And let the transfer set up the account without needing to have no DNS.

Or add a option to the transfer tool that checks if the dns resolves to a pingable i.p. and if not let it change the dns. This might be a little shaky though.

Also a find and replace command does not work well since if the i.p. is 12.123.123.10 for example and you also use 12.123.123.104 on the dns server then it will change 12.123.123.104 i.p. since 12.123.123.10 is part of it.

 

[clook]

I'm happy to see this thread and maybe its time for us to do more tests on whether the dns clustering features is suitable for servers with reseller accounts.

When we previously did testing, a reseller on one hosting server in the cluster was able to wipe out the dns zone of another reseller on another server in the cluster by simply creating an account with the same domain then terminating it. For this reason, using our clustered dns servers was not an option for any server with resellers.

EDIT: In addition to the above, I'm happy this problem is finally getting looked at almost a year after I initially reported it via the ticket desk in great detail and was basically told we had to trust our resellers not to do this.

 

[Snowman30]

If i understand this thread correctly should we currently not be offering dns clustering to resellers?

ive got a couple of servers that we run between 2 operatiosn with each operation setup on these servers as a reseller, if i enable clustering on both resellers and on the standalone servers associated with both these will they conflict with each other?

what if a reseller has sites on 2 different servers can he cluster between them? or will this conflict with the root dns clustering between the servers?

 

[kris1351]

I argued this point with one of the newbie Cpanel support techs till I was blue in the face. With all the security issues in Cpanel they chose to lock out one of the good features of Cpanel. If you cannot transfer accounts from one server to another now without deleting the DNS record you have downtime for each account you move. It is extremely hard if you have to move several servers to new ones. It really makes a mess of things if you have a dedicated DNS only version of Cpanel as then you have to really do some work arounds. If root is doing the transfer then it should be able to overwrite the DNS entry. That said they even broke the restore account options on the same server. You cannot restore an account unless you delete the DNS record now.

 

[thehostinghut]

Man this is just a pain in the butt. There should be some kind of an option you can check to have it override the dns zone or not care if they are there. There is no point in using dns clustering at this point.

Makes it way to hard to move accounts around.


Tracy

 

[cPanelNick]

AFAIK this was fixed in EDGE. If this is not the case, please reopen this bugzilla id

http://bugzilla.cpanel.net/show_bug.cgi?id=2608

 

[thehostinghut]

Is this ever going to work again in other version? Like current or release version. I don't really use the edge version and really need this to work.

Tracy

 

[chirpy]

You either have to move to EDGE or wait until EDGE becomes CURRENT which becomes RELEASE down to STABLE. IIRC as mentioned recently, cPanel are trying to iron out all the current issues with a view to a new RELEASE tree with v10.5 soon.

 

[thehostinghut]

I will try Edge. I really don't like to use that one. But what the hey. I will see if I can transferr account around.

Tracy

 

[kris1351]

Edge has more bugs than it is worth currently. We haven't had a Current release in about 2 months now.