DNS-Cluster not syncing back entries

Dominik_H

Registered
Feb 29, 2012
2
0
51
cPanel Access Level
Root Administrator
Hi,

i have a qestion about the dns-clustering combinated with multiple whm instances.

I have three dns-servers with the dns-only version of cpanel and two different whm servers.

The first server has the three dns-servers in "synchronize changes" added and everything working fine.
This server is unsed for us to privide customer hosting-accounts. (called whm1)

The problem is that i want to use the dns-cluster with a second whm instance as dns-mirror. This whm-instance is a customer vServer and he uses it as reseller. (called whm2)

So i don´t want that he can see and change my dns-records created on the first whm-server. (whm1)
But when i add the cluster to the whm2-server he also gets all the dns-entrys on the cluster.

Is there a way to solve my problem or is this a limitation to the dns-cluster mechanism.

thanks and greetings

Dominik
 

cPGoodJosh

Member
Staff member
Mar 6, 2012
5
0
51
Houston
cPanel Access Level
Root Administrator
Hello,

I do realize this post was about a month ago now, but I did want to respond in case you were still having issues and for future reference if anyone else is having an issue along the same lines. If you have resolved it other than the way I describe below, please reply back and let me know.

For a DNS cluster, your primary server should be set to 'synchronize changes' if you want all the servers below it to have the same records as it, which is usually what's desired. However, if I understand what you're wanting, you want whm2 to not be able to change the records pushed to it by whm1. Unfortunately, without changing permissions to read only for /var/named (which would not allow the cluster to sync to whm2 any more) you can't really do that. If they have root access, they'll still be able to edit those zones locally. However, there is good news. On whm2 in WHM Main >> Clustering/Remote Access >> Configure Cluster, you can make sure that whm1 is listed as 'Standalone' so that way those changes aren't pushed out to whm1.

Now, here's a small diagram of how that will work.

Change made to zone on whm1 ---> zone updated on whm2.
Change made to zone on whm2 ---- not updated on whm1.

With that set up, while they may be able to change the zone files there, any pushes or updates from whm1 will overwrite those changes.

Now, if you don't want whm2 to have any of the records in whm1, then unfortunately you'll have to exclude them from the cluster, as, while it may be technically possible, it does defeat the purpose of the dns cluster.

I hope this helps you out and feel free to ask more questions if you have them!

Edit:

Added an attachment of a simple flowchart showing how records are synced. Notice that the arrows go in one direction from whm1 and not back towards whm1
dns_cluster.png