DNS Cluster Security - Addon/Shared domains

[jared555]

What happens if user A on server 1 has domain usera.com and user B on server 2 tries to add an addon domain for the domain usera.com when server 1 and 2 are in the same cluster? Does it get rejected because the zone already exists, overwrite the existing zone or block the request?

If it is anything but block is there any way to reconfigure cPanel to make sure it is blocked?

 

[cPanelMichael]

Hello

Assuming the DNS role is set to synchronize changes from the hosting server to the cluster, then users are prevented from creating domain names that already exist in the cluster. If you set a server in a DNS cluster to the write-only role, WHM will not check whether a DNS zone exists before you create an account. Because of this, it is possible to create the same domain name on two or more of these servers. If this occurs, the servers will compete for updates to that domain.

Thank you.

 

[jared555]

I assume, then, if using a service that doesn't synchronize back to cPanel it would be best to have all of the clustered servers connect together and then use one central server to do the syncronization with the external service?

 

[cPanelMichael]

I assume, then, if using a service that doesn't synchronize back to cPanel it would be best to have all of the clustered servers connect together and then use one central server to do the syncronization with the external service?

Could you provide a diagram or clarify what type of setup this is? It's recommended to have the role on the DNS-Only servers configured to "Standalone" so that changes are not synced back to the hosting servers.

Thank you.