The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DNS Clustering - Hiding non authoriative zones

Discussion in 'Bind / DNS / Nameserver Issues' started by Snowman30, Nov 18, 2008.

  1. Snowman30

    Snowman30 Well-Known Member
    PartnerNOC

    Joined:
    Apr 7, 2002
    Messages:
    681
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    DataCenter Provider
    I am wondering when a cluster is setup and a range of servers are set up with a one way sync to a remote server running dns is there a way to hide the other servers dns records on those servers


    for example lets say we have 2 hosting servers with 100 domains on each and they both have a one way sync to another server

    that server obviously is authoriative for all 1000 zones but on each server after the cluster is enabled all non local zones are also viewable on both of the hosting servers

    so in effect this means that say you have 2 dedicated server clients setup this way both clients can see each others domains

    which isnt very secure or good...

    is there a way that in Edit DNS etc only the local servers domains are viewable?
     
  2. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    The DNS clustering is a full trust setup. There are no plans at this time to change that.
     
  3. Snowman30

    Snowman30 Well-Known Member
    PartnerNOC

    Joined:
    Apr 7, 2002
    Messages:
    681
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    DataCenter Provider
    ok that's fine i wasn't looking for a way to change the trust relationship, although if you setup a one way relationship i would expect to only see the local domains on the local server

    The issue when you have a lot of dedicated server clients with root access how do you give them a secure dns service if they can see everyone elses dns zones in the list?

    we setup some ded clients with reseller priveledges but it would be handy if there was a way to give them access to everything apart from the DNS

    the enable root access option in the reseller profile is great but perhaps as an alternative set permission levels for each section.

    obviously a reseller can only see their own dns entries so if we could limit them on that it would be the easiest solution
     
Loading...

Share This Page