DNS Questions

[mferry]

I want to start to use WHM/cPanel on my shared servers for my clients.
DNS is currently being done by BIND/MyDNS on ns.domain.com (Primary)

ns1.domain.com, ns2.domain.com, ns3.domain.com, ns4.domain.com, ns5.domain.com are all slave servers.
All in different data centers. 4 in the US and 1 in the UK.

The public registars only know about the slave servers (ns1 to ns5).
The primary server (ns.domain.com) is 100% in stealth mode.

We really like this configuration. Very little traffic/hits are going to our primary server.

In the move to WHM/cPanel, we would like to keep this design.

If I setup ns.domain.com as a WHM/DNS ONLY server and the WHM/cPanel hosts use 'ns.domain.com' as the DNS server, to make changes.

These changes then be zone transfered to the slave servers (ns1 to ns5).
The registar still only uses the slave servers.

Is this possible? Can this work?

I'm lost in the WHM/cPanel DNS requirements.

Thanks for any help/direction.
Matt

 

[MikeDVB]

Yes - it's possible to have a DNS server that you don't make public - it's as simple as not assigning any domains to it.

Sure - if somebody looks hard enough they can find it - you could always block port 53 or not assign an a-record to it.

DNS is really simple - it just takes domain names and turns them into IP addresses. cPanel's DNS does have the ability to synchronize between various DNS servers however you choose.

 

[mferry]

Yes - it's possible to have a DNS server that you don't make public - it's as simple as not assigning any domains to it.

I am not sure if I follow your example ---

1 -- I setup WHM/DNS ONLY on ns.domain.com
2 -- I setup WHM/cPanel on my web server hosts
3 -- The web server hosts will use 'ns.domain.com' as the DNS Server.
4 -- ns.domain.com will zone transfer all entries to ns1, ns2, ns3, ns4, ns5.domain.com
5 -- domain registars will use ns1 to ns5 for DNS resolution.

I would want to list my ns.domain.com (stealth server) because its where I want all DNS changes to be made.

Please advise.

Matt

 

[MikeDVB]

mferry, you are making this more complicated than it has to be.

You can set up any number of nameservers you want, assign whatever names to them you wish, have them synchronize between each other as you see fit, and assign various domains to them as you see fit.

Your 'stealth' server would just be a DNS server you set up to synchronize either both ways or simply synchronize outbound but that you don't actually assign a domain to - it's really as simple as that.

To make an example - say you nave ns1, ns2, and ns3 that your customers are using. You can set up another cPanel DNS ONLY server and have it synchronize to ns1,2,3 without ever actually using it for resolving domains - this would do exactly what you want.

Again - you're over-thinking/over-complicating this. If you still don't understand this I would suggest hiring a server administrator that's familiar with DNS.

 

[mferry]

Michael,

I been working with DNS for years. The issue here isn't my understanding of DNS, but the understanding of how WHM/cPanel works and what flexibity it has. I dont want to invest capital in WHM/cPanel and find out it will not operate as I had expected.

I am just trying to understand WHM/cPanel internal workings.

Your "to make an example" does answer my question about WHM/cPanel. Thank You.

 

[MikeDVB]

As I said - you have control over the synchronization between servers. To have a 'stealth' one is just like having a 'non-stealth' one - you just don't tell anybody about it or use it for anything [other than your own internal purposes].

I never went through the trouble of doing that - in our setup you can log into any server that handles DNS [and even ones that don't resolve DNS] and modify the DNS from there - so long as it's set to synchronize out the changes].