Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DNSCluster with DNSOnly Questions

Discussion in 'Bind/DNS/Nameserver' started by ronaldst, Apr 26, 2018.

  1. ronaldst

    ronaldst Well-Known Member

    Feb 22, 2016
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    I have two dedicated web servers running WHM, and one VPS running DNSOnly. My DNSOnly server recently had a disk failure and I realized my redundancy isn't at the level I need it to be. I have acquired second VPS to run another DNSOnly server.

    After fiddling about on my own I am left with a few questions regarding the proper way of setting up DNS Cluster, and in particular how to configurate the zone files for my nameservers.

    Overview of my setup (running, (running, (running, (running,

    Each nameserver is running on a dedicated IP address, in current setup a total of 8 IP's just for nameservers. I don't know if this is the optimal setup but it seem to be the logical thing to do.

    I've set the domain to use ns1, ns2, ns3, ns4 to be used at the registrar (GoDaddy in this case). I've also added a hostname (and their IP's) to each of the servers/vps/nameservers.

    On and, I've added (WHM - Clusters - DNS Cluster) and to "Write Only" configuration, and enabled "Reverse Trust".

    On vps1 and vps2 I have "Enable DNS Cluster", but not added any servers to the list.

    Now comes the part where I am having issues, and will keep this part to server1 to simplify things. At this point I haven't done any extra configuration to server2 as I am seeing issues with my setup already.


    I have used "Add DNS Zone" and added a zone for vps1, vps2, ns1, ns2, ns3 and ns4. One zone for each. I also added A records to for ns3 and ns4.

    My zone file looks like this (edited to show relevant info only)
    Code:     86400   IN      SOA     86400   IN      NS     86400   IN      NS     86400   IN      NS     86400   IN      NS
    ns7                14400   IN      A
    ns8             14400   IN      A     14400   IN      A
    ns1             14400   IN      A
    ns2             14400   IN      A
    ns3             14400     IN         A
    ns4             14400     IN         A
    My file looks like this (edited to show relevant info only)
    Code:  86400   IN      SOA  86400   IN      NS  86400   IN      NS  14400   IN      A
    My SOA record show
    Code:  86400   IN      SOA
    What puts me off here is that ns1 SOA points to ns7. ns2 SOA points to ns1. Am I supposed to point ns3 to ns7, and ns4 to ns3 and follow the same pattern? This is what I did:

    ns3 SOA now points to ns4 SOA points to

    (but I realize that I am now over my head and I am again having such struggle with DNS. It's the one topic my brain just fails to understand the logic of)

    Using DNS Check tool at pingdom I am not getting any errors on

    However, if I run DNS Check on ns1, ns2 they come up with errors:

    - Failed to find name servers of

    - No name servers found at child.
    No name servers could be found at the child. This usually means that the child is not configured to answer queries about the zone.

    - Not enough nameserver information was found to test the zone, but an IP address lookup succeeded in spite of that.

    DNS Check on and has no errors.

    Is anyone able to enlighten me on what these errors are, and what I am doing wrong here?

    What should the zone files of ns1,ns2,ns3,ns4 look like? What should SOA point to and should there be A and NS records for each nameserver in each zone file?

    What about server2,ns9,ns10. How do I puzzle all of this together?

    Thank you.
  2. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Nov 14, 2017
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    DataCenter Provider
    Hi @ronaldst

    The SOA (Start Of Authority) defaults to the primary nameserver or the 1st nameserver in the nameserver list for the domain.

    Personally, I keep them all in the same zone file - so would carry ns1-ns8 NS records and A records and both should be present - this, in my opinion, helps keep things organized and there's less management of separate zone files. This should automatically be synchronized to the secondary servers in the cluster.

    All of these indicate that the nameservers aren't being recognized when doing a DNS lookup at some point it fails to retrieve the A record from the child record indicating that one one or more of the servers (besides the authoritative) the NS record is not present.

Share This Page