How to exclude a DNS zone from pushing to a write-only DNS cluster member

Operating System & Version
CLOUDLINUX 7.9
cPanel & WHM Version
v90.0.17

saltmania

Registered
Nov 19, 2020
2
1
3
Canada
cPanel Access Level
Root Administrator
Hi cPanel,

We have a scenario where a third party IT company wants to purchase use of our DNS-Only host as an offsite DNS for their own completely separate WHM environment. I'm anticipating some conflicts in the case of a handful of cPanel accounts we host websites for but that they host and manage DNS for on their own WHM host.

As the IT company is arms length we're using write-only because we don't want either WHM hosts to see each others' zones and our example cluster looks like:

Web Host (zone-a.com, zone-b.com, zone-c.com) > write-only > DNS-Only Host < write-only < IT Host (zone-1.net, zone-b.com, zone-3.net)

zone-b.com represents a potential conflict and IT Host needs to be authoritative but I assumed, based on the docs, that we could use Unique DNS Clustering to mitigate this.

So I created a reseller account, let's call it DoNotSync, on Web Host and made it owner of zone-b.com and then enabled 'Unique DNS Clustering...' for DoNotSync without specifying a cluster member. I assumed that because unique clustering is enabled it would not use the root cluster settings but it still does regardless and the zone replicate from Web Host to DNS-Only Host. I also tried the inverse, where there is no root DNS cluster peer, but instead specifying only a reseller with unique clustering enabled, but whenever I add the server here, it also adds to root which is weird behavior; perhaps this has something to do with this warning in the docs?:
"Resellers can only change a DNS server’s role to the Synchronize or Write-only settings if the root user adds that server to the DNS cluster. "

Is there a way to tell Web Host not to replicate certain zones to the write-only cluster member? Unique DNS Clustering and dummy reseller account does not seem to accomplish this.

Thanks!
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
5,425
697
313
cPanel Access Level
Root Administrator
Hey there! Currently there isn't a way to exclude certain zones from the DNS cluster so I don't have any good recommendations for achieving that. This might be a good item for a feature request, which you can open using the link in my signature below.
 

saltmania

Registered
Nov 19, 2020
2
1
3
Canada
cPanel Access Level
Root Administrator
Hey there! Currently there isn't a way to exclude certain zones from the DNS cluster so I don't have any good recommendations for achieving that. This might be a good item for a feature request, which you can open using the link in my signature below.
Thanks Rex, I will submit this feature request. It's not a common scenario, but it would still be useful.
 
  • Like
Reactions: cPRex