SOLVED How to switch existing DNS Cluster (4 DNS-Only nameservers) to PowerDNS?

[electric]

Hello,

Our four DNS-Only servers are used as ns1/ns2/ns3/ns4 for all our shared web hosting servers. (Each shared hosting server is configured to send DNS updates to all 4 DNS-Only servers with "Syncronize Changes" setting.)

Right now, all the servers (shared hosting and dns-only) are configured to use BIND.

We want to switch them to use PowerDNS.

Is this possible? Is there anything we need to do to make the switch? Will all the existing zonefiles automatically be updated with the new system?

Can we run some of the DNS-Only nameservers using BIND and some using PowerDNS? (Are they incompatible? Does it matter which system is used by each server?)

Thanks!

 

[cPanelLauren]

Right now, all the servers (shared hosting and dns-only) are configured to use BIND.

We want to switch them to use PowerDNS.

Is this possible? Is there anything we need to do to make the switch? Will all the existing zonefiles automatically be updated with the new system?

Since our PowerDNS implementation uses a bind backend nothing here will change so all of your existing zonefiles will stay the same

Can we run some of the DNS-Only nameservers using BIND and some using PowerDNS? (Are they incompatible? Does it matter which system is used by each server?)

I'm not aware of any issue with using BIND on a server while a cluster member has PowerDNS

 

[ffeingol]

@cPanelLauren As I read it, that's not what he asked. As I read it, he is asking of all the DNSOnly servers have to be one or the other.

Can we run some of the DNS-Only nameservers using BIND and some using PowerDNS? (Are they incompatible? Does it matter which system is used by each server?)

As far as I know you can technically do that, you really would not want to do it for long. The "Issue" is if you want to enable DNSSEC. PowerDNS supports it and Bind does not. I don't believe that it will allow you to enable the DNSSEC feature while there is a Bind server in the cluster. If you don't care about DNSSEC, then it's a non issue.

Having said that, you'll very much enjoy PDNS over Bind. PDNS starts up very fast and is very lightweight. Bind, not so much.

 

[rivermobster]

@cPanelLauren

I came across this thread in a Google search, and want to enable DNSSEC on my server as well.

If I Just make the change in WHM Home > Service Configuration > Nameserver selection to PowerDNS, will I need to make any other changes in WHM at all, to enable DNSSEC?

Notes: This is a new server. BIND is set as the default. I will be the only one accessing the server and it's related cPanel accounts, after they are migrated there.

Thanks so much!

-Joe

 

[cPRex]

@rivermobster - all you need to do is make the switch, as PowerDNS has DNSSEC support. You'll still need to create the keys and hand them off to teh registrar, but nothing additional needs to happen in order to make the server support that. You can find more details here:

DNSSEC | cPanel & WHM Documentation

DNSSEC adds a layer of security to your domains' DNS records.

docs.cpanel.net

 

[rivermobster]

@rivermobster - all you need to do is make the switch, as PowerDNS has DNSSEC support. You'll still need to create the keys and hand them off to teh registrar, but nothing additional needs to happen in order to make the server support that. You can find more details here:

DNSSEC | cPanel & WHM Documentation

DNSSEC adds a layer of security to your domains' DNS records.

docs.cpanel.net

Cool bro. Thanks. :thumbsup:

 

[cPRex]

You're welcome!