jeffschips

Well-Known Member
Jun 5, 2016
221
23
68
new york
cPanel Access Level
Root Administrator
Hello - I'm running WHM/Cpanel where my DNS servers also exist. I've been told I need more than one dns server for reduancy and speed, ideally geographically separated.

That part I understand. What I don't understand is how to create another DNS server or use another DNS server - for example, some of my domains are registered with domains.google.com and they offer their dns servers, which seems fine and dandy but how does using their dns servers make their dns servers or my dns server at cpanel "redundant", "primary" or "Secondary"?

It would seem I am simply replacing one with another.
 

rackaid

Well-Known Member
Jan 18, 2003
89
28
168
Jacksonville, FL
cPanel Access Level
DataCenter Provider
WHM does not support secondary DNS systems (at least via the control panel). You have to configure this at the command line.

Before you worry about this too much, keep in mind you may not even need secondary DNS.

Why Secondary DNS?
I see the recommendation for secondary DNS all of the time, especially in DNS tools and various speed tools.

This recommendation is an old one and originates from a time when services, such as email, hosting, directories, ftp servers, etc where on different servers and perhaps even different networks. You would not want a DNS server outage to cause all of your services to be offline.

So you setup multiple DNS systems to eliminate a single point of failure. (SPOF).

When is Secondary DNS Not Needed?
If you are running all of your services (Email, web, etc, dns) from your server, you already have a SPOF. If your server is down, having DNS up is not really going to matter too much. Resolving a website's A record is largely useless if the site is down.

Given that secondary servers can get out of sync and serve up old records, I prefer not to even bother with secondary DNS on WHM systems.

Most performance claims are exaggerated. Usually you are looking at less than 100ms between a globally distributed DNS system and a single server system.

But, secondary DNS is still useful...
Now, if you use 3rd party services, such as G-suite or Office365, then having Secondary DNS is beneficial. This way even if your server is down your email continues to function.

In this case, you need to ask how many domains do you have, do they all use 3rd party email or not? And there are a few other concerns about where to host your DNS.
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,273
313
Houston
Hello,

@rackaid that's not entirely correct. The recommendation is usually to have nameservers assigned IPs in different subnets with the intention of them being in different geographical locations and preferably relying on different providers - this alleviates SPOF issues in a lot of cases. This doesn't necessarily mean secondary DNS, this can also mean A DNS Cluster, but really if you think about what Secondary DNS is, it can also be a DNS Cluster - just swap out Master/Slave or Primary/Secondary with Nameserver/Intermediary.

This is touched on here Guide to DNS Cluster Configurations | cPanel & WHM Documentation

Why should I implement a DNS cluster?
If your nameservers exist in different geographical locations and one fails, DNS clusters allow you to maintain DNS functionality. Visitors can still reach the websites that your server hosts. DNS clusters also allow visitors to reach websites more quickly than they could if only one nameserver processes all of the DNS requests.
WHM does not support secondary DNS systems (at least via the control panel). You have to configure this at the command line.
We do technically support this configuration, you would just need to implement a DNS cluster to achieve this. This would allow you to have NS in different subnets from each other -
  • i.e., I have 1 nameserver in a DC in Houston TX and 1 nameserver in a DC in New York; if the New York DC loses power because of a catastrophic event, the Houston nameserver is still able to resolve queries for my domains. Pending my server is still up DNS functionality remains in tact.

this is what's meant by the suggestion.

It almost sounds like you're suggesting failover DNS rather than Secondary DNS here. Secondary DNS is defined as the following:
https://ns1.com/resources/what-exactly-is-secondary-dns said:
The secondary (slave) DNS server is an authoritative server that obtains information about a zone from the primary server via zone transfer. (RFC 2182) The secondary DNS server is slaved to the primary server.
And in a lot of cases it looks like this:
Screenshot at Feb 20 17-19-15.png

Direct Linking DNS clustering (the most preferrable method) looks like this where the number of direct links to DNS servers from the web server can be unlimited

DNSCLUSTER.png

Intermediary DNS Clustering is essentially the same thing as secondary DNS - just the name is changed (and the arrow position if you're this diagram):
Screenshot at Feb 20 17-22-30.png

With DNS clustering in any method, if you have geographically separated services you encounter the same benefits you would if you were using a 3rd party service for DNS Hosting.

What we don't necessarily have any configuration for in WHM Is remote DNS, namely because...well....it's remote.

@jeffschips If you're using a 3rd party to host your DNS - unless you're using a provider specifically for redundancy or speed this in a lot of cases will make no difference. Clustering can make DNS Resolution a bit faster if the servers are geographically separated since you offload the work on to both (or several servers) but you don't end up with much of any notable speed increase until you start getting into the territory of CDN's (Content Delivery Networks) such as those associated with CloudFlare, which is an instance in which using their 3rd party DNS hosting services you will end up noting a speed increase due to the caching and wide geolocation of their servers.
 
Last edited:
  • Like
Reactions: mlopez

jeffschips

Well-Known Member
Jun 5, 2016
221
23
68
new york
cPanel Access Level
Root Administrator
So if I wanted a dns server say in California to handle requests for my websites hosted in New Jersey and running cpanel which already has a dns server, said Callifornia dns server in use ONLY to handle dns then, my original question stands: how or what is needed in California and do my records in Cpanel change in any way?

Said simply, how does one go about setting this kind of thing up?
 
  • Like
Reactions: mlopez

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,273
313
Houston
To set something like this up in a way that's supported by cPanel you'd do something like the following:

- Get a server in California
- Get a server wherever else *optional
- Install DNSOnly on both (or the 1 if you chose that route)
- change the hostname/s to what you'd like the nameservers to be ns1.domain.tld/ns2.domain.tld etc.
- Enable DNS Clustering on your webserver per the guide
- Records will synchronize automatically


This changes nothing on your cPanel web server but it does host the DNS zone files on your DNS Only servers
NS IP's at the registrar, and in your DNS Zone files would need to be updated to the DNSOnly Server IP's
 

mlopez

Well-Known Member
Dec 17, 2020
54
7
8
Maldonado - Uruguay
cPanel Access Level
Root Administrator
Twitter
Hey @cPanelLauren,

I'm not quite understanding, even though I read the documentation.
Let me ask you using an example:
I've got a cPanel & WHM server (DNS, Web, etc.) in location A
Is it better to have another (just one) cPanel DNS-Only server in location B to have a copy of DNS Zones enabling DNS Cluster?
This set up is called Secondary DNS, right? Master (cPanel & WHM server) - Slave (cPanel DNS-Only server)

Why documentation says this is not recommended?
Important:
  • We recommend that you do not set up the nameserver to synchronize data to a cPanel & WHM server, because this creates extraneous zones on the cPanel & WHM server.
Is there a better way of set up this two nameservers?

Thank you!
 

mlopez

Well-Known Member
Dec 17, 2020
54
7
8
Maldonado - Uruguay
cPanel Access Level
Root Administrator
Twitter
@mlopez - the documentation is just saying that we don't recommend you sync from the DNSOnly machine down to the cPanel server. This results in DNS zones on a webserver that aren't related to any account, causing potential confusion in the cluster.
Understood, @cPRex

What about the other questions? Can you help me with that too?

Regards
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
7,519
1,028
313
cPanel Access Level
Root Administrator
I didn't really see another specific question there - it all read as one large question to me.

A typical DNS Cluster has one (or more) webservers synced up to one (or more) DNSOnly systems, where changes made on the webserver get automatically pushed to the DNSOnly machines. This can add redundancy based on geographic location or just having multiple machines to serve the DNS in case one goes offline.
 
  • Like
Reactions: mlopez