Oh boy does this little dilemma have me a bit frazzled...
I have a small cluster of dedicated servers (using WHM DNS Clustering) and run my own DNS / name servers, and DNS is synced between all the servers. It has always worked very well even during migrations and nameserver IP changes in the past.
Recently I added a new server to the WHM DNS Cluster and, because I'm starting to phase out some old servers including the one that was in charge of "ns1" and "ns3" in my DNS nameservers list, I assigned "ns1" and "ns3" new IP addresses an re-registered / updated the nameserver registrations at my registrar, and proceeded with all of the usual steps when making this kind of change.
Now even though everything went well with the addition of the new box to the cluster and changing the IP's / updating registrations for ns1 and ns3 - for some strange reason a FEW of my customer's site's domain reports come back showing NS1 and NS3 as "not authoritative" for their sites / domains.
I'LL USE EXAMPLE NAMES AND IPS TO HELP EXPLAIN A BIT BETTER:
Let's say for the domain that I'm using for my registered name servers for the past 13 years is example.com
Now, I've always (well, for over 13 years now) used these 4 name servers for my DNS cluster and all of my customer domains that I host:
ns1.example.com (123.123.123.123)
ns2.example.com (456.456.456.456)
ns3.example.com (789.789.789.789)
ns4.example.com (010.010.010.010)
And so I'll I did was:
- Added a new server to the WHM DNS Cluster using the WHM > Clusters > DNS Cluster and also WHM > Clusters > Remote Access Key tools in WHM, I set all the server hostnames to DNS Role "Synchronize Changes" (status successful)
- Updated the registered nameservers ns1.example.com and ns3.example.com to 2 different new reserved IP addresses on the new server in the cluster
- Updated the appropriate options in /etc/named.conf and ran /scripts/restartsrv_named (successful)
- Updated WHM Basic cPanel & WHM Setup > Nameservers section by clicking Assign IP next to NS1 and NS3 to make sure it grabbed the new IP addresses properly, and clicked "Add A Entry for Nameserver" for NS1 and NS3. (all successful).
And much to my delight, within a few hours of propagation everything was working as expected with the new IPs assigned to NS1 and NS3.
The switch was rather quick and went as typical as the previous times that I've done this when phasing out old servers for new ones.
BUT HERE'S THE RUB - While 99% of my customer's domain reports come back nice and spiffy and everything is working great, a small number of customer domains are showing NS1 and NS3 as "not authoritative" for their domains in the domain reports on all the popular places like DNS check tool and intoDNS: checks DNS and mail servers health , thus failing the DNS tests and, wouldn't ya know it, one of those few customers has a Pingdom account and noticed it and opened a ticket with me.
THE STRANGE THING - Everything appears to be fine otherwise, and almost all other customer's DNS reports come back clean. Only a few user domains out of a few hundred report back NS1 and NS3 as not authoritative.
I've been banging my head against the wall for a few days over this, trying every possible troubleshooting procedure I can think of, to no avail.
ONE THING IN COMMON - I've noticed that the few domains that show NS1 and NS3 as not authoritative in their DNS reports are ones that have Dedicated IP Addresses. (At least the problem ones I've looked up so far).
BUT THE OTHER STRANGE THING - Now the twist is of course - there are plenty of other user domains that have Dedicated IP addresses assigned, with nice clean DNS reports. (There goes my thought that "oh ok, I've narrowed it down to only sites with dedicated IPs". NOT). :/
And so now I come to the cPanel forums hoping that someone here has either been through this and knows the solution, or has some ideas of things that I could check that might lead me to the solution for this little thorn in my side situation.
Many thanks for any replies! I'm getting a bit frazzled :-(
I have a small cluster of dedicated servers (using WHM DNS Clustering) and run my own DNS / name servers, and DNS is synced between all the servers. It has always worked very well even during migrations and nameserver IP changes in the past.
Recently I added a new server to the WHM DNS Cluster and, because I'm starting to phase out some old servers including the one that was in charge of "ns1" and "ns3" in my DNS nameservers list, I assigned "ns1" and "ns3" new IP addresses an re-registered / updated the nameserver registrations at my registrar, and proceeded with all of the usual steps when making this kind of change.
Now even though everything went well with the addition of the new box to the cluster and changing the IP's / updating registrations for ns1 and ns3 - for some strange reason a FEW of my customer's site's domain reports come back showing NS1 and NS3 as "not authoritative" for their sites / domains.
I'LL USE EXAMPLE NAMES AND IPS TO HELP EXPLAIN A BIT BETTER:
Let's say for the domain that I'm using for my registered name servers for the past 13 years is example.com
Now, I've always (well, for over 13 years now) used these 4 name servers for my DNS cluster and all of my customer domains that I host:
ns1.example.com (123.123.123.123)
ns2.example.com (456.456.456.456)
ns3.example.com (789.789.789.789)
ns4.example.com (010.010.010.010)
And so I'll I did was:
- Added a new server to the WHM DNS Cluster using the WHM > Clusters > DNS Cluster and also WHM > Clusters > Remote Access Key tools in WHM, I set all the server hostnames to DNS Role "Synchronize Changes" (status successful)
- Updated the registered nameservers ns1.example.com and ns3.example.com to 2 different new reserved IP addresses on the new server in the cluster
- Updated the appropriate options in /etc/named.conf and ran /scripts/restartsrv_named (successful)
- Updated WHM Basic cPanel & WHM Setup > Nameservers section by clicking Assign IP next to NS1 and NS3 to make sure it grabbed the new IP addresses properly, and clicked "Add A Entry for Nameserver" for NS1 and NS3. (all successful).
And much to my delight, within a few hours of propagation everything was working as expected with the new IPs assigned to NS1 and NS3.
The switch was rather quick and went as typical as the previous times that I've done this when phasing out old servers for new ones.
BUT HERE'S THE RUB - While 99% of my customer's domain reports come back nice and spiffy and everything is working great, a small number of customer domains are showing NS1 and NS3 as "not authoritative" for their domains in the domain reports on all the popular places like DNS check tool and intoDNS: checks DNS and mail servers health , thus failing the DNS tests and, wouldn't ya know it, one of those few customers has a Pingdom account and noticed it and opened a ticket with me.
THE STRANGE THING - Everything appears to be fine otherwise, and almost all other customer's DNS reports come back clean. Only a few user domains out of a few hundred report back NS1 and NS3 as not authoritative.
I've been banging my head against the wall for a few days over this, trying every possible troubleshooting procedure I can think of, to no avail.
ONE THING IN COMMON - I've noticed that the few domains that show NS1 and NS3 as not authoritative in their DNS reports are ones that have Dedicated IP Addresses. (At least the problem ones I've looked up so far).
BUT THE OTHER STRANGE THING - Now the twist is of course - there are plenty of other user domains that have Dedicated IP addresses assigned, with nice clean DNS reports. (There goes my thought that "oh ok, I've narrowed it down to only sites with dedicated IPs". NOT). :/
And so now I come to the cPanel forums hoping that someone here has either been through this and knows the solution, or has some ideas of things that I could check that might lead me to the solution for this little thorn in my side situation.
Many thanks for any replies! I'm getting a bit frazzled :-(