- Server operating system version
- CentOS 7.9
- Plesk version and microupdate number
- 18.0.47#2
I am using Plesk's DNS service on my main (Plesk) server and have 2 child nameservers running bare Linux with named-chroot. This set up has been working fine for years until I changed the settings on my Plesk server to only listen to a specific IP address with the following parameters in DNS Settings > Settings for the whole server:
Every once a week, I notice that on one of my child nameservers some zones are not being transferred. This only applies to domains that have been created a while ago (since version 12.5 and domains also created on the original Obsidian version). To fix this, I have to delete the above parameters from my settings, go to the affected nameserver and restart the named service. After that, I can apply the parameters back, save it and then restart the named service on the affected nameserver again.
What's strange is that this does not affect both child nameservers, only one of them. The error message on the affected nameserver is as follow:
The xx.xx.xx.xx IP address is the main IP of the Plesk server which I am no longer listening to, even though the domains that are affected are configured to listen to the IP address I do want them to listen to.
To be clear, I am using the option 'Only allow connections from localhost' but since I have multiple IP addresses configured on my Plesk server, I do not want to expose UDP 53 on the other addresses, even if I have them closed off on a firewall level. I've tried every possible solution there is and am out of options.
I need help with this since this requires me to do this every once a week and it's been like this for the past 6 months.
Code:
version "none";
auth-nxdomain no;
listen-on { IP4ADDRESS; 127.0.0.1; };
listen-on-v6 { IP6ADDRESS; ::1; };
Every once a week, I notice that on one of my child nameservers some zones are not being transferred. This only applies to domains that have been created a while ago (since version 12.5 and domains also created on the original Obsidian version). To fix this, I have to delete the above parameters from my settings, go to the affected nameserver and restart the named service. After that, I can apply the parameters back, save it and then restart the named service on the affected nameserver again.
What's strange is that this does not affect both child nameservers, only one of them. The error message on the affected nameserver is as follow:
Code:
zone domain.tld/IN: refresh: skipping zone transfer as master xx.xx.xx.xx#53 (source 0.0.0.0#0) is unreachable (cached)
The xx.xx.xx.xx IP address is the main IP of the Plesk server which I am no longer listening to, even though the domains that are affected are configured to listen to the IP address I do want them to listen to.
To be clear, I am using the option 'Only allow connections from localhost' but since I have multiple IP addresses configured on my Plesk server, I do not want to expose UDP 53 on the other addresses, even if I have them closed off on a firewall level. I've tried every possible solution there is and am out of options.
I need help with this since this requires me to do this every once a week and it's been like this for the past 6 months.