Facebook
Twitter- Server operating system version
- Debian 12
- Plesk version and microupdate number
- Plesk Obsidian Web Host Edition 18.0.70
Hello,
I’m experiencing an issue with the DNS service managed via Plesk. The primary server uses BIND, and the secondary server runs on PowerDNS.
Zones are created correctly on the primary server, and Plesk generates the following directive for zone transfers:
conf: /var/named/run-root/etc/named.conf
However, the secondary server at IP 77.235.14.8 does not receive the zone transfers.
What I see in the BIND logs (journalctl -u named):
Jul 14 22:22:27 megahost.kg named[1334500]: client @0x7f22b8e6e168 77.235.14.8#51189 (14.235.77.in-addr.arpa): zone transfer '14.235.77.in-addr.arpa/AXFR/IN' denied
Jul 14 22:22:27 megahost.kg named[1334500]: client @0x7f22b8e6c168 77.235.14.8#34875 (73.62.92.in-addr.arpa): zone transfer '73.62.92.in-addr.arpa/AXFR/IN' denied
Jul 14 22:23:27 megahost.kg named[1334500]: client @0x7f22b8e70168 77.235.14.8#45755 (14.235.77.in-addr.arpa): zone transfer '14.235.77.in-addr.arpa/AXFR/IN' denied
Jul 14 22:23:27 megahost.kg named[1334500]: client @0x7f22ba5e9168 77.235.14.8#51291 (73.62.92.in-addr.arpa): zone transfer '73.62.92.in-addr.arpa/AXFR/IN' denied
At the end of /var/named/run-root/etc/named.conf , Plesk generates the following directive:
acl common-allow-transfer {
none;
};
I assumed that this is the reason for the transfer denial, because common-allow-transfer is referenced in the zone definitions.
So I manually changed it to:
acl common-allow-transfer {
77.235.14.8;
};
Unfortunately, after any action in Plesk (e.g., adding a new zone), the ACL gets automatically overwritten back to:
acl common-allow-transfer {
none;
};
Could you please advise:
Thank you very much in advance!
I’m experiencing an issue with the DNS service managed via Plesk. The primary server uses BIND, and the secondary server runs on PowerDNS.
Zones are created correctly on the primary server, and Plesk generates the following directive for zone transfers:
conf: /var/named/run-root/etc/named.conf
However, the secondary server at IP 77.235.14.8 does not receive the zone transfers.
What I see in the BIND logs (journalctl -u named):
Jul 14 22:22:27 megahost.kg named[1334500]: client @0x7f22b8e6e168 77.235.14.8#51189 (14.235.77.in-addr.arpa): zone transfer '14.235.77.in-addr.arpa/AXFR/IN' denied
Jul 14 22:22:27 megahost.kg named[1334500]: client @0x7f22b8e6c168 77.235.14.8#34875 (73.62.92.in-addr.arpa): zone transfer '73.62.92.in-addr.arpa/AXFR/IN' denied
Jul 14 22:23:27 megahost.kg named[1334500]: client @0x7f22b8e70168 77.235.14.8#45755 (14.235.77.in-addr.arpa): zone transfer '14.235.77.in-addr.arpa/AXFR/IN' denied
Jul 14 22:23:27 megahost.kg named[1334500]: client @0x7f22ba5e9168 77.235.14.8#51291 (73.62.92.in-addr.arpa): zone transfer '73.62.92.in-addr.arpa/AXFR/IN' denied
At the end of /var/named/run-root/etc/named.conf , Plesk generates the following directive:
acl common-allow-transfer {
none;
};
I assumed that this is the reason for the transfer denial, because common-allow-transfer is referenced in the zone definitions.
So I manually changed it to:
acl common-allow-transfer {
77.235.14.8;
};
Unfortunately, after any action in Plesk (e.g., adding a new zone), the ACL gets automatically overwritten back to:
acl common-allow-transfer {
none;
};
Could you please advise:
- Am I making the correct changes to solve the issue?
- Or is there another recommended way to configure transfers to a secondary DNS server under Plesk?
Thank you very much in advance!
