• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Have plesk set master NS (SOA) record properly (BIND does not notify NS in SOA)

F

freaky@

Regular Pleskian
Hi,

does anyone know to get plesk (12) to set the SOA record properly on existing domains?

Let me explain the issue first. We use PowerDNS supermaster mode as slave servers. The way this works is we configure PowerDNS so that it sees the plesk server as a so called supermaster.

When a so called supermaster notifies the slave servers on a zone update, if it doesn't exist it just adds the zone and pulls it in. This works very nice and without any scripting required (there's only the issue of removing them, I just have a script that deletes all domains that haven't been able to update in 2 weeks every day from the database).

The only issue here is that BIND does *NOT* ever notify the nameserver listed in the SOA. The nameserver listed in the SOA should be the master (and hence - thus plesk itself) and it being a master it should be where the changes occur and notifying it isn't necessary thus, which is why BIND doesn't do that.

Unfortunately plesk doesn't seem to grasp this concept. It will happily put any nameserver in the SOA record. Have adjusted the template and it seems to work ok for new domains now (not sure how reliably though), but it's a major pain for the existing ones. It's very hard to update them properly.

Reapplying template -> no change to master NS/SOA
Switching mode to slave and back to master -> no change to master NS/SOA
Resetting to default -> no change to master NS/SOA

The only way I've found so far is to delete the records manually, add them again and hope it doesn't change the order (yes it does this a lot, you'll have the correct order listed, click apply and the order just changes. Some times it adds them to the bottom of the list, some times to the top - not confusing at all).

Plesk really should be taught that if it's master, it should be the one in the SOA. Whilst my issue is larger due to the supermaster and slaves not creating the zone (and hence my slave not functioning), it is an issue in any setup because a slave listed as SOA will not be notified and doesn't pick up on the changes right away. Depending on the refresh times it might take quite some time for the slave to pick up the change then, which isn't desirable either as it will leave you with a slave that still returns incorrect records.

Please fix this and provide me with a solution that doesn't involve editing a couple of dozen domains manually.
 
Did you get this working?

I am in the same situation. Plesk12 server sends a notify to all namervers that have an NS record in a zone except for the nameserver that is used in the SOA record. That nameserver seems to be randomly picked from one of the NS records.

There are some options to solve this in /etc/named.conf (like: "notify-to-soa yes" and "also notify...") but this has to be declared in the "options" container in /etc/name.conf and that always gets overwritten by Plesk.

In /etc/named.conf the "PLEASE ADD YOUR CUSTOM DIRECTIVES BELOW THIS LINE" does not help as the "options" container is already in the section that is managed by Plesk and can not be in there a second time.

This is something that is broken since Plesk version 12. Prior to version 12 it was possible to add custom directives in the "options" container and this is how we did this.

Is there a way in Plesk 12 to alter the "options" container in /etc/named.conf?

Thanks.
 
Hi,

so far I've been using notify-to-soa in the options section. It's not been overwritten yet, any idea when it does that?

What I find even more annoying is that the main domain for one customer is domain.com, this is their main subscription and they're using ns1.domain.com. They enjoy to overwrite this with ns1.aliasdomain.com when creating aliases, which is pretty bad too. Even when I don't enable DNS sync, with the latest v12 currently, it does sync the entire zone initially as well.

Plesk frequently is horribly broken, unfortunately. At least that's my experience.
 
Since it states that Plesk can overwrite this, I never actually tested this before but I was just testing it now.
I use "also-notify {<list of PowerDNS supermasters IP's>};" I altered everything I can think of in Plesk UI that could revert this but nothing does so far.

Parallels, can you confirm that this won't get overwritten?

That thing of ns1.domainalias.com you write about is not really bug. This is how it is setup in your dns template in Plesk. On the other hand, if you want to use ns1.domain.com as NS record for your alias, there is not really a way to configure that in the dns template.
I don't use the Plesk hosting server as public nameserver. In the dns template I have 2 NS records ns1.powerdnsserver.tld and ns2.powerdnsserver.tld with those fixed hostnames. This way all domains use the same nameservers and only those are registered with the domain registry.
 
Well in all honesty, I do consider it a bug :).

The values in the template for <domain> NS are NS ns1.domain.com, NS ns4.otherdomain.com, NS ns1.yetanother.eu. domain.com just happens to be the main subscription (and unfortunately in this customers case a subscription with over 40 aliases - correcting those all manually is a major pita).

No where does the value read NS ns1.<domain> so replacing ns1.domain.com with ns1.aliasdomain.com is just plain stupid and a clear sign to me of how well many stuff is thought out. It should only have done that if the line had read <domain> NS ns1.<domain> - but it doesn't.

As stated, this even happens when DNS sync is turned off (then again, it also pulls in all the DNS records from the main domain, like when sync would be enabled, causing a lot of records to be created that aren't in the template). It could very well be that the biggest part of the bug is that it's actually doing DNS sync whilst it's disabled.

Are you using PowerDNS supermaster? Was wondering how that works in your case as there's a requirement that the master DNS server is listed in the NS records otherwise it's not automatically added to the slave domains. That doesn't seem to be the case in your setup, is it?
 
Yes, I do use Powerdns supermaster. Since we use the same public nameservers (ns1.powerdnsserver.tld and ns2.powerdnsserver.tld) for all our domains on all our servers, this is really easy.
In the Powerdns servers, all supermasters are listed with the IP address of the (Plesk-) server and "ns1.powerdnsserver.tld" as hostname in NS record. If there exists an NS record with "ns1.powerdnsserver.tld" for a domain on a Plesk server (and notify works as it should), the domain gets picked-up by the Powerdns servers.
 
Thanks, if that works I'll just add the plesk server to the PowerDNS database with the slave names as well. That should at least alleviate some issues.

FYI: I've been adding quite some domains on the server and so far the notify-to-soa hasn't been removed from the config.
 
You must log in or register to reply here.

Similar threads

B
  • Locked
Issue own Name Server does not work
Replies
9
Views
2K
Peter Debik
P
M
Issue Plesk continues to write deleted slave DNS server in /var/named/chroot/etc/named.conf
Replies
0
Views
838
mr-wolf
M
burnley
Issue Plesk 17.8.11 & BIND: Plesk allows underscore in hostname, thus breaking zone
Replies
0
Views
895
burnley
burnley
ChristophRo
Forwarded to devs DNS - order of records unreliable and thus primary master name server in SOA broken
Replies
8
Views
2K
AYamshanov
AYamshanov
yavuzyayla
Issue Denic Settings - Can't Set Up DNS Settings
Replies
0
Views
1K
yavuzyayla
yavuzyayla
Back
Top