1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Misconfigured Centralized DNS

Discussion in 'Plesk Expand 2.3 Troubleshooting Issues' started by Christian Lund, Oct 15, 2009.

  1. Christian Lund

    Christian Lund New Pleskian

    22
    73%
    Joined:
    Feb 27, 2009
    Messages:
    23
    Likes Received:
    0
    I have setup Plesk Expand with 3 servers. These are not properly setup: the slave is not authoritative and the centralized server (master) is recursive.

    Setup
    Server A running Plesk Expand
    Server B running Centralized DNS
    Server C webserver

    Server A hosts the domain sparck.dk and contains DNS records for the domain.

    Server B is defined as ns1.sparck.dk
    Server A is defined as ns2.sparck.dk

    In Expand:
    Server B is defined as the central DNS server. Server B and C are both assigned as Plesk servers under Server B.

    Server A: Is set as DNS mode (slave), Plesk DNS mode (master)
    Server B: Is set as master
    Server C: Is set as DNS mode (slave), Plesk DNS mode (hidden)

    Questions

    - How do I set server A (ns2.sparck.dk) as authoritative?
    - How do I avoid having server B (ns1.sparck.dk) respond recursively?

    See more details below about the errors received when trying to redirect a domain to the new DNS setup:

    Error: ns2.sparck.dk
    Name server is not authoritative for webland.dk (asking for [webland.dk,NS,IN]).
    The AA (authoritative answer) bit wasn't set. This means that the name server is not yet configured to know about the domain name, or the server is configured wrongly. Check the log files of the server.

    Error: ns2.sparck.dk
    Name server is not authoritative for webland.dk (asking for [webland.dk,SOA,IN]).
    The name server doesn't think it can give an authoritative reply for the zone. Either it is not configured properly, or there is a problem with the zone. Check the log files of the name server.

    Warning: ns1.sparck.dk
    The name server is recursive (gave answer for [gtld-servers.net,NS,IN]).
    The name server doesn't think it can give an authoritative reply for the zone. Either it is not configured properly, or there is a problem with the zone. Check the log files of the name server.

    Thank you in advance for any feedback
     
  2. Christian Lund

    Christian Lund New Pleskian

    22
    73%
    Joined:
    Feb 27, 2009
    Messages:
    23
    Likes Received:
    0
    Regarding the recursion I created a DNS report using DNStools:

    I had a look at the recommendations and added the "recursion no" to named.conf.local.
    I restarted the dnscontroller:

    /etc/init.d/dnscontroller restart

    This did not fix the problem. The DNS is still open.
     
  3. Christian Lund

    Christian Lund New Pleskian

    22
    73%
    Joined:
    Feb 27, 2009
    Messages:
    23
    Likes Received:
    0
    Please click one of the Quick Reply icons in the posts above to activate Quick Reply.
     
  4. Christian Lund

    Christian Lund New Pleskian

    22
    73%
    Joined:
    Feb 27, 2009
    Messages:
    23
    Likes Received:
    0
    This resource offers more details about closing an open server, however, I am reluctant to set the ACL in named.conf, since I expect Plesk Expand to manage this as I add more servers to the setup.

    The site suggests to add the following to named.conf:

    acl "trusted" {
    mainIP;secondaryIP;127.0.0.1;
    };

    ...and add the following to options:

    allow-recursion { trusted; };
    allow-notify { trusted; };
    allow-transfer { trusted; };

    However, comments on the article suggest that this should close the server:

    options {
    recursion no;
    };
     
Loading...