Facebook
Twitter-
Please be aware: Kaspersky Anti-Virus has been deprecatedWith the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
-
The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
Question Multiple Plesk servers to the same Slave DNS servers
- Thread starter klowet
- Start date
Multi Server is only available for Plesk Onyx 17.0 and 17.5.
So... Build-it-myself it is... A temporary solution can be to export a list of all domains on all servers, consolidate the output en import them in the prohibited domain list on all Plesk servers.
docs.plesk.com
docs.plesk.com
site: Sites
The site utility is used for managing sites within an existing subscription. Note: For information on how to create...
docs.plesk.com
domain_restriction: Prohibited Domain Names
The domain_restriction utility is used to manage the list of domain names that are prohibited when users create sites...
docs.plesk.com
websavers
Regular Pleskian
We've added some code in a branch of our fork here that should resolve this problem. We hope to test it soon, but if anyone here gets to it sooner, even better! Warning: it is *not* tested. You only need to replace these files with the versions in that branch to try it:
- plib/library/Rndc.php
- plib/scripts/slave-dns.php
Notes:
- If the tests are successful we'll add a UI control to enable/disable it
- This will only function effectively if all servers are using proper external resolvers. If using localhost, it won't work as the local DNS server will not return live lookup results for the domain, which is important to have on the server that is *not* authoritative, but still hosting the domain.
- plib/library/Rndc.php
- plib/scripts/slave-dns.php
Notes:
- If the tests are successful we'll add a UI control to enable/disable it
- This will only function effectively if all servers are using proper external resolvers. If using localhost, it won't work as the local DNS server will not return live lookup results for the domain, which is important to have on the server that is *not* authoritative, but still hosting the domain.
ChristophRo
Regular Pleskian
We ourselves are using this principle of one (well two in fact, as we use three authoritative nameservers) slave server for many (50+ currently) master servers as well, so my 2¢ are:
You can do that easily and out of the box with PowerDNS and it's "Supermaster" feature.
PowerDNS does save/remember from which primary DNS it "learned" a zone from and will then receject updates for this zone from any other nameserver.
So you are completely safe from hijacking and only need to manually interfere (i.e. delete the zone from the secondary nameserver(s)) if you really wan't another/new primary to be authoritative for that domain.
p.s. this feature may only be available if you use a database backend for PowerDNS. (and not legacy bind zonefiles - which are also supported by PowerDNS)
You can do that easily and out of the box with PowerDNS and it's "Supermaster" feature.
PowerDNS does save/remember from which primary DNS it "learned" a zone from and will then receject updates for this zone from any other nameserver.
So you are completely safe from hijacking and only need to manually interfere (i.e. delete the zone from the secondary nameserver(s)) if you really wan't another/new primary to be authoritative for that domain.
p.s. this feature may only be available if you use a database backend for PowerDNS. (and not legacy bind zonefiles - which are also supported by PowerDNS)
websavers
Regular Pleskian
@ChristophRo Thanks for that info! Great to know. Perhaps it's time to set up a PowerDNS secondary box or two.
If you're using different name servers for each server, I take it this means when you migrate an account between servers, you need to then run a PowerDNS command to tell it to no longer restrict zone transfers for that domain (ie: so that the destination server can submit zone transfers to the PowerDNS secondary successfully)? What does that process look like?
ChristophRo
Regular Pleskian
just "pdnsutil delete-zone blaablaa.com" on the secondary(s) to delete/purge the zone
After that the secondary(s) will accept this zone again from any "master"
After that the secondary(s) will accept this zone again from any "master"
