Question Multiple servers in same nameserver

[webdig]

Server operating system version

AlmaLinux 8.9 (Midnight Oncilla)

Plesk version and microupdate number

Version 18.0.58 Update #2

I have a question about the configuration of the Slave DNS Manager, I've searched a lot of information and I'm "lost" so to speak.

I have 3 plesk servers and 4 slaves, to which I want to connect these servers:

Server 001 - ns1, ns2, ns3, ns4
Server 002 - ns1, ns2, ns3, ns4
Server 003 - ns1, ns2, ns3, ns4

On the slaves I installed Bind as indicated in the various tutorials and they work fine with just one server, and the indicators in the Slave DNS Manager are always green.

If I try to add another server to the same bind, in /etc/bind/named.conf.options , I get errors in the Slave DNS Manager and if I try to synchronise the server with the slaves, it takes forever.

This is an example of the named.conf.options of ns1 with two servers, taking into account the IPs of the two servers - server 001: 11.22.3.44 and server 002: 11.22.3.45:

version "anonymous";

dnssec-validation auto;

listen-on-v6 { any; };

allow-new-zones yes;
};

// server 001

key "rndc-key-11.22.3.44" {
  algorithm hmac-md5;
  secret "ZmViMzdjMmE2MTkyMzM3Njc4Y2EyYQ==";
};

controls {
    inet * port 953 allow { 11.22.3.44; 127.0.0.1; } keys { "rndc-key-11.22.3.44"; };
};

// server 002

key "rndc-key-11.22.3.45" {
  algorithm hmac-md5;
  secret "ZmViMzdjMmE2MTkyMzM3Njc4Y2EyYQ==";
};

controls {
    inet * port 953 allow { 11.22.3.45; 127.0.0.1; } keys { "rndc-key-11.22.3.45"; };
};

What could be wrong here?
Or is this not how the system works?

 

[Kaspar]

I have no experience with a multi server setup as yours, so I am not sure if what you are planning actually works well. I can imagine that issues can arise, for example when (accidentally) adding the same domain on two servers. Any way, the configuration your are using is indeed wrong. The controls directives should be merged, containing all servers and keys. Like so:

controls {
    inet * port 953 allow { 11.22.3.44; 11.22.3.45; 127.0.0.1; } keys { "rndc-key-11.22.3.44";  "rndc-key-11.22.3.45"; };
};

 

[Peter Debik]

I understand the setup that one primary shall be mirror to two or more secondaries. That would not be possible with the extension.

 

[webdig]

I have no experience with a multi server setup as yours, so I am not sure if what you are planning actually works well. I can imagine that issues can arise, for example when (accidentally) adding the same domain on two servers. Any way, the configuration your are using is indeed wrong. The controls directives should be merged, containing all servers and keys. Like so:

controls {
    inet * port 953 allow { 11.22.3.44; 11.22.3.45; 127.0.0.1; } keys { "rndc-key-11.22.3.44";  "rndc-key-11.22.3.45"; };
};

Thanks for the tip, I've tried it and it no longer gives an error in the Slave DNS Manager markers, as they remain green, but in reality it's still slow and the sites are synchronised.

I understand the setup that one primary shall be mirror to two or more secondaries. That would not be possible with the extension.

It's a shame the extension doesn't do this, it would be a very important feature for Plesk and an added value.
I have to go to Plesk UserVoice to research this subject and give my suggestion

Best Regards