Question Slave DNS-Server over internet

[enerspace]

Hi,

I have unfortunately not got any exact information.

I have a master DNS-Server with the IP 88.66.88.66 and a secondary DNS-Server with the IP 77.55.77.55.

Booth Servers are Plesk Servers.

I know how the communication works over rndc but I do not realize how plesk builds the named.conf. Apparently only the file under /etc/named.conf is considered. But not the file at /etc/bind/named.conf.

The Pleskversion is structured like this:

Expand/Collapse Block: OPEN CODE

// $Id: named.conf,v 1.1.1.1 2001/10/15 07:44:36 kap Exp $

// -- THE FOLLOWING LINES WERE GENERATED BY PLESK. IF YOU MODIFY THEM, THEY WILL BE OVERWRITTEN WHEN THESE SETTINGS ARE MANAGED IN PLESK UI. --
options {
    allow-recursion {
        localnets;
    };
listen-on-v6 { any; };
    version "none";
    directory "/var";
    auth-nxdomain no;
    pid-file "/var/run/named/named.pid";
};

key "rndc-key" {
    algorithm hmac-md5;
    secret "HASH";
};

controls {
    inet 127.0.0.1 port 953
    allow { 127.0.0.1; } keys { "rndc-key"; };
};

zone "." {
    type hint;
    file "named.root";
};

zone "0.0.127.IN-ADDR.ARPA" {
    type master;
    file "localhost.rev";
};
// -- END OF LINES GENERATED BY PLESK. --


// -- PLEASE ADD YOUR CUSTOM DIRECTIVES BELOW THIS LINE. --
//--
// -- END OF YOUR CUSTOM DIRECTIVES. --

How can I customize the line "controls {"?

When i use the custome line, i cant overwrite the "controls {" line for external connection like:

controls {
    inet * port 953
    allow { 127.0.0.1; otherip; otherip; } keys { "key-file"; };
};

When i overwrite the Plesk controls line, first a connection works, but after a few hours miraculously no longer, although the line was not changed.

Have you a Tip? Thanks!

 

[enerspace]

I have solved it now as follows. Apparently the lower part is not overwritten by Plesk. Only some parts of it.

Expand/Collapse Block: OPEN CODE

// $Id: named.conf,v 1.1.1.1 2001/10/15 07:44:36 kap Exp $

// -- THE FOLLOWING LINES WERE GENERATED BY PLESK. IF YOU MODIFY THEM, THEY WILL BE OVERWRITTEN WHEN THESE SETTINGS ARE MANAGED IN PLESK UI. --
options {
    allow-recursion {
        localnets;
    };
listen-on-v6 { any; };
    version "none";
    directory "/var";
    auth-nxdomain no;
    pid-file "/var/run/named/named.pid";

        // ADDED
       allow-new-zones yes;
};

key "rndc-key" {
    algorithm hmac-md5;
    secret "HASH";
};

// ADDED
key "rndc-key-88.99.XX.XX" {
  algorithm hmac-md5;
  secret "HASH";
};

// MODIFIED
controls {
    inet * port 953 allow { 88.99.XX.XX; 127.0.0.1; } keys { "rndc-key"; "rndc-key-88.99.XX.XX"; };
};

zone "." {
    type hint;
    file "named.root";
};

zone "0.0.127.IN-ADDR.ARPA" {
    type master;
    file "localhost.rev";
};
// -- END OF LINES GENERATED BY PLESK. --


// -- PLEASE ADD YOUR CUSTOM DIRECTIVES BELOW THIS LINE. --
// ...
// -- END OF YOUR CUSTOM DIRECTIVES. --

 

[IgorG]

Have you a Tip?

Why you do not use SlaveDNS Manager extension?

 

[enerspace]

@IgorG I use it for the secondary dns server. I can not connect to the primary server, if the primary server / slave dns only listens on the local ip address. Or is there a better way? Thanks Igor!

Edit: The posted code, was integrated on the primary dns server, the target.