• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Question Zone transfer to external DNS server not working

wasiwarez

New Pleskian
Server operating system version
Ubuntu 22.04 LTS 64bit
Plesk version and microupdate number
Plesk Obsidian 18.0.68 Update 2 Web Pro Edition
Hi everybody,

I'm trying to set up my Plesk server as primary dns server. My domain is hosted at Domainfactory. My server runs at Strato. The domain is a .de domain. Denic, the .de domain provider, requires the registration of two different ip addresses, if custom name servers are registered. As Strato doesn't want to provide two ip addresses for the same server, they have a secondary name server with an own ip address they use for these cases. They told me to register the two name server domains at domainfactory with these two ip adresses. So I registered the ns1.my-domain.de with the ip address of the Plesk server and ns2.my-domain.de with the ip address of the Strato name server. I think now the zone settings need to be transfered from the Plesk server to the Strato name server. I already added the ip to the transfer restriction template. But when I check the dns settings with the NAST Predelegation Check at nast.denic.de I get errors from the Strato name server.
This is the output:
Code:
Severity    Code    Message

Error    901    Unexpected RCODE

Parameter:
entity:    SOA
rcode:    REFUSED
target:    81.169.148.38

Error    106    Inconsistent set of nameserver IP addresses

Parameter:
determined_ips:    []
ns:    ns2.schuetzen-welldorf.de
provided_ips:    ['81.169.148.38']

Error    901    Unexpected RCODE

Parameter:
ip:    81.169.148.38
nameserver:    ns2.schuetzen-welldorf.de
proto:    udp
record:    NS

Error    133    Answer must be authoritative

Parameter:
ip:    81.169.148.38
nameserver:    ns2.schuetzen-welldorf.de
proto:    udp
record:    NS

I'm not sure, if this is really a Plesk issue. But I followed a manual from Strato. Do I have to set up the zone transfer manually? I'm not sure, if adding the ip address to the transfer restriction template is enough.
Also the Strato manual says I should add the host sns.serverkompetenz.de as a NS set to the primary name server. But if I do so, the predelegation check returns more errors.

Thanks in advance.
wasiwarez
 
Hi everybody,

I'm trying to set up my Plesk server as primary dns server. My domain is hosted at Domainfactory. My server runs at Strato. The domain is a .de domain. Denic, the .de domain provider, requires the registration of two different ip addresses, if custom name servers are registered. As Strato doesn't want to provide two ip addresses for the same server, they have a secondary name server with an own ip address they use for these cases. They told me to register the two name server domains at domainfactory with these two ip adresses. So I registered the ns1.my-domain.de with the ip address of the Plesk server and ns2.my-domain.de with the ip address of the Strato name server. I think now the zone settings need to be transfered from the Plesk server to the Strato name server. I already added the ip to the transfer restriction template. But when I check the dns settings with the NAST Predelegation Check at nast.denic.de I get errors from the Strato name server.
This is the output:
Code:
Severity    Code    Message

Error    901    Unexpected RCODE

Parameter:
entity:    SOA
rcode:    REFUSED
target:    81.169.148.38

Error    106    Inconsistent set of nameserver IP addresses

Parameter:
determined_ips:    []
ns:    ns2.schuetzen-welldorf.de
provided_ips:    ['81.169.148.38']

Error    901    Unexpected RCODE

Parameter:
ip:    81.169.148.38
nameserver:    ns2.schuetzen-welldorf.de
proto:    udp
record:    NS

Error    133    Answer must be authoritative

Parameter:
ip:    81.169.148.38
nameserver:    ns2.schuetzen-welldorf.de
proto:    udp
record:    NS

I'm not sure, if this is really a Plesk issue. But I followed a manual from Strato. Do I have to set up the zone transfer manually? I'm not sure, if adding the ip address to the transfer restriction template is enough.
Also the Strato manual says I should add the host sns.serverkompetenz.de as a NS set to the primary name server. But if I do so, the predelegation check returns more errors.

Thanks in advance.
wasiwarez

This is a typical issue when trying to use a private nameserver as authoritative.
Over the decades, I have found it best to use the registrar or at least a MAJOR DNS service.
But that then leaves you with the issue of sync'ing Plesk to reality.
The most common pain is Let's Encrypt because it uses DNS TXT (_acme-challenge) records for authorization.

There are a couple of extensions out there, but most are from specific registrars, and are self-serving only.
I'm working on an extension that could address this, but the Plesk "integrating Plesk with a Third-Party DNS"
interface - well, it turns out to be rather primitive.

The change event data is nothing but a full zone dump, but the action log has the EXACT data needed to do the job.
This is making development of what should be a simple tool horribly complex because there is NO CONNECTION
between the reason for the event in the action_log and the provided event data.

I have just noticed some event names in the Event Manager that COULD be what is necessary -
but I haven't found any decent doc. There's some reference to the "Log Browser" extension - from PLESK.

Do you have Event Manager entries for: actionlog__event_dns_record_* (create/update/delete) ?
Do you have the "Log Browser" extension installed?
If you don't have the events NOR Log Browser, could you install it and see it you get them then?

There is a page: "Event Parameters Passed by Event Handlers" that seems SHOULD have the doc on this -
but nope. Event Parameters Passed by Event Handlers

In the Log Browser Action Log settings, there are switches for the events to be logged, including:
- DNS Record created / updated / deleted

- DNS Zone updated / updated / updated / updated / updated
** These 5 likely? are the 5 actionlog__event_dns_zone_* events

- Remote DNS server status updated
** I haven't found any actual event for this one -
which seems like something my tool should issue when it does it's job.

I like Plesk but the documentation provided for a $$$ licensed product is horrid -
and I've seen a lot of documentation over the last 50 years - written a bunch, too.

*** If anyone is interested in this topic/issue, reply so I see it.
 
Back
Top