The DNS Cluster feature set is flexible to allow for an array of configurations. The following guide explains some best practices for cPanel DNS clusters that will help you to avoid problems and unnecessary complexity in your DNS clusters.
- 1. Use direct links from WHM/Web Servers to DNS Only servers.
- 2. Use Sync relationships with reverse trust enabled.
- 3. Avoid chaining multiple servers between the WHM/Web server and the DNS Only server for speed.
- 4. Avoid using WHM/Web Servers as the authoritative nameserver for simplicity.
The following diagram shows a very simple example of a DNS Cluster setup with two WHM/Web Servers and two nameservers on DNSOnly:
Although it is possible to use other configuration schemes for your DNS clusters, the above setup provides the best performance, is simple which helps when troubleshooting, and allows for proper communication between all of the servers in the cluster.
In the above configuration, changes to DNS are made in the Zone Editor on the WHM/Web Server and then are automatically propagated out to the DNSOnly servers.
The DNSOnly servers serve as the authoritative nameservers for all of the domains on both web servers.
The Sync relationships will prevent Webserver-01 from creating/editing a zone that already exists on Webserver-02 and vice-versa.
To set up this kind of configuration, do the following:
- 1. Log in to WHM as the root user on ns1.example.com (DNSOnly).
- 2. Navigate to Home »Development »Manage API Tokens.
- 3. Click the blue "Generate Token" button.
- 4. Enter a name for your token: "webserver-01 dnsCluster".
- 5. Put a check next to the "DNS Clustering" privilege to enable it.
- 6. Click the blue Save button at the bottom of the page.
- 7. Copy the API token that you are presented.
- 8. Log in to WHM as the root user on Webserver-01.
- 9. Navigate to Home »Clusters »DNS Cluster.
- 10. Enable DNS Clustering if it is not already enabled.
- 11. Click the blue Configure button to add a new cluster member.
- 12. Enter the IP address or hostname of ns1.example.com.
- 13. Enter root as the username.
- 14. Paste the API token into the box.
- 15. Ensure that "Setup Reverse Trust Relationship" and "Synchronize Zones Immediately" are checked.
- 16. Select "Synchronize Changes" as the DNS Role.
- 17. Click the blue Submit button.
Repeat the above process until each of your web servers has a Sync relationship with each of your nameservers.