DNS Cluster Setup - Did Synchronization Change?
Hello,
I have 2 web servers and 2 nameservers in a DNS cluster environment. A LOT of the old forums and websites out there recommend setting up the 2 web servers to synchronize the changes to the nameservers with a reverse relationship of standalone. However, when I do that - it syncs ALL the records from each web server to the other. So if I had 100 records on server A and 100 records on server B, I now see 200 records on both. Even if I completely remove the reverse relationship, it still syncs down records. I personally don't think that's ideal and I'd like for there just to be 200 records on the NS'.
I noticed a slight change in wording in the documentation between version 84 and 86 though on how synchronization is handled.
84
[QUOTE] Synchronize changes " This method synchronizes records between the local server and the remote server. However, you must also select Synchronize changes on the remote server for changes to propagate to the local server. Most administrators use this setting.
86 [QUOTE] Synchronize " This method synchronizes records between the local server and the remote server. Most administrators use this setting.
So my question is - am I on the right track, and was synchronization changed between those versions? And how can I accomplish what I want? I'm assuming I need to use write-only as the DNS role, but will I run into issues when transferring sites from server A to server B? Anything else to be aware of if I go this route? Thanks, Chris
86 [QUOTE] Synchronize " This method synchronizes records between the local server and the remote server. Most administrators use this setting.
So my question is - am I on the right track, and was synchronization changed between those versions? And how can I accomplish what I want? I'm assuming I need to use write-only as the DNS role, but will I run into issues when transferring sites from server A to server B? Anything else to be aware of if I go this route? Thanks, Chris
-
Hello, I posted the original post above a few days ago and it was just approved this morning and I have tested things A LOT over the weekend. I'm still having the issue but I singled things down to just 1 web server and 1 name server to simplify things. Here are the configurations that I have tried below. ded1 = web server ns1 - name server (with trial license for testing) - Configuration 1: (matches screenshots below) On DED1, set NS1 to Synchronize Changes. On NS1, set DED1 to standalone. If I add an account to NS1, it syncs down to DED1. I've tried this 5 times, syncs every time.
- Configuration 2: On DED1, set NS1 to Synchronize Changes. On NS1, removed the entire reverse relationship. If I add an account to NS1, it still syncs down to DED1. I've also tried this a few times just to be sure I wasn't seeing things.
- Configuration 3: On DED1, set NS1 to Write-Only. On NS1, no reverse relationship. This does write changes in a 1-way manner. If I add an account on NS1, it does NOT sync down to DED1. Same with DNS changes made on NS1 - it does NOT sync down.
- Configuration 4: Just to test PowerDNS vs Bind, I updated both NS's to Bind, disconnected and reconnected the relationships to match configuration 1. Still same result, add an account to DR1, it syncs down to DED1.
0 -
Hey there! Sorry about the delay - we don't currently have anyone monitoring forums on weekends, although that might be changing soon. To start and add some clarification, I'm not aware of any changes to the cluster configuration or wording that would affect this. Typically, I like to see the configuration on the nameserver machine set to standalone, and the webservers set to synchronize, so that way no changes get pushed from the NS machines to somewhere they shouldn't be. It may be a good idea to enable the additional logs in WHM >> Tweak Settings >> Logging to see if that gives you more details or errors, as that is frequently my most helpful debugging tool for syncing problems. You're always welcome to submit a ticket to our team as well as that will ensure a quick response. 0 -
If I'm understanding you correctly, this is the way that the DNS cluster has always worked (at least for us). Each cPanel server in the cluster "sees" all the zones in the cluster. When you join a new server to the cluster ( at least with the sync role) the first thing that the new server does is sync all the zones from the DNS cluster over to the server. 0 -
Yup - that's exactly right. 0 -
Ohhhhh.... I was assuming the "sync'ing" was of zones and that it was only 1 way. So for example, if I added a zone to WebServer2, it should sync up to NS1 but since NS1's reverse relationship with WebServer1 is standalone that it would not sync down to WebServer1. I think my understanding of how clusters work though is wrong. So what's the point of the reverse relationship then if everything is pretty much 2 way with the "synchronize Changes" option selected on the web server? Where would it even make sense to have a reverse relationship that is "Synchronize Changes" on the name server? Thanks for the clarification guys! It's definitely helping a cluster newb like me! 0 -
Thank you so much for the help so far! I'm very grateful. That was my thought exactly regarding the zones being in places they shouldn't be! I really don't want WebServer 2's DNS zones on WebServer 1. So that leads back to the original issue though... I have the following configuration and when I create an account on WebServer2, the zones for that account sync to WebServer1. With this setup below, should that be happening? Setup: Logged into WebServer1 > Synchronize Changes > NS1 Logged into WebServer2 > Synchronize Changes > NS1 Reverse Relationships Logged into NS1 > Standalone > WebServer1 Logged into NS1 > Standalone > WebServer2 0 -
That's definitely odd, as I would not expect that to be happening with your configuration. Since you have root access to the machines, it might be worth putting in a ticket so we can take a look at the systems and see the confgurations and get you more details, as that's how I'd recommend setting things up if I were doing it. 0 -
Thank you! I'm going to re-provision everything since they only have test accounts on them, relink them in the cluster, and see if the issue still happens. If it does, I'll submit a ticket. Thanks again for your help! 0 -
Sound like a plan! 0 -
Based on the above, is the following summary correct? Standalone = Pull-only Write-only = Push-only Synchronise = Push/pull 0 -
Hello DoghouseAgency! That's pretty much the gist of it. Standalone pulls the records from the remote server, write-only pushes records to the remote server, synchronize can push and pull. 0 -
Thanks! 0
Please sign in to leave a comment.
Comments
13 comments