Express transfers to linked mailnode breaks DNS zone
We're currently migrating accounts from one obsolete server with cPanel v86 to two brand new with cPanel v98. The new servers are a standard role linked to a secondary with mail only role. They are all in a DNS Cluster and we've changed TTL to 1200 before starting transfers.
Transfers are going pretty well except for DNS zone that mixes IPs from mailnode as domain A record and resets TTL to 14400, so we've to correct all of them by hand, introducing downtime and unwanted additional hours in process. Doing express or "normal" transfers is not a difference. Problem seems related to DNS templates, but I don't know how to correct them.
Any thoughts?
Thanks in advance.
-
Hey there! We usually advise that customers remove the server from the cluster before any transfers happen, as it can cause confusion in the cluster. If two servers were migrated in a cluster, you could end up with a scenario where two different DNS zones exist for the same domain. I don't believe the mailnode portion would be related to what you're seeing. If you temporarily remove that server from the cluster, do things work normally then? 0 -
Hello, @cPRex! Thanks for your help, but after removing new servers from the DNS cluster and deleting already transferred zones prior to transfer, problem still shows. I'll post an example of how DNS zones resulted: Original: ; cPanel first:11.42.1.20 (update_time):1629365890 Cpanel::ZoneFile::VERSION:1.3 hostname:kalel.hoster.tld latest:86.0.40 ; Zone file for client.es $TTL 14400 client.es. 1200 IN SOA ns3.hoster.tld. hoster.gmail.com. ( 2021081900 ;Serial Number 4800 ;refresh 3600 ;retry 1209600 ;expire 7200 ;minimum ) client.es. 1200 IN NS ns3.hoster.tld. client.es. 1200 IN NS ns1.hoster.tld. client.es. 1200 IN A %OLD_IP% localhost 1200 IN A 127.0.0.1 client.es. 1200 IN MX 10 client-es.mail.protection.outlook.com. www 1200 IN CNAME client.es. ftp 1200 IN A %OLD_IP% cpanel 1200 IN A %OLD_IP% webdisk 1200 IN A %OLD_IP% whm 1200 IN A %OLD_IP% webmail 1200 IN A %OLD_IP% client.es. 1200 IN TXT "v=spf1 +a +mx +ip4:%OLD_IP% +include:outlook.com ~all" client.es. 1200 IN TXT ms=msXXXXXXXX cpcalendars 1200 IN A %OLD_IP% cpcontacts 1200 IN A %OLD_IP% default._domainkey 1200 IN TXT "v=DKIM1; k=rsa; p=BLAHBLAHBLAH; _cpanel-dcv-test-record 1200 IN TXT _cpanel-dcv-test-record=BLAHBLAHBLAH _acme-challenge.mail 1200 IN TXT BLAHBLAHBLAH client.es. 1200 IN TXT google-site-verification=BLAHBLAHBLAH
After express transfer in original server (authoritative):; cPanel first:11.42.1.20 (update_time):1629373888 Cpanel::ZoneFile::VERSION:1.3 hostname:kalel.hoster.tld latest:86.0.40 ; Zone file for client.es $TTL 14400 client.es. 1200 IN SOA ns3.hoster.tld. hoster.gmail.com. ( 2021081902 ;Serial Number 4800 ;refresh 3600 ;retry 1209600 ;expire 7200 ;minimum ) client.es. 1200 IN A %NEW_WEB_IP% client.es. 1200 IN NS ns5.hoster.tld. client.es. 1200 IN NS ns3.hoster.tld. localhost 1200 IN A 127.0.0.1 client.es. 1200 IN MX 10 client-es.mail.protection.outlook.com. www 1200 IN CNAME client.es. ftp 1200 IN A %NEW_WEB_IP% cpanel 1200 IN A %NEW_WEB_IP% webdisk 1200 IN A %NEW_WEB_IP% whm 1200 IN A %NEW_WEB_IP% webmail 1200 IN A %NEW_WEB_IP% client.es. 1200 IN TXT "v=spf1 +a +mx +ip4:%OLD_IP% +ip4:%NEW_WEB_IP% +include:outlook.com ~all" client.es. 1200 IN TXT ms=msXXXXXXXX cpcalendars 1200 IN A %NEW_WEB_IP% cpcontacts 1200 IN A %NEW_WEB_IP% default._domainkey 1200 IN TXT "v=DKIM1; k=rsa; p=BLAHBLAHBLAH; _cpanel-dcv-test-record 1200 IN TXT _cpanel-dcv-test-record=BLAHBLAHBLAH _acme-challenge.mail 1200 IN TXT BLAHBLAHBLAH client.es. 1200 IN TXT google-site-verification=BLAHBLAHBLAH
After express transfer in destination server:; cPanel first:98.0.5 (update_time):1629373902 Cpanel::ZoneFile::VERSION:1.3 hostname:kendall.hoster.tld latest:98.0.5 ; Zone file for client.es $TTL 14400 client.es. 86400 IN SOA ns3.hoster.tld. hoster.gmail.com. ( 2021081904 ;Serial Number 3600 ;refresh 1800 ;retry 1209600 ;expire 86400 ) client.es. 86400 IN NS ns3.hoster.tld. client.es. 86400 IN NS ns5.hoster.tld. client.es. 14400 IN A %NEW_MAIL_IP% client.es. 14400 IN MX 10 mailserver.hoster.tld. mail 14400 IN CNAME mailserver.hoster.tld. www 14400 IN CNAME client.es. ftp 14400 IN A %NEW_MAIL_IP% default._domainkey 14400 IN TXT "v=DKIM1; k=rsa; p=BLAHBLAHBLAH; client.es. 14400 IN TXT "v=spf1 +a +mx +ip4:%NEW_MAIL_IP% ~all" whm 14400 IN A %NEW_MAIL_IP% webmail 14400 IN A %NEW_MAIL_IP% cpcalendars 14400 IN A %NEW_MAIL_IP% cpanel 14400 IN A %NEW_MAIL_IP% cpcontacts 14400 IN A %NEW_MAIL_IP%
Result in original server is correct this time but I'm afraid that when we change authoritative server to the new one we're going to get into problems. TTL, MX, Google verifications, nothing is respected. Even IP is not correct, as A is pointing to mail server, instead that to web server. Also, this is a simpler case, as there is no different IP for mail server involved. I'll try to post one in which %OLD_IP% has to become %NEW_WEB_IP% for A record and %NEW_MAIL_IP% for mail record. Maybe this could be related to DNS templates. At first, we made a transfer of system config and templates are equal in all servers. May I know how are original DNS templates in fresh installed WHM?0 -
I could live with this, as being very careful when restoring DNS cluster and being old server zones transferred to new and not to the other side, should be correct. The problem is that DNS zone in authoritative server does not get correct IP for mail.client.tld, using web IP instead. There is a linked maild node and I don't know if you have experience in this scenario, but this could be a bug in transfer. This is an example of how zones result when MX has to change from local to new server with linked node: Original: ; cPanel first:11.38.2.2 (update_time):1629377306 Cpanel::ZoneFile::VERSION:1.3 hostname:oldserver.hoster.tld latest:86.0.40 $TTL 14400 client.es. 1200 IN SOA ns3.hoster.tld. hoster.gmail.com. ( 2021081900 ;Serial Number 10800 ;refresh 3600 ;retry 604800 ;expire 10800 ;minimum ) www 1200 IN CNAME client.es. client.es. 1200 IN MX 10 mail.client.es. ftp 1200 IN CNAME client.es. smtp 1200 IN CNAME mail.client.es. mail 1200 IN A %OLD_IP% pop3 1200 IN CNAME mail.client.es. webmail 1200 IN CNAME mail.client.es. ns 1200 IN A %OLD_IP% client.es. 1200 IN A %OLD_IP% client.es. 1200 IN TXT "v=spf1 +a +mx +ip4:%OLD_IP% -all" client.es. 1200 IN NS ns1.hoster.tld. client.es. 1200 IN NS ns3.hoster.tld. imap 1200 IN CNAME mail.client.es. webdisk 1200 IN A %OLD_IP% whm 1200 IN A %OLD_IP% cpanel 1200 IN A %OLD_IP% cpcalendars 1200 IN A %OLD_IP% cpcontacts 1200 IN A %OLD_IP% default._domainkey 1200 IN TXT "v=DKIM1; k=rsa; p=BLAHBLAHBLAH
Result in original server:; cPanel first:11.38.2.2 (update_time):1629379401 Cpanel::ZoneFile::VERSION:1.3 hostname:oldserver.hoster.tld latest:86.0.40 $TTL 14400 client.es. 1200 IN SOA ns3.hoster.tld. hoster.gmail.com. ( 2021081902 ;Serial Number 10800 ;refresh 3600 ;retry 604800 ;expire 10800 ;minimum ) www 1200 IN CNAME client.es. client.es. 1200 IN MX 10 mail.client.es. ftp 1200 IN CNAME client.es. smtp 1200 IN CNAME mail.client.es. mail 1200 IN A %NEW_WEB_IP% pop3 1200 IN CNAME mail.client.es. webmail 1200 IN CNAME mail.client.es. ns 1200 IN A %NEW_WEB_IP% client.es. 1200 IN A %NEW_WEB_IP% client.es. 1200 IN TXT "v=spf1 +a +mx +ip4:%OLD_IP% +ip4:%NEW_WEB_IP% -all" client.es. 1200 IN NS ns5.hoster.tld. client.es. 1200 IN NS ns3.hoster.tld. imap 1200 IN CNAME mail.client.es. webdisk 1200 IN A %NEW_WEB_IP% whm 1200 IN A %NEW_WEB_IP% cpanel 1200 IN A %NEW_WEB_IP% cpcalendars 1200 IN A %NEW_WEB_IP% cpcontacts 1200 IN A %NEW_WEB_IP% default._domainkey 1200 IN TXT "v=DKIM1; k=rsa; p=BLAHBLAHBLAH
Result in new server (should be discarded when DNS cluster is restored):; cPanel first:98.0.5 (update_time):1629379413 Cpanel::ZoneFile::VERSION:1.3 hostname:kendall.hoster.tld latest:98.0.5 ; Zone file for client.es $TTL 14400 client.es. 86400 IN SOA ns3.hoster.tld. hoster.gmail.com. ( 2021081903 ;Serial Number 3600 ;refresh 1800 ;retry 1209600 ;expire 86400 ) client.es. 86400 IN NS ns3.hoster.tld. client.es. 86400 IN NS ns5.hoster.tld. client.es. 14400 IN A %NEW_MAIL_IP% client.es. 14400 IN MX 0 client.es. mail 14400 IN CNAME client.es. www 14400 IN CNAME client.es. ftp 14400 IN A %NEW_MAIL_IP% default._domainkey 14400 IN TXT "v=DKIM1; k=rsa; p=BLAHBLAHBLAH client.es. 14400 IN TXT "v=spf1 +a +mx +ip4:%NEW_MAIL_IP% ~all" whm 14400 IN A %NEW_MAIL_IP% cpcontacts 14400 IN A %NEW_MAIL_IP% cpanel 14400 IN A %NEW_MAIL_IP% webmail 14400 IN A %NEW_MAIL_IP% cpcalendars 14400 IN A %NEW_MAIL_IP%
I expected %NEW_MAIL_IP% in SPF, mail, cpcontacts and cpcalendars records, instead of %NEW_WEB_IP%. Could you confirm if this is how transfers are working or there is something bad in my destination server? Thanks again for your support.0 -
Let me do some testing and I'll let you know what I find! 0 -
With the current implementation, your experience is working as intended. The transfer doesn't have any knowledge of the mail node or account distribution, so the account will need to be re-distributed after the migration is complete. To clarify, the transfer process can not auto-distribute the account as part of the migration. Is that what you were expecting to happen? We mention this in our support article here, and although it isn't exactly your situation, it does explain that the account needs to be re-distributed after the migration: 0 -
I think this article covers transferring an already distributed account, but we're doing opposite: transferring from single server to a new pair, one standard with linked node mail. WHM already has an option to transfer directly to linked node (attached screenshot), but I think that should be improved to set DNS zone correctly. I'm going to try transferring to local server only and then distributing, but as DNS cluster is disabled, I don't think this could make any better in new DNS zone calculation, at least in still authoritative, old server. 0 -
As I thought, I see no changes in DNS zone when transferring to local server and later distributing to linked mail node. But one thing I don't understand is that when distributing as second step, DNS zone in new server also does not change. I still think there is something weird with my DNS templates that make process fail. I've this line in my template: mail IN CNAME %maildomain%.
Please, can you confirm if this line is included in templates shipped on new WHM installations?0 -
That's correct - that's the same line I see on a default cPanel & WHM installation. Are you saying you've chosen that option in the Transfer Tool and it still is not formatting the DNS properly? 0 -
Are you saying you've chosen that option in the Transfer Tool and it still is not formatting the DNS properly?
Doesn't made a difference. In both cases IP was the standard, main node in original server. And in the new server, IP was the linked mail node for everything, including domain.tld A record.0 -
Ah - so that's something I didn't test. Let me check that again on my end. 0 -
I did the following on my end: -created ServerA with some accounts -created ServerB as the destination -linked ServerB to a separate mail node -migrated an account to ServerB from ServerA, making sure to click the mail linked node option in the Transfer Tool I then checked the DNS zone of the domain on ServerB and confirmed the mail.domain.com record was pointed to my mailserver's hostname, but the webmail record was pointed to the IP address of the destination server, which would break webmail logins. I've created case CPANEL-38231 with our developers to look into this, and you can follow along with this case here: 0 -
Right, that's the main problem. Thank you very much. While your developers review it, may I see the final DNS zone you got and template used? I still have doubts that everything is correct with my DNS zone templates and this is introducing more problems in my end. 0 -
Sure thing! Here are the templates from my test machine: standard: ; cPanel %cpversion% ; Zone file for %domain% $TTL %ttl% @ %nsttl% IN SOA %nameserver%. %rpemail%. ( %serial% ; serial, todays date+todays 3600 ; refresh, seconds 1800 ; retry, seconds 1209600 ; expire, seconds 86400 ) ; minimum, seconds %domain%. %nsttl% IN NS %nameserver%. %domain%. %nsttl% IN NS %nameserver2%. %domain%. %nsttl% IN NS %nameserver3%. %domain%. %nsttl% IN NS %nameserver4%. %nameserverentry%. IN A %nameservera% %nameserverentry2%. IN A %nameservera2% %nameserverentry3%. IN A %nameservera3% %nameserverentry4%. IN A %nameservera4% %domain%. IN A %ip% %domain%. IN AAAA %ipv6% ipv6 IN AAAA %ipv6% %domain%. IN MX 0 %domain%. mail IN CNAME %maildomain%. www IN CNAME %domain%. ftp IN CNAME %domain%.
standardvirtualftp; cPanel %cpversion% ; Zone file for %domain% $TTL %ttl% @ %nsttl% IN SOA %nameserver%. %rpemail%. ( %serial% ; serial, todays date+todays 3600 ; refresh, seconds 1800 ; retry, seconds 1209600 ; expire, seconds 86400 ) ; minimum, seconds %domain%. %nsttl% IN NS %nameserver%. %domain%. %nsttl% IN NS %nameserver2%. %domain%. %nsttl% IN NS %nameserver3%. %domain%. %nsttl% IN NS %nameserver4%. %nameserverentry%. IN A %nameservera% %nameserverentry2%. IN A %nameservera2% %nameserverentry3%. IN A %nameservera3% %nameserverentry4%. IN A %nameservera4% %domain%. IN A %ip% %domain%. IN AAAA %ipv6% %domain%. IN MX 0 %domain%. mail IN CNAME %maildomain%. www IN CNAME %domain%. ftp IN A %ftpip% ftp IN AAAA %ipv6%
Here's what my zone file looked like after the transfer on the Destination machine:cptest.com. 86400 IN SOA ns1.cprapid.com. root.10-2-68-59.cprapid.com. ( 2021081904 ;Serial Number 3600 ;refresh 1800 ;retry 1209600 ;expire 86400 ) cptest.com. 86400 IN NS ns1.cprapid.com. cptest.com. 86400 IN NS ns2.cprapid.com. cptest.com. 14400 IN A 10.2.68.59 cptest.com. 14400 IN MX 0 host.mailnodeserver.com. mail 14400 IN CNAME host.mailnodeserver.com. www 14400 IN CNAME cptest.com. ftp 14400 IN A 10.2.68.59 whm 14400 IN A 10.2.68.59 webdisk 14400 IN A 10.2.68.59 cpcalendars 14400 IN A 10.2.68.59 webmail 14400 IN A 10.2.68.59 cpanel 14400 IN A 10.2.68.59 cpcontacts 14400 IN A 10.2.68.59
0
Please sign in to leave a comment.
Comments
14 comments