Using one set of DnsOnly for multiple customers

ilanh

• January 05, 2016 06:19

We provide VPS with cPanel for customers and want to provide a predefined set of DnsOnly servers that WHM server owners can use. Current problem is that even if we define sync changes from customer to DNS and no reverse from DNS to customer, customers can see and edit all zones stored on DNS servers. Do I need to create a separate BIND user for each reseller? Is it possible to limit the zone sharing between servers?

• 

  cPanelMichael

  • January 05, 2016 15:18

  Hello :) It's not advised to configure a DNS cluster with cPanel DNS-Only if the servers in the cluster belong to separate individuals or companies due to the nature of how zones are shared. There's an open feature request for this at: Ownership and access control of zones in the dns server. Thank you.

  0
• 

  alex[nl]

  • January 13, 2016 10:42

  I read the ownership link in detail but it is unclear to me, and as I am currently setting it up a follow up question to the above scenario. I try to be as clear as possible. If you would setup as following, with 2 webservers and 2 dns only servers: If you would add the 2 dnsonly servers in the cluster on each of the web servers web1 web1.bla.com -> synchronise changes -> dns1.bla.com web1.bla.com -> synchronise changes -> dns2.bla.com web2 web2.bla.com-> synchronise changes -> dns1.bla.com web2.bla.com-> synchronise changes -> dns2.bla.com And you would add web1.bla.com -> standalone on dns1.bla.com web2.bla.com -> standalone on dns1.bla.com If I would change somedomainonweb1.com hosted on web1.bla.com, would it apear in the dns settings on web2.bla.com ? Is there a need to add web1/web2 on any of the dns1/2 servers in their respective cluster settings at all? If you do not add them web1 will send all records to dns1/2 even though it is not mentioned in the cluster settings on dns1/2.

  0
• 

  cPanelMichael

  • January 13, 2016 15:40

  [QUOTE="alex[nl], post: 2093711, member: 85829">If I would change somedomainonweb1.com hosted on web1.bla.com, would it apear in the dns settings on web2.bla.com ? Is there a need to add web1/web2 on any of the dns1/2 servers in their respective cluster settings at all? If you do not add them web1 will send all records to dns1/2 even though it is not mentioned in the cluster settings on dns1/2.
  Both hosting servers will show the zones from both servers listed under "Edit A DNS Zone" in WHM if you connect both servers to the same DNS cluster. DNS clusters are not designed for sharing between separate hosting companies, which is what the feature request seeks to address. Thank you.

  0
• 

  alex[nl]

  • January 13, 2016 18:30

  That's too bad. I hope the feature request eventually gets picked up (it was opened after a forum discussion more than 5 years ago).

  0

Please sign in to leave a comment.