Feature request - Make it possible to tell i-MSCP to not manage DNS RR for a specific domain

  • When we have local DNS resolution with Bind9 and in domain configuration we choose for a domain No on custom DNS Records, we wish comment or remove from named.conf.local entry of that domain.

  • When we have local DNS resolution with Bind9 and in domain configuration we choose for a domain No on custom DNS Records, we wish comment or remove from named.conf.local entry of that domain.

    The feature for custom DNS resource records has nothing to do with the fact that the DNS zone file will be generated or not for a specific domain. Once you enable bind9 while installing i-MSCP, that last will generrate a DNS zone file for all managed domains. Basically put, what you want is a switch in the UI to tell i-MSCP to not manage DNS zone for a specific domain. That's a feature request. You need create that feature request on our issue tracker. This shouldn't be hard to implement.


    theemstra I think that with my explanation you now understand the purpose.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    account_detailed.gif

  • Nuxwin

    Added the Label to be implemented
  • Nuxwin

    Changed the title of the thread from “Bind name resolution exclusion for Postfix” to “Feature request - Make it possible to tell i-MSCP to not manage DNS RR for a specific domain”.
  • Yes thanks:


    Little use case example:

    - Installation of i-mscp with DNS resolve locally.

    - I create a domain with local DNS entry for example domaindnslocal.tld and this is normal and use local DNS to resolve with bind9 template because in domain configuration we have "Custom DNS records" to yes

    - I create another domain for example domainnolocaldns.tld without "Custom DNS records" (to No) so in this case we need to skip local DNS resolution so in file /etc/bind/named.conf.local lines about domainnolocaldns.tld should be commented or removed.


    With this should be possible switch DNS resolver to remote and locally when required.


    I think this will be very usefull for all of us.


    Gj at all ;)

  • Nothing to do with Custom DNS RR feature...

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    account_detailed.gif

  • If I understood the request correctly, he wants DNS resolver not globally but per domain.

    currently while i-MSCP setup you can specify either to user or not to use the local DNS resolver. From evolvia's explanation he would like to define that not globally, but per customer.

    possible solution: always enable local DNS resolver globally (remove dialog in setup), but if a customer is set to disabled, don't create a zone file (then server resolves this domain-zone externally). if enabled, then do create a zone file. severenity medium++

  • If I understood the request correctly, he wants DNS resolver not globally but per domain.

    currently while i-MSCP setup you can specify either to user or not to use the local DNS resolver. From evolvia's explanation he would like to define that not globally, but per customer.

    possible solution: always enable local DNS resolver globally (remove dialog in setup), but if a customer is set to disabled, don't create a zone file (then server resolves this domain-zone externally). if enabled, then do create a zone file. severenity medium++

    Well, that's exactly what I say excepted the fact that in your case you propose to remove dialog in installer regarding local DNS resolver.


    The question for the local resolver is part of the Bind9 server implementation: "Do you want use Bind9 as local DNS resolver", in which case an entry such as nameserver 127.0.0.1 in the /etc/resolv.conf file is added.


    The local DNS resolution is not directly linked to his problem because even if you don't set Bind9 as local resolver, you'll need a resolver. The fact is that if Bind9 is used as local DNS resolver, names will be resolved locally (no external query) when it is authoritative for them. That why a simple switch in the UI (enable/disable DNS management) for a specific domain (or per customer account) should be sufficient.


    Note that this has nothing to do with the custom DNS RR feature. That last depend on the DNS feature which is currrently always turned on once you install Bind9 while i-MSCP installation.


    Finally, I think that we understand each other ;)

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    account_detailed.gif

  • Well, that's exactly what I say excepted the fact that in your case you propose to remove dialog in installer regarding local DNS resolver.

    This should be a simplification because is always external resolver but become locally when choose to customize DNS records. At UI altredy exist this switch per customer.

  • This should be a simplification because is always external resolver but become locally when choose to customize DNS records. At UI altredy exist this switch per customer.

    I've repeated already three times that the feature for custom DNS resource records has nothing to do with your problem. The button for the custom DNS record (reseller side) only enable or disable the custom DNS resource record feature for the client. That feature allows the client to add its own DNS resource records or override default SPF resource records. This has nothing to do with the fact that a zone file will be created or not for the domain... If you select bind9 while the i-MSCP installation and use it as local resolver, the DNS server will be authoritative for any domain managed through i-MSCP, at least locally.


    Now, if you're really constating some differences when the feature for the custom DNS resource records is enabled or disabled, which shouldn't be the case unless you effectively add custom DNS record through the custom DNS interface (client side), you should at least provide us with the differences (axfr result). Assumptions are just unhelpful here and we are not magiciens. Basically put:

    • Enable the custom DNS resource records feature for your client, then provide us with the result of the following command (from your server): dig axfr <domain.tld>
    • Disable the custom DNS resource records feature for your client, then provide us with the result of the following command (from your server): dig axfr <domain.tld>


    Thank you.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    account_detailed.gif

  • No problem. We are here to make more clean as possible:

    1. I have activated a new domain name on OVH mantainer evolvia.website
    2. Add the domain on i-MSCP panel where I have installed 1.5.3 with global resolve DNS locally
    3. On domain evolvia.website to the panel in this case I put "Yes" on "Custom DNS records"
    1. Come back to control panel and choose "No" on "Custom DNS records" at this moment I supposed that resolver search remotly but dig give to us same result



    So I think in this case is usefull to force remotly resolve.

    Tell me if I can make all more clean ;)