How to reuse the DNS glue records across all DNS zones?

    • solved
  • Chrissio
  • Closed
  • Thread is marked as Resolved.

    Hello,


    another problem with DNS templates of i-MSCP (all old and new Versions):


    Normally my server config has a server domain like mydomain.com.


    Admin panel is reachable with config.mydomain.com


    With glue record registered Nameservers are ns1.mydomain.com and ns2.mydomain.com.


    in /var/cache/bind/mydomain.com.db are following entries:

    Code
    1. $ORIGIN .$TTL 10800 ; 3 hoursmydomain.com IN SOA ns1.mydomain.com. postmaster.mydomain.com. ( 2014112401 ; serial 10800 ; refresh (3 hours) 3600 ; retry (1 hour) 1209600 ; expire (2 weeks) 3600 ; minimum (1 hour) ) NS ns1.mydomain.com. NS ns2.mydomain.com. A ipA.ddr.e.ss MX 10 mail.mydomain.com. TXT "v=spf1 a mx -all" SPF "v=spf1 a mx -all"$ORIGIN mydomain.com.forum A ipA.ddr.e.ssMX 10 mail TXT "v=spf1 a mx -all" SPF "v=spf1 a mx -all"$ORIGIN mydomain.com.ftp A ipA.ddr.e.ssimap A ipA.ddr.e.ssmail A ipA.ddr.e.ssns1 A ipA.ddr.e.ssns2 A ipA.ddr.e.ss2pop A ipA.ddr.e.sspop3 A ipA.ddr.e.ssrelay A ipA.ddr.e.sssmtp A ipA.ddr.e.sswww CNAME mydomain.com.


    Now i create another Customer with Domain customerdomain.com;
    This Customerdomain has no own nameservers and no own glue records.


    This Domain has the Nameservers ns1.mydomain.com and ns2.mydomain.com.


    I-MSCP creates the file /var/cache/bind/customerdomain.com.db with the following entries:


    Code
    1. $ORIGIN .$TTL 10800 ; 3 hourscustomerdomain.com IN SOA ns1.customerdomain.com. postmaster.customerdomain.com. ( 2014112400 ; serial 10800 ; refresh (3 hours) 3600 ; retry (1 hour) 1209600 ; expire (2 weeks) 3600 ; minimum (1 hour) ) NS ns1.customerdomain.com. NS ns2.customerdomain.com. A ipA.ddr.e.ss MX 10 mail.customerdomain.com. TXT "v=spf1 a mx -all" SPF "v=spf1 a mx -all"$ORIGIN customerdomain.com.ftp A ipA.ddr.e.ssimap A ipA.ddr.e.ssmail A ipA.ddr.e.ssns1 A ipA.ddr.e.ssns2 A ipA.ddr.e.ss2pop A ipA.ddr.e.sspop3 A ipA.ddr.e.ssrelay A ipA.ddr.e.sssmtp A ipA.ddr.e.sswww CNAME customerdomain.com.


    But all nameserver entries are not correct.


    A check with test tool from german network information center http://www.denic.de/hintergrund/nast.html tells me:



    If i change the file /var/cache/bind/customerdomain.com.db to the following entries:



    and reload bind name server, the nameservercheck says:


    Quote


    approved Domain : customerdomain.com
    Result : examination successfully.
    Nameserver IPs
    ns1.mydomain.com ipA.ddr.e.ss
    ns2.mydomain.com ipA.ddr.e.ss2


    What can i do?


    A manually change of each file is impossible - so it must give a way to change the nameservers permanently to correct entries.

    Hello ;


    Not a bug. I'll answer later because I'm in support session.


    Thread moved.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    SSH key for online support

    Hello ;


    The DNS layer has been inherited from the VHCS hosting panel. When that DNS layer has been implemented, the principle of per DNS zone glue record has been retained, meaning that for each domain created under i-MSCP, you have to go at the registrar interface ( domain provider ) and create the needed glue records (ns1.domain.tld -> i-MSCP server IP, ns2.domain.tld --> Secondary DNS server IP...). This must be always done after the domain creation in the panel.


    In your case, you want reuse the glue records created using your main domain for all DNS zones. This can be easily achieved by editing the default i-MSCP DNS zone template file. In order you must:


    1. Edit the /etc/imscp/bind/parts/db.tpl which can finally be:

    Code
    1. $TTL 3H$ORIGIN {DOMAIN_NAME}.@ IN SOA ns1.mydomain.com. postmaster.mydomain.com. ( {TIMESTAMP}; Serial 3H; Refresh 1H; Retry 2W; Expire 1H; Minimum TTL)@ IN NS ns1.mydomain.com.@ IN NS ns2.mydomain.com.@ IN {IP_TYPE} {DOMAIN_IP}ns1 A ipA.ddr.e.ssns2 A ipA.ddr.e.ss2www IN CNAME @ftp IN A {DOMAIN_IP}; dmn MAIL entry BEGIN@ IN MX 10 mail@ IN TXT "v=spf1 a mx -all"@ IN SPF "v=spf1 a mx -all"mail IN {BASE_SERVER_IP_TYPE} {BASE_SERVER_IP}imap IN {BASE_SERVER_IP_TYPE} {BASE_SERVER_IP}pop IN {BASE_SERVER_IP_TYPE} {BASE_SERVER_IP}pop3 IN {BASE_SERVER_IP_TYPE} {BASE_SERVER_IP}relay IN {BASE_SERVER_IP_TYPE} {BASE_SERVER_IP}smtp IN {BASE_SERVER_IP_TYPE} {BASE_SERVER_IP}; dmn MAIL entry ENDING; sub [{SUBDOMAIN_NAME}] entry BEGIN; sub [{SUBDOMAIN_NAME}] entry ENDING$ORIGIN {DOMAIN_NAME}.; custom DNS entries BEGIN; custom DNS entries ENDING; ctm als entries BEGIN; ctm als entries ENDING


    2. rerun the /var/www/imscp/engine/setup/imscp-setup script (not the installer) to rebuild all DNS zone files.


    That all.


    However here, a small problem still persist: The following DNS resource records:


    Code
    1. ns1 A ipA.ddr.e.ss
    2. ns2 A ipA.ddr.e.ss2


    should be normally present only in the mydomain.com DNS zone file. This is not really a big deal but this will cause some out-of-zone data warnings.


    Note: The template file is overridden on every i-MSCP update.



    BTW: All this here has been already reported to us in many places and many tickets. The version 2.0.0 will fix that.


    If you need help, you can ask @Athar which always modify the dns template file as show above.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    SSH key for online support

    Ok, i will do it for 1.x Versions, and wait for the 2.x.


    Thank you.

    @Chrissio


    You must probably also edit the /etc/imscp/bind/parts/cfg_master.tpl template file. Anyway, look at all template files under /etc/imscp/bind/parts ;)

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    SSH key for online support