DEPRECATED! SEE THE NEW TUTORIAL - Listener::Named::Zonetransfer - Zonetransfer to Secondary Nameserver + Howto

  • How-To install a secondary nameserver w/o i-MSCP


    Install fresh debian 7.x minimal


    apt-get update && apt-get upgrade
    apt-get install bind9 bsdutils dnsutils
    mkdir /var/log/named
    touch /var/log/named/bind9.log
    touch /var/log/named/security.log
    chown -R bind /var/log/named


    in /etc/bind/named.conf add the line
    include "/etc/bind/named.conf.hostname";


    /etc/bind/named.conf.local

    Code
    1. zone "nameserver-parent-domain"{ //if your nameservers are ns1.domain.tld and ns2.domain.tld so your parent domain is domain.tld type slave; file "/var/cache/bind/nameserver-parent-domain.ch.db"; masters { imscp-server-ip; another-imscp-server-ip; }; //you can use one secondary for multiple imscp servers allow-notify { imscp-server-ip; another-imscp-server-ip; };};


    /etc/bind/named.conf.options

    Code
    1. options { directory "/var/cache/bind"; dnssec-validation auto; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; listen-on port 53 { 127.0.0.1; secondary-nameserver-ip; }; allow-recursion {127.0.0.1;}; allow-query { any; }; allow-transfer { imscp-server-ip; another-imscp-server-ip; }; notify no;};logging { channel bind9log { file "/var/log/named/bind9.log" versions 3 size 10m; severity dynamic; print-time yes; print-severity yes; print-category yes; }; channel security { file "/var/log/named/security.log" versions 2 size 5m; severity dynamic; print-time yes; print-severity yes; print-category yes; }; category default {bind9log;}; category security {security;}; category lame-servers {null;};};


    touch /root/syncdns.sh
    chmod +x /root/syncdns.sh


    create a cron job
    30 * * * * root bash /root/syncdns.sh


    Tip: if you setup two of this nameserver, you can use them both as primary and secondary instead of using the imscp servers as primary nameservers. The benefit of this setup is, that you can run two slaves for all of you imscp server and if you move domains from one imscp to another, you dont need to change nameserver records on this domains.


    You also may want to use this listener file to modify Your zone files:


    Listener::Named::Tuning2
    This listener file modifies the zone files, removes default nameservers and adds custom out-of-zone nameservers. Note configuration Options in the listener file.


    no warranty, good luck

  • hey Flames,


    This is a very nice thing, the only thing I was actually missing!
    In my installation it seems that the file is being ignored when placed in the listeners.d directory.


    I'll be on IRC, could we take a look at that?


    Maybe we can make the secondary steps into a little sh script, so it's easier for some folks on the forum.


    ** Edit 16:19 **
    We found a problem in my installation, the listener is completely fine and works great!
    Tip: Make sure to do imscp-setup -dr named if you haven't added the slave yet.

  • Hello, nice listener, thanks!


    Some feedback:


    - The listener failed due to the lack of htpasswd utility. Ubuntu's "apache2-utils" package should be installed before the installation of the listener
    - The dynamic config file use the internal IP of the master. Some hosts like AWS has different public and internal IPs. BASE_SERVER_PUBLIC_IP from /etc/imscp/imscp.conf should be used instead.

  • - thanks for info, never tested this on ubuntu (added this to the install-howto)
    - yep, right. (updated). for those behind a firewall or NAT, don't forget to forward needed port (TCP 53)

  • @flames



    Could you ensure that this listener is working as expected with last i-MSCP version and push it into the contrib directory of our main repository?


    Thanks ;)

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • Sure ;


    Thank bro ;)

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206