Control Web Panel
WebPanel => DNS => Topic started by: Starburst on August 24, 2020, 09:11:47 PM
-
I just setup Slave DNS Server & Manager on CentOS 8, everything seems to be working, but when I access CWP's DNS Zone List, it doesn't show any of the zones.
Towards the bottom of http://wiki.centos-webpanel.com/slave-dns-server-manager-download-version, is:
CWPpro WebServer configuration
Edit File: /etc/named.conf and add this in options section before closing }
//Slave dns configuration
allow-transfer {111.112.113.114;};
allow-recursion {111.112.113.114;};
also-notify {111.112.113.114;};
masterfile-format text;
My question is, is this for the Web Server or the DNS Manager Server?
Further up in the instructions, it has you already edit this file.
Thanks
-
The setup is for Web Server ( where u put your domains with website and where is running a master dns server by default - from where u want to transfer to your dns servers which will be public for your domain hosted on CWP )
Example from my setup
in /etc/named.conf , before
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
Add this
allow-recursion { any; ::1; ip1; ip2; };
allow-transfer { 127.0.0.1; ip1; ip2; };
also-notify { ip1; ip2; };
masterfile-format text;
};
( Where ip1 and ip2 - is ex: 111.112.113.114 )
-
I had it placed after:
allow-query { any; };
And before:
/*
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
Should I move it to where you suggest?
-
if u added after
allow-query { any; };
add only
allow-recursion { any; ::1; ip1; ip2; };
allow-transfer { 127.0.0.1; ip1; ip2; };
also-notify { ip1; ip2; };
masterfile-format text;
-
That's have I have it, so it should be working OK then.
-
That's have I have it, so it should be working OK then.
It should be fine ... but u will need configure allso the slave dns to permit trasnfer of zone AXFR
on a slave DNS server
in options tag ( global settings )
allow-query { any; ip1; ip2; };
where ip1 and ip2 master dns server - where is domain zone defined
and also on slave dns - zone define like:
zone "domain.com" { type slave; file "slave/db.domain.com"; masters { ip1; };};
-
if u added after
allow-query { any; };
add only
allow-recursion { any; ::1; ip1; ip2; };
allow-transfer { 127.0.0.1; ip1; ip2; };
also-notify { ip1; ip2; };
masterfile-format text;
Left out the recursion (cache) line, because can't that allow for a potential DDoS attack?