How to configure BIND from scratch for a Plesk Slave DNS server and still use Virtualmin Slaves

Background

Configuring Plesk multi DNS server is a breeze except for setting the Bind permissions.

Configuring Virtualmin Slave DNS servers is also fairly easy if you’ve done it a few times.

A confusing situation arises when you use the same slave server for both products.

The reason why this is a mission is because of the confusion array of configuration files and where to put what, especially the keys used for Plesk. Also you don’t want to break a working Virtualmin configuration.

The three primary configuration files that you will be working on are:

  • cat /etc/bind/rndc.conf.options
  • cat /etc/bind/rndc.key
  • cat /etc/bind/named.conf.options

To get yourself oriented, login to the Plesk Slave server configuration screen and look at the new slave server configuration landing page:

 

Changes

1 of 2

Allow new zones

Add allow-new-zones yes; to /etc/bind/named.conf.options. Add it to the bottom with a comment.

2 of 3

Copy algorithm and secret

The algorithm suggested is hmac-md5. Your Virtualmin slave server might already be using hmac-sha256. Be sure to use hmac-md5. This you will find in rndc.key. Do not copy as per slave wizard on Ubuntu. You can uncomment the old algorithm and secret.

Warning: You don’t have to specify a new key name!

3 of 3

The final step is to update named.conf, and not named.conf.options!

Add the sections as per the slave config.

Troubleshooting

After an IP address change

After changing the Plesk IP rdnc, the protocol used to sync, will get confused. It will keep on reverting to the old IP address no matter what you do.

Steps to check:

  1. Make sure in /etc/bind/named.conf you have the correct new IP address. Use curl ifconfig.me to make sure if you have more than one IP address!
  2. Backup, and then delete everything in /var/cache/bind. Yep, rndc stores stuff here and until you delete the information here you’ll keep on getting referral to the wrong mater.
  3. After deleting this directory, first restart name. This will create a new structure like so:
root@ns3:/var/cache/bind# ls -lah
total 24K
drwxrwxr-x  3 root bind 4.0K Jun 18 18:13 .
drwxr-xr-x 16 root root 4.0K Jun  1 07:35 ..
drwxr-xr-x  2 root root 4.0K Jun 18 18:12 _backup
-rw-------  1 bind bind 8.0K Jun 18 18:13 _default.nzd
-rw-r--r--  1 bind bind 1.1K Jun 18 18:13 managed-keys.bind.jnl

4. Finally, use the Plesk slave menu to resync. All the zones will be recreated and the access permissions will work.

Good luck!

 

 

 

 

 

Tags

  • Updated:

Share this article

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright 2024 © All rights Reserved

Scroll to Top