DirectSlave - solution to add and remove zones on slave without DirectAdmin

Good idea, snk, I think I add this to next release. Also, checking for CGI module presence in ./lib might be useful.
 
This sounds great :D

One question, is DirectSlave compatible with the "Domain Check" feature of the multi-server setup?

If not, a malicious user with multi-domain privileges could really create havoc.
 
This sounds great :D

One question, is DirectSlave compatible with the "Domain Check" feature of the multi-server setup?

If not, a malicious user with multi-domain privileges could really create havoc.

roman_m
Thank you very much for this nice code.

I think unfortunately not that it works, because I just tested it and I do not have any trouble creating the same domain on multiple servers, I would hope that this is something that will be added.
 
Last edited:
No, it does not compatible with "Check domain" because it acts as a secondary, not primary. All of these checks must be done on your master DirectAdmin servers.
 
Of course, it's just setting up Multi Server to check out between them running DirectAdmin, but I would like it so I could use them for other server has no control panel, for they server I use as DNS has many other domains that are not on a server with control panel, and many domains located on different server.

Is this something that can be made so that it will work, or it may just not work?
 
I created a duplicate check on my own Master2Slave DNS Replicator, which uses a Master/Slave configuration (the terms primary/secondary when referring to DNS masters and slaves has been deprecated for some years now). I decided to check on the master and to report if duplicates exist, so they can be removed.

I suppose this could be done on the master if the master was aware of the name of the slave servers it was serving, but this would require coding at the Master end; I don't believe you can do this on the DirectAdmin side (the Master side), so it probably won't work unless DirectAdmin code is modified.

Jeff
 
Hi roman_m
Your script is working great.
What dou you think is the best way to transfer all old existing zones to the secondary?
 
The best way is to do

echo "action=rewrite&value=named" >> /usr/local/directadmin/data/task.queue

on master.
 
2 masters possible?

Is it possible to have 2 masters for a domain?

I have one server with DirectAdmin acting as DNS Master. And I have the other server with DirectSlave acting as Master for the DirectAdmin server domains. It runs ok.

Is this the correct way? Or must I configure DirectSlave as Slave (instead of Master) ???

Thanks
 
Nobody forbids to have 2 (or more) masters configured for one domain. The purpose of DNS servers for domain that is servers must be in sync state, no more, no less. DirectSlave software allow to keep you secondary server in sync unless you have strong internet connection between master and slave. If you have weak connection, better way to keep your master and slave in sync is use Slave mode in DirectSlave.
 
I have installed this but when testing the connection from my DA server it says this:
141.xxx.xxx.xxx Unable to get api result. Check your configuration options.
Both ip's from both servers are not present in the firewall. Ports 53 udp are open on both servers as well as 2222 which I configured in directslave.conf.
So I started DA in debug mode and then this is the result:
/CMD_MULTI_SERVER
Post string: port-141.xxx.xxx.xxx=2222&user-141.xxx.xxx.xxx=admin&dns-141.xxx.xxx.xxx=yes&select0=141.xxx.xxx.xxx&passwd=mypassword&test=Test+Connection%28s%29&action=multiple
Checking referer http://www.mydomain.nl:2222/CMD_MULTI_SERVER to www.mydomain.nl:2222
Command::doCommand(/CMD_MULTI_SERVER)
Command::doCommand(/CMD_MULTI_SERVER) : finished
Command::run: finished /CMD_MULTI_SERVER
Sockets::handshake - begin
Sockets::handshake - end

This is my directslave config (without the comments between brackets ofcourse):
background 1
server_type Fork
host 141.xxx.xxx.xxx (my non-DA vps ip where directslave is running on)
port 2222
debug 0

uid named
gid named

pid /usr/local/directslave/run/directslave.pid
access_log /usr/local/directslave/log/access.log
error_log /usr/local/directslave/log/error.log
action_log /usr/local/directslave/log/action.log

mode slave
named_workdir /var/named/slaves
named_conf /etc/secondary/named.conf
retry_time 1200
rndc_path /usr/sbin/rndc

allow 46.14.xxx.xxx (my da server ip)

auth admin:mad:#$(*@P$%#$% (mypassword)

What am I doing wrong? Why is DA not connecting to the secondary nameserver?
I want the VPS to be my secondary nameserver, so when my DA server goes down, one can still do lookups for the domains. Then I must use the slave setting, correct>
I don't understand what I'm doing wrong.

Do I need to have the rndc.key the same on both servers or something?

By the way... in the /usr/local/directslave/error.log I can see a lot of these lines:
This doesn't look like start-end
at /usr/lib/perl5/site_perl/5.8.8/Net/Server.pm line 602
This doesn't look like start-end
at /usr/lib/perl5/site_perl/5.8.8/Net/Server.pm line 602
This doesn't look like start-end
at /usr/lib/perl5/site_perl/5.8.8/Net/Server.pm line 602
This doesn't look like start-end

Both servers are running Centos.
 
Last edited:
I have installed this but when testing the connection from my DA server it says this:

Both ip's from both servers are not present in the firewall. Ports 53 udp are open on both servers as well as 2222 which I configured in directslave.conf.
So I started DA in debug mode and then this is the result:



This is my directslave config (without the comments between brackets ofcourse):


What am I doing wrong? Why is DA not connecting to the secondary nameserver?
I want the VPS to be my secondary nameserver, so when my DA server goes down, one can still do lookups for the domains. Then I must use the slave setting, correct>
I don't understand what I'm doing wrong.

Do I need to have the rndc.key the same on both servers or something?

By the way... in the /usr/local/directslave/error.log I can see a lot of these lines:


Both servers are running Centos.

Did you get this resolved? If not, what solution did you end us using? And why not simply just use the DA multi server setup in DA?
 
At first i did not get this resolved so I used master2slave which also needed some minor adjustments.

Since this week I have contact via PM with the author Roman and we are going to fix the issue with Directslave.
Directslave works in combination with the DA multi server setup. I needed directslave we wanted to use a VPS without Directadmin as secondary nameserver. If you don't have DA, you don't have DA multi server setup either.:)
Directslave can be used with the multi server setup so that was the easyest solution.
 
Did you get this resolved? If not, what solution did you end us using? And why not simply just use the DA multi server setup in DA?

I think this problem resolved already. Just need to set "allow" parameter in CIDR format, not IP only.
This is described in README file included in DirectSlave distribution.

Code:
allow           0.0.0.0/0 - list of allowed hosts in cidr format, must be
                            specified as ip/mask. 0.0.0.0/0 - allow all, or
                            list of values (212.109.44.44/32, 217.20.163.14/32)

Also, DA multiserver feature works only between DA-enabled servers. DirectSlave allow to use non-DA server in DirectAdmin Multiserver setup without installing DirectAdmin. The preference of DS is that you can set it up on any in-production OS (which have perl installed, even on Windows, using bind-w32 and strawberry perl, LOL) without breaking system functionality.
 
you can set it up on any in-production OS (which have perl installed, even on Windows, using bind-w32 and strawberry perl, LOL) without breaking system functionality.
You can also use it in a smaller VPS than you'd otherwise need for DirectAdmin.

Jeff
 
Back
Top