setup 3 DNS servers - 1 DA license

cristian

Verified User
Joined
Feb 18, 2013
Messages
16
Hi guys (y)

I what to setup 3 DNS servers but i want to use only 1 DA license


my logic

all dedicated servers with Multi Server turned ON

vps server - ns1 = DA license Multi Server turned ON receives data from all servers
vps server - ns2 = no DA license only yum install bind bind-utils + rsync
vps server - ns3 = no DA license only yum install bind bind-utils + rsync

ns1
receives live data from the dedicated DA servers and ns2 + ns3 rsync with ns1 + restart named every hour


this will work ? is a problem in my logic?


Thank you (y)
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
5,254
Location
Maastricht
Just wondering why you would use rsync when afxr can be used, or even better, why not use a tool like Directslave with ns2 and ns3?
This way you can use Multi Server. If you do not use either DA license or Directslave (no DA license needed), I wouldn't know how Multiserver should work.

Seems to me Directslave is your best (and very easy) option.
 

cristian

Verified User
Joined
Feb 18, 2013
Messages
16
Just wondering why you would use rsync when afxr can be used, or even better, why not use a tool like Directslave with ns2 and ns3?
This way you can use Multi Server. If you do not use either DA license or Directslave (no DA license needed), I wouldn't know how Multiserver should work.

Seems to me Directslave is your best (and very easy) option.
Thank you!
I will try Directslave if you say it is a reliable solution.
I never used.
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,482
Multi Server only works with other DA servers. In your case you would need 3 DA licenses.
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,482
I am not familiar with DirectSlave. I was just commenting on how Multiserver normally works as in your first post.
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
5,254
Location
Maastricht
Directslave does not receive data from other directadmin servers in Multi Server mode ?
Directslave is especially designed to work with the Multi Server setup from Directadmin. So yes it does receive data from other DA servers with multi server setup enabled.
So you don't need 3 licenses if you work with Directslave. Works perfectly and is easy to setup, also support for it in it's thread here on the forum.
and has it's own website nowadays:

I've also used it in the past when we temporarily used 1 DA server and a cheap VPS for secondary DNS.
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,482
I simply have my dns servers rsync all the data from all the DA servers every 15 minutes.
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
5,254
Location
Maastricht
Why doing things easy when you can do them difficult? It's a choice.
I rather choose the easy way and have them synched instantly by DA itself, especially when using wildcard SSL certificates. ;)
Not that this matters much, but I don't see any benefit in using extra crons when not needed.
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,482
I feel like what I am doing IS the easy way. None of my clients have asked about wildcard SSL. And if the web server goes down for some reason the DNS is still up since they are dedicated DNS servers. That's all they do. Also I found with all the clients I had and all the domains they had the DNS on DA would always be reloading and that's not good either.
 

Arieh

Verified User
Joined
May 27, 2008
Messages
1,225
Location
The Netherlands
I'm using DirectSlave as well. The reasons for liking it may be: You use the protocols as intended, DA talks to DS, Bind talks to Bind, which results in quite fast updates whenever a user changes something in DA.

I'm wondering about rsync though, how do you manage to sync different domains from different DA servers and have the slave servers load all the zones / merging them? With DS there is a directslave file that lists all zone / db files, based on what it receives from DA. It also specifies the master (DA) to make AXFR work. With the rsync way, I guess you could read all files in the directory and generate an include file for it?
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,482
I just grab all the zone files and then a script generates the named.conf file and then reloads.

There are no slave servers. They are treated as master.
 

Arieh

Verified User
Joined
May 27, 2008
Messages
1,225
Location
The Netherlands
I see it indeed requires a script to generate the file. But one thing you may be missing in this setup is the permission check. With DA you can let it check if the other server does not already have this domain known, in order to prevent conflicts or hijacking the domain from another server in the group. This could be a risk when users are allowed to add their own domain.
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
5,254
Location
Maastricht
I feel like what I am doing IS the easy way.
I might have used the wrong term as I'm not native English. Rsync is indeed easy too. I ment easier using default or... maybe better. No really correct term comes to mind at this moment. Maybe "why creating things yourself when you can work with default integrated things would have been better.
But Arieh explained exactly what I mean.
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,482
I see it indeed requires a script to generate the file. But one thing you may be missing in this setup is the permission check. With DA you can let it check if the other server does not already have this domain known, in order to prevent conflicts or hijacking the domain from another server in the group. This could be a risk when users are allowed to add their own domain.
You have definitely give me something to think about. I never had a case of domain hijacking before.
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,482
I might have used the wrong term as I'm not native English. Rsync is indeed easy too. I ment easier using default or... maybe better. No really correct term comes to mind at this moment. Maybe "why creating things yourself when you can work with default integrated things would have been better.
But Arieh explained exactly what I mean.
No offense taken. You also have to realize that I have been doing this before DirectAdmin or any control panel. So I had to find a solution before control panels offered it. So maybe my is just easy for ME. If a problem came up I would have to deal with. It just hasn't happened yet. And maybe DirectSlave would work for me now. But I just don't see a reason to change other than check for domain hijacking.
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
5,254
Location
Maastricht
You also have to realize that I have been doing this before DirectAdmin or any control panel.
Ooooh, that explains a lot indeed. Directslave is also existing just a couple of years. And if you're doing this longer, this is a great solution and at least much easier then setting up a slave with afxr. Smart thinking!
So I think it would have been easy for a lot of people, not only for you. ;)
I guess if thinks were working for me that good and did not have any issues with it, I wouldn't change quickly to something else either.
 
Top