search

plesk / ext-slave-dns-manager

The extension for managing a remote slave DNS server via rndc protocol (bind).
Other
16 stars 12 forks source link

Plesk creates zones on Slave servers only after "rndc reload" #26

Open azzepis opened 6 years ago

azzepis commented 6 years ago

Hello. Please help with this. Lets say xxx.ttt.yyy.ddd - my plesk IP After adding domain through Plesk interface I see next on slave server logs:

Nov  1 14:30:38 SKRS1567 named[32160]: received control channel command 'addzone testdomain.wp4.host IN  { type slave; file "testdomain.wp4.host"; masters { xxx.ttt.yyy.ddd; }; };'
Nov  1 14:30:38 SKRS1567 named[32160]: zone testdomain.wp4.host added to view _default via addzone
Nov  1 14:30:38 SKRS1567 named[32160]: zone testdomain.wp4.host/IN: refresh: non-authoritative answer from master xxx.ttt.yyy.ddd#53 (source 0.0.0.0#0)
Nov  1 14:30:38 SKRS1567 named[32160]: received control channel command 'refresh testdomain.wp4.host IN '
Nov  1 14:30:38 SKRS1567 named[32160]: zone testdomain.wp4.host/IN: refresh: non-authoritative answer from master xxx.ttt.yyy.ddd#53 (source 0.0.0.0#0)

And there is no new domain on slave. If I run next command on Plesk server:

rndc reload

All great - domain is added to slave and I see next information in logs on slave:

Nov  1 14:35:29 SKRS1567 named[32160]: client xxx.ttt.yyy.ddd#3940: received notify for zone 'testdomain.wp4.host'
Nov  1 14:35:29 SKRS1567 named[32160]: zone testdomain.wp4.host/IN: Transfer started.
Nov  1 14:35:29 SKRS1567 named[32160]: transfer of 'testdomain.wp4.host/IN' from xxx.ttt.yyy.ddd#53: connected using ccc.ccc.ccc.ccc#52785
Nov  1 14:35:29 SKRS1567 named[32160]: zone testdomain.wp4.host/IN: transferred serial 2017110103
Nov  1 14:35:29 SKRS1567 named[32160]: transfer of 'testdomain.wp4.host/IN' from xxx.ttt.yyy.ddd#53: Transfer completed: 1 messages, 14 records, 416 bytes, 0.001 secs (416000 bytes/sec)
Nov  1 14:35:29 SKRS1567 named[32160]: zone testdomain.wp4.host/IN: sending notifies (serial 2017110103)
Nov  1 14:35:29 SKRS1567 named[32160]: client xxx.ttt.yyy.ddd#16805: received notify for zone 'tttttt.wp4.host'
Nov  1 14:35:29 SKRS1567 named[32160]: zone tttttt.wp4.host/IN: Transfer started.
Nov  1 14:35:29 SKRS1567 named[32160]: transfer of 'tttttt.wp4.host/IN' from xxx.ttt.yyy.ddd#53: connected using ccc.ccc.ccc.ccc#36730
Nov  1 14:35:29 SKRS1567 named[32160]: zone tttttt.wp4.host/IN: transferred serial 2017110103
Nov  1 14:35:29 SKRS1567 named[32160]: transfer of 'tttttt.wp4.host/IN' from xxx.ttt.yyy.ddd#53: Transfer completed: 1 messages, 14 records, 412 bytes, 0.001 secs (412000 bytes/sec)
Nov  1 14:35:29 SKRS1567 named[32160]: zone tttttt.wp4.host/IN: sending notifies (serial 2017110103)
Nov  1 14:35:29 SKRS1567 named[32160]: client zzz.zzz.zzz.zzz#28592: received notify for zone 'testdomain.wp4.host'
Nov  1 14:35:29 SKRS1567 named[32160]: zone testdomain.wp4.host/IN: refused notify from non-master: zzz.zzz.zzz.zzz#28592
Nov  1 14:35:30 SKRS1567 named[32160]: client zzz.zzz.zzz.zzz#22957: received notify for zone 'tttttt.wp4.host'
Nov  1 14:35:30 SKRS1567 named[32160]: zone tttttt.wp4.host/IN: refused notify from non-master: zzz.zzz.zzz.zzz#22957
azzepis commented 6 years ago

It's seems like slave won't handle the notifies from a zone for which it has no config.

ayamshanov commented 6 years ago

As I see in the first code snippet, slave DNS server ask zone from master DNS server, but the master answered that he is not authoritative ("non-authoritative answer from master").

After 'rndc reload' on master DNS server (Plesk server), 'bind' finds a new zone and start be authoritative. So, slave DNS server handles the notifies, but can't retrieve zone from master.

Could you say what # plesk version do you use? What version of bind installed on your server?

azzepis commented 6 years ago

On Plesk server: BIND 9.9.4-RedHat-9.9.4-51.el7 Plesk Onyx Version 17.5.3 Update #26

On Slave: BIND 9.9.5

ayamshanov commented 6 years ago

Do you use RedHat? What version?

azzepis commented 6 years ago

Centos 7 converted to Cloudlinux Linux 2.6.32-673.26.1.lve1.4.18.el6.x86_64

azzepis commented 6 years ago

Do you need any additional information to help with this?

ayamshanov commented 6 years ago

I couldn't reproduce the issue. I used Plesk Onyx 17.5.3 Update #29 (with bind 9.9.4-51.el7) on CloudLinux 7.4.

I start monitoring messages log-file (tail -f /var/log/messages | grep named). Every time when I add new A-record and click "Update", I see that "named" received a control command 'reload'.

Could you provide your named-logs from master DNS (grep named /var/log/messages with log-messages near a time when the problem occurs)? Could you provide more detail steps to reproduce the issue?

azzepis commented 6 years ago

Thank you very much for your support.

When I deleting zone I see nothing on plesk (master) , but I see next info on slave:

Nov 15 14:27:39 epsilon named[518247]: received control channel command 'delzone testingzone.wp4.host IN '
Nov 15 14:27:39 epsilon named[518247]: zone testingzone.wp4.host removed via delzone

And this works perfect

When I adding new zone (http://prntscr.com/harfyg) I see nothing on plesk (master) and next info on slave (xxx.xxx.xxx.xxx - plesk IP):

Nov 15 14:38:24 epsilon named[518247]: client 173.194.169.6#41296 (testingzone.wp4.host): query (cache) 'testingzone.wp4.host/A/IN' denied
Nov 15 14:38:24 epsilon named[518247]: client 173.194.170.110#58875 (testingzone.wp4.host): query (cache) 'testingzone.wp4.host/A/IN' denied
Nov 15 14:38:24 epsilon named[518247]: client 173.194.170.3#44592 (testingzone.wp4.host): query (cache) 'testingzone.wp4.host/A/IN' denied
Nov 15 14:38:24 epsilon named[518247]: client 173.194.170.68#59655 (testingzone.wp4.host): query (cache) 'testingzone.wp4.host/A/IN' denied
Nov 15 14:38:25 epsilon named[518247]: received control channel command 'addzone testingzone.wp4.host IN  { type slave; file "testingzone.wp4.host"; masters { xxx.xxx.xxx.xxx; }; };'
Nov 15 14:38:25 epsilon named[518247]: zone testingzone.wp4.host added to view _default via addzone
Nov 15 14:38:25 epsilon named[518247]: zone testingzone.wp4.host/IN: refresh: non-authoritative answer from master xxx.xxx.xxx.xxx#53 (source 0.0.0.0#0)
Nov 15 14:38:26 epsilon named[518247]: received control channel command 'refresh testingzone.wp4.host IN '
Nov 15 14:38:26 epsilon named[518247]: zone testingzone.wp4.host/IN: refresh: non-authoritative answer from master xxx.xxx.xxx.xxx#53 (source 0.0.0.0#0)
Nov 15 14:39:11 epsilon named[518247]: zone testingzone.wp4.host/IN: refresh: non-authoritative answer from master xxx.xxx.xxx.xxx#53 (source 0.0.0.0#0)

And zone not created on slave.

If I do "rndc reload" after that, Plesk adds zone to slave. And I see this on Plesk:

Nov 15 14:40:01 panel named[32325]: received control channel command 'reload'
Nov 15 14:40:01 panel named[32325]: loading configuration from '/etc/named.conf'
Nov 15 14:40:01 panel named[32325]: initializing GeoIP Country (IPv4) (type 1) DB
Nov 15 14:40:01 panel named[32325]: GEO-106FREE 20160607 Build 1 Copyright (c) 2016 MaxMind
Nov 15 14:40:01 panel named[32325]: initializing GeoIP Country (IPv6) (type 12) DB
Nov 15 14:40:01 panel named[32325]: GEO-106FREE 20160607 Build 1 Copy
Nov 15 14:40:01 panel named[32325]: GeoIP City (IPv4) (type 2) DB not available
Nov 15 14:40:01 panel named[32325]: GeoIP City (IPv4) (type 6) DB not available
Nov 15 14:40:01 panel named[32325]: GeoIP City (IPv6) (type 30) DB not available
Nov 15 14:40:01 panel named[32325]: GeoIP City (IPv6) (type 31) DB not available
Nov 15 14:40:01 panel named[32325]: GeoIP Region (type 3) DB not available
Nov 15 14:40:01 panel named[32325]: GeoIP Region (type 7) DB not available
Nov 15 14:40:01 panel named[32325]: GeoIP ISP (type 4) DB not available
Nov 15 14:40:01 panel named[32325]: GeoIP Org (type 5) DB not available
Nov 15 14:40:01 panel named[32325]: GeoIP AS (type 9) DB not available
Nov 15 14:40:01 panel named[32325]: GeoIP Domain (type 11) DB not available
Nov 15 14:40:01 panel named[32325]: GeoIP NetSpeed (type 10) DB not available
Nov 15 14:40:01 panel named[32325]: using default UDP/IPv4 port range: [1024, 65535]
Nov 15 14:40:01 panel named[32325]: using default UDP/IPv6 port range: [1024, 65535]
Nov 15 14:40:01 panel named[32325]: no IPv6 interfaces found
Nov 15 14:40:01 panel named[32325]: sizing zone task pool based on 1 zones
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 10.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 16.172.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 17.172.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 18.172.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 19.172.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 20.172.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 21.172.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 22.172.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 23.172.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 24.172.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 25.172.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 26.172.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 27.172.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 28.172.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 29.172.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 30.172.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 31.172.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 168.192.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 64.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 65.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 66.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 67.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 68.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 69.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 70.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 71.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 72.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 73.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 74.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 75.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 76.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 77.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 78.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 79.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 80.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 81.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 82.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 83.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 84.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 85.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 86.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 87.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 88.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 89.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 90.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 91.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 92.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 93.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 94.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 95.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 96.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 97.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 98.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 99.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 100.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 101.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 102.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 103.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 104.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 105.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 106.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 107.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 108.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 109.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 110.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 111.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 112.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 113.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 114.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 115.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 116.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 117.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 118.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 119.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 120.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 121.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 122.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 123.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 124.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 125.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 126.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 127.100.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 0.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 127.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 254.169.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: D.F.IP6.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 8.E.F.IP6.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 9.E.F.IP6.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: A.E.F.IP6.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: B.E.F.IP6.ARPA
Nov 15 14:40:01 panel named[32325]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Nov 15 14:40:01 panel named[32325]: reloading configuration succeeded
Nov 15 14:40:01 panel named[32325]: reloading zones succeeded
Nov 15 14:40:01 panel named[32325]: zone testingzone.wp4.host/IN: loaded serial 2017111503
Nov 15 14:40:01 panel named[32325]: zone testingzone.wp4.host/IN: sending notifies (serial 2017111503)
Nov 15 14:40:01 panel named[32325]: all zones loaded
Nov 15 14:40:01 panel named[32325]: running
Nov 15 14:40:01 panel named[32325]: client ns1.yyy.yyy.yyy#34381 (testingzone.wp4.host): transfer of 'testingzone.wp4.host/IN': AXFR started
Nov 15 14:40:01 panel named[32325]: client ns1.yyy.yyy.yyy#34381 (testingzone.wp4.host): transfer of 'testingzone.wp4.host/IN': AXFR ended
Nov 15 14:40:02 panel named[32325]: client ns2.zzz.zzz.zzz#55826 (testingzone.wp4.host): transfer of 'testingzone.wp4.host/IN': AXFR started
Nov 15 14:40:02 panel named[32325]: client ns2.zzz.zzz.zzz#55826 (testingzone.wp4.host): transfer of 'testingzone.wp4.host/IN': AXFR ended
Nov 15 14:41:03 panel named[32325]: client ns3.xxx.xxx.xxx#59038 (testingzone.wp4.host): transfer of 'testingzone.wp4.host/IN': AXFR started
Nov 15 14:41:03 panel named[32325]: client ns3.xxx.xxx.xxx#59038 (testingzone.wp4.host): transfer of 'testingzone.wp4.host/IN': AXFR ended

And this on Slave:

Nov 15 14:40:02 epsilon named[518247]: client xxx.xxx.xxx.xxx#8885: received notify for zone 'testingzone.wp4.host'
Nov 15 14:40:02 epsilon named[518247]: client ns1.yyy.yyy.yyy#31882: received notify for zone 'testingzone.wp4.host'
Nov 15 14:40:02 epsilon named[518247]: zone testingzone.wp4.host/IN: notify from ns1.yyy.yyy.yyy#31882: refresh in progress, refresh check queued
Nov 15 14:40:02 epsilon named[518247]: zone testingzone.wp4.host/IN: Transfer started.
Nov 15 14:40:02 epsilon named[518247]: transfer of 'testingzone.wp4.host/IN' from xxx.xxx.xxx.xxx#53: connected using ns3.xxx.xxx.xxx#55826
Nov 15 14:40:02 epsilon named[518247]: zone testingzone.wp4.host/IN: transferred serial 2017111503
Nov 15 14:40:02 epsilon named[518247]: transfer of 'testingzone.wp4.host/IN' from xxx.xxx.xxx.xxx#53: Transfer completed: 1 messages, 14 records, 407 bytes, 0.013 secs (31307 bytes/sec)
Nov 15 14:40:02 epsilon named[518247]: zone testingzone.wp4.host/IN: sending notifies (serial 2017111503)
Nov 15 14:41:03 epsilon named[518247]: client ns2.zzz.zzz.zzz#18216: received notify for zone 'testingzone.wp4.host'
Nov 15 14:41:03 epsilon named[518247]: zone testingzone.wp4.host/IN: notify from ns2.zzz.zzz.zzz#18216: zone is up to date
ayamshanov commented 6 years ago

Thank you for the information, something strange on master DNS, not on the slave.

Could you repeate test and run /usr/local/psa/admin/sbin/dnsmng --update testingzone.wp4.host instead of rndc reload?

azzepis commented 6 years ago

I did that. nothing happens , there is no any message in logs and no new zone on slave too

putout commented 1 year ago

any suggestions ? same issue here.