DNS cluster Master -> Slave not working

Spacemania · March 24, 2023, 8:46pm

Hi there,

I tried to migrate the DNS cluster to Master → Slave. After sync with v-sync-dns-cluster, the slave DNS does not answer queries anymore.

Hestia Server is behind a NAT, backup DNS Server have only a public IP address and is hosted at other provider. In the Bind configuration file on slave server, I see the private IP address as master which of course can not work.

Is there a way to prevent this? As I understand, we need to add “transfer-source ;” to every zone.

Here an example:
zone “example.com” {
type master;
file “/etc/bind/zones/example.com.zone”;
transfer-source ;
};

This should be done automatically by the Hestia control panel when creating a DNS zone if the server is running behind a NAT.

Thank you

Sandeep · March 24, 2023, 8:55pm

hi if it there is a error message “refused” you need to chekc the port 53 is open in nat environment.

port should be forwarded 1:1

Spacemania · March 24, 2023, 9:55pm

Hi

I have a 1:1 NAT, this is not the problem.

Here the log:
Mar 24 20:53:43 ns2 named[9092]: transfer of ‘xyz/IN’ from 192.168.101.30#53: shut down: operation canceled
Mar 24 20:53:43 ns2 named[9092]: transfer of ‘xyz/IN’ from 192.168.101.30#53: Transfer status: operation canceled
Mar 24 20:53:43 ns2 named[9092]: transfer of ‘xyz/IN’ from 192.168.101.30#53: Transfer completed: 0 messages, 0 records, 0 bytes, 23.317 secs (0 bytes/sec)

Slave DNS try to connect to the master with IP 192.168.101.30 and not the public, so no records are transferred.

scan · March 24, 2023, 10:29pm

I confirm the issue with master → slaves sync. I just create the similar issue report on GitHub

eris · March 25, 2023, 5:42am

Check if:
/usr/local/hestia/data/users/{user}/dns.conf stores the public ip under the ip or the local.

Nevermind it is using:
ip=$($BIN/v-list-sys-ips plain | cut -f1 | head -n1)

Spacemania · March 25, 2023, 7:55am

In the dns.conf file the public IP address is set

eris · March 25, 2023, 8:07am

Please try if this:

Sovles the issue

To be honest I didn’t test DNS cluster behind a NAT…

Spacemania · March 25, 2023, 10:43am

I have changed the file v-add-remote-dns-domain on the Hestia Server, but unfortunately still have the same problem. On the DNS Cluster I see this in the named.conf:

zone “xyz.com” in {type slave; masters { 192.168.101.30; }; file “/home/dns-cluster/conf/dns/xyz.com.db”;};

eris · March 25, 2023, 10:57am

Did you ran v-sync-dns-cluster again?

Spacemania · March 25, 2023, 4:06pm

Yes, also removed DNS Cluster and add it again, IP is still the wrong.

eris · March 25, 2023, 4:26pm

What does show?:
/usr/local/hestia/bin/v-list-sys-ips plain

Spacemania · March 25, 2023, 4:32pm

192.168.101.30 admin shared xyz 7 eth0 255.255.255.0 136.243.242.XXX 10:48:43 2021-12-25

eris · March 25, 2023, 6:00pm

So NAT is set why does -Z “$NAT” is empty

I don’t have nat server. So I can’t test…

Spacemania · March 25, 2023, 8:03pm

What would you like to test? Do you have an idea how to solve this problem?

eris · March 26, 2023, 11:34am

See:

It should fix the issue

Spacemania · March 26, 2023, 12:57pm

Thanks for your quick support, then I will wait for the next update.

Spacemania · March 27, 2023, 7:05pm

After the update to version 1.7.1 everything works fine. Thank you.

system · April 26, 2023, 7:06pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.