I have installed cPanel on three servers, 1 x hosting server and 2 x DNSOnly servers.
cPanel is using PowerDNS as the default DNS service. I have created a DNS cluster (as one would when installing cPanel with DNS clustering) however, the hosting server has come back stating the remote server type is BIND and the status of "Requires cPanel update to support DNSSEC."
I have tried to convert both NS to BIND then back to PowerDNS, to no avail. Is anyone aware of what would be causing the hosting server to report both NS as BIND?
IMPORTANT: Make sure that you're running an up to date version of cPanel and cPanel DNSOnly. Specifically 88 or higher. There are a number of DNS Clustering defects that were fixed recently in 86.
First things first, Any particular reason that you're using "Write Only" as the relationship?
Using "Write Only" as the relationship (as viewed from your WHM server) is problematic for a couple of reasons:
Check out this guide for some diagrams: Guide to DNS Clustering
And this doc for an explanation of the roles: DNS Cluster Docs
The server’s DNS role. You can choose from the following options: Standalone — This method fetches DNS records from the remote server, but does not write records from the local server to the remote server. Synchronize changes — This method synchronizes records between the local server and the remote server. However, you must also select Synchronize changes on the remote server for changes to propagate to the local server. Most administrators use this setting. Write-only — This method pushes the local server’s records to write to the remote server, but does not query records from the remote server to write to the local server. Important: A Write-only server pushes records to the remote server without conflict resolution or checks. Two Write-only servers that attempt to write changes to a matching record on the same remote DNS server will cause a conflict and may corrupt data.
Now onto your actual question (which as you'll see is related to the above):
My bet is that there is a problem with the reverse trust relationship on your existing write only configurations. You can probably solve this by recreating them as sync relationships.
Do this by first removing the relationships entirely.
When you recreate the relationships, choose the sync relationship, and then also select the "Reverse Trust" relationship checkbox in the process of recreating them, it should end up working its self out.
That is assuming that your name servers are legitimately running PDNS and not bind.
Answered by thahostingadmin on December 11, 2020
Get help from others!