Making Plesk Slave DNS Extension Work with Debian 8

I have a Plesk server that I use for hosting some random clients and other websites, and I wanted to get the internal DNS working correctly. The instructions provided with the slave DNS extension do not work ( at least not with Debian 8 ). To get this working I needed to add their configuration stuff to the named.conf.local, change the long rndc key string to just rndc-key, and remove that long string from the keys array in the controls section.  I changed this:

 key "rndc-key-123.123.123.123" {
   algorithm hmac-md5;
   secret "secret-key-goes-here";
 };
 
 controls {
   inet * port 953 allow { 111.222.333.444; 127.0.0.1; } keys { "rndc-key"; "rndc-key-123.123.123.123"; };
 };

to this

key "rndc-key" {
   algorithm hmac-md5;
   secret "secret-key-goes-here";
 };
 
 controls {
   inet * port 953 allow { 111.222.333.444; 127.0.0.1; } keys { "rndc-key"; };
 };

and everything started working as normal. This configuration is in stark contrast to the cPanel DNS Only server I have running for TracerHost.com, as it just works without any trouble. You just install it and configure in the cPanel master and everything is happy. What a disappointment that Plesk doesn’t have this feature built in, as I like Plesk over cPanel for hosting. I don’t know that there are any differences between the two servers once everything is set up, as they both run off of similar technology; they just have a different master server configuration at the head.

Another thing that was a problem was having the time synchronized between the slave DNS server and the Plesk server. This setting is something that I didn’t think about immediately, though it has always been a huge problem in Windows environments. I noticed in the log file that the updates were coming across, but were failing because of the time difference. I check on both servers, and the Plesk master was about 12 minutes behind for some reason. I must have a configuration issue in the hardware clock.

After doing all this, and restarting Bind, everything started updating as usual. Make sure you run an open resolver check after getting set up just to make sure your DNS server is configured and secured correctly.

Ref: http://openresolver.com/

Leave a Reply

Your email address will not be published. Required fields are marked *