Questions? Start a Support Ticket
User Registration
Customer Login

Knowledgebase

Portal Home > Knowledgebase > Articles Database > Redundant DNS setup issue


Redundant DNS setup issue




Posted by jacksun, 03-12-2013, 05:19 PM
Hi, I have an issue regarding Redundant DNS servers and geographical dispersion of my DNS servers for several of our clients which may result in my needing to change reseller hosts Our reseller host, Hostnine, recently made a change and now refuses to allow AXFR transfers to secondary DNS servers other than the 1 they provide us. Prior to this change on March 6th, 2013 this was working fine after having them add the 2 new DNS servers to the zone files and approved list. The primary and secondary DNS servers provided by Hostnine are both in Dallas and thus provide minimal redundancy and no geographical dispersion. Aside from the ridiculous nature of their decision, not to mention the "unannounced change" they won't even reply to my ticket requesting elevation of the issue. In my mind this is nothing out of the ordinary when it comes to providing high quality hosting for clients. As AXFR transfers are only allowed to DNS servers specified in a BIND file, even if the option is turned on, the security risk is minimal, if any. We need to provide this service to a couple of our Enterprise clients and I am looking for solutions. These clients run significant and critical applications that rely heavily on DNS, and not just to access their website or email, thus the extra need for redundancy and high availability. I could run my own DNS server as a "stealth" master, but that is a PITA. I could move the DNS to another provider, but again a PITA and another expense and both would be "manual" moves as the new DNS servers could not just do an AXFR transfer of the zone data. However unless Hostnine changes their "new policy" I will be stuck doing one or the other and if that is the case I may just move everything from Hostnine after several years of being a client. Can anyone provide me with any suggestions that I haven't come up with yet to resolve this? Maybe a direct line to Hostnine senior management? Any recommendations on a reseller host who will accommodate these basic types of requests that occur maybe once a year? I need 25-50GB disk, 250GB or so of bandwidth, Cpanel, WHMCS, and there are 30 or so primary domains to be hosted, and about 100 domains if you include all the parked domains for clients. Uptime requirement is at least 99.9% with a historical record of better than that, preferably 4 or 5 nines. A Canadian based host would be fine. Thanks, Wayne
Posted by DWS2006, 03-12-2013, 05:29 PM
I would recommend a quality managed VPS. Going this route will provide you with the control needed to configure your hosting platform to fit the needs of your clients. KnownHost is a great managed option.
Posted by geekboy, 03-14-2013, 09:19 AM
Not having geographically redundant DNS appears to be a bit too common with reseller accounts :-\ There is no excuse not to have a couple of extra CPANEL DNS servers setup on Linode or similar to move DNS offsite from your hosting servers. I use Geekstorage at present for my reseller account, their DNS seems to be 2 servers but in the same DC which is a bit disappointing. I do have a reseller account at Stablehost as well, their 2 reseller DNS servers are not on the same network as the hosting servers, so maybe they might be an option? Can't say I know of any reseller hosts that let you slave your own DNS from them.
Posted by Tyl3r, 03-14-2013, 10:53 AM
Most providers aren't going to let you slave off their DNS servers... I can't think of a single provider that would let you do that on purpose, if any of them do, it might be because they allow anyone to. Good luck!
Posted by Host4Geeks-Kushal, 03-14-2013, 02:09 PM
1. Haven't come across any such providers. But most good providers do have geographically redundant DNS.
Posted by foobic, 03-14-2013, 02:53 PM
I tend to agree, reluctantly. Competent users seem to be almost forced to go this way by such ridiculous restrictions being introduced by the reseller providers. AXFR is really a non-issue - the only possible risk is disclosure of unknown subdomains.
Posted by CanSpace, 03-14-2013, 04:09 PM
Just transfer over all your records manually to your own DNS provider - there are even free ones like dns.he.net. That way you will have full control over your records and can do whatever you'd like.
Posted by geekboy, 03-14-2013, 07:20 PM
The OPs point is that this is a management nightmare, to have DNS servers that are manually setup/managed separate to your reseller account. Hosts provider reseller accounts should run geographic DNS. If they don't, then someone like the OP asking for AXFR so he can supplement their DNS with his DNS is reasonable. However it's very unlikely to be allowed just about anywhere.
Posted by jacksun, 03-15-2013, 08:38 AM
You're bang on. And it is secure because you must input which domains are authorized for transfer, although it can be an all or nothing scenario as well. Having been in the IT business for over 20 years this is the first time I have seen this request denied. Not to mention the underlying reasons for wanting to do this are pretty standard and not uncommon. True Enterprise hosting should at a minimum provide geographically dispersed DNS along with all the redundant routes, fail overs, backups, and other safeguards to ensure high availability. And it isn't that it is being denied, it was all set up and working fine for months until March 6 when Hostnine.com decided to change their DNS servers (or update them or whatever) and decided to turn this off. I'm only asking them for what they previously provided, not for something new. I have requested elevation of my request (ticket) but I am now being ignored, it has been several days since I have heard from them. Wayne
Posted by geekboy, 03-15-2013, 09:11 AM
Best of luck with them. In the meantime it might be worth hunting around for a reseller account provider that runs geographic separated DNS, or allows AXFR.
Posted by jacksun, 03-15-2013, 09:18 AM
Thanks. Funnily enough my primary nameserver with them is currently not responding to any queries - Timed out, same thing for their NS3 so only 1 of 3 DNS servers at Hostnine.com is answering queries right now. And people wonder why anyone would want secondary geographically dispersed DNS.


Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
Replacing content in files (Views: 703)
Multiple sites running off same code (Views: 695)
Radius server (Views: 664)
Am I smart enough to go unmanaged? (Views: 848)
Installing subversion on Centos (Views: 663)


Language:

Our Services

Client Menu

Legal

Terms of Service | Privacy Policy | Refund Policy | Affiliates
Copyright © 2015 DC International LLC in partnership with Bragin IT Solutions Inc. - All Rights Reserved.