Hi, Most regestrators need to have 2 nameserver before they accept registrations - some even test and do not create the zone if the servers ar'nt correct like Uniforum running the co.za domainspace. Whan we create and Site we assume it has DNS entries, Mail, and Web functions with optional Ftp. Access to those is then through the config files generates and the services restarted. How difficult will it be to have the secondary slave namserver file be created and uploaded via certificate controlled access to an jailed user to the secondary server and then an little process on that side periodically updating from that file. Even an encrypted plain ftp location will do with an script to decypher it and place it in the correct locatin and reloading the named.
It sounds like you're making this more difficult than it needs to be. Bind (named) can handle all the transfers without other apps. Properly configured the secondaries will transfer from the master as needed and can be setup secure.
You did not read! The config file I was talkiing about, The secondary need to know it's hosting an Zone. So if you create the primary on the 1st Domaincontroller the secondary Nameserver "Slave" config file need to be adapted, and once that config is started on the Secondary Nameserver it will do an Zonetransfer!
I still don't get it what you mean. However a primary/secondary nameserver isn't necessarily the same as master/slave... You can have a secondary ns acting as a master for a given domain and have the info auto-transferred to the primary ns which in this case coulde be the slave machine.
Ill try and explain it step-by-step 1. Both the Primary and the Secondary Namaservers need set-up incase of an new zone. 2. The primary get set-up on the ISPConfig by adding an Site 3. The secondary file does not get made - you need to make this by loging on an seperate - sometime remote server (Host) before it will know it need to be the secondary. 4. In an normal ISP environment you have a SET amount of Nameservers - ONE doing Primary and another ONE doing Secondary! 5. To create the secondary entry automatically on the secondary is what I want to accomplish. there is plenty reasons - ONE Resellers use an simple interfacce to make the site. second the personel used there is sometime clueless of what the real life impact is. Secondly I'm to lazy to go fix it by hand later's I hpe this clarifies P.S. Bind will transfer the ZONE file BUT will NOT create the config enrty!
you need to setup a master/slave server then the zone gets automatically transferred from the master to the slave...
?? A master/slave (or 20 slaves if you want) is a basic design of DNS servers. Even Win2K servers can do it.. You do have to create the initial config one time. But I think I see the problem here. The domains as setup in ISPConfig are *not* typical DNS zones that can be easily slaved by another server. They are for internal use by ISPConfig. You would still need *real* DNS servers. Most people are using mainstream hosted DNS servers but you can easily run them yourself. What I do is to run a DNS server on the same box as ISPConfig and I create the zones as needed (even if they are the same domains as in ISPConfig). The other masters or slaves are configured normally. This is much easier than trying to manhandle the zones that ISPConfig creates. After this is setup the slaves are kept up to date without fuss.
Before ISPConfig I wrote some PhP code that create my DNS zone on the master in the var/named folder called named.conf that have the zones like so: zone "xyz.nom.za" { type master; file "pri.xyz.nom.za"; }; zone "abc.co.za" { type master; file "pri.abc.co.za"; }; The other entry for an Slave zone does not get created by itself and therefore my php using ssh commands on remote server created them so: zone "xyz.nom.za" { type slave; file "pri.xyz.nom.za"; masters { xxx.yyy.zzz.aaa; }; }; zone "abc.co.za" { type slave; file "pri.abc.co.za"; masters { xxx.yyy.zzz.aaa; }; }; Then issuing the named reload command the zone get transfered. I wanted this scenario re-created inside ISPConfig as it mean that I have under my resellers Zero admin to create all the nessesary Nameserve files. After this I normally enter code to check the correctness and some dig commands to verify A, MX, SOA records and then submit by mail the request to the proper registrator to register the domain - without any human intervention! NOTE: with Windows Servers the DNS config is saved and distributed along with the Active drectory that is why it works different. Also this nameserver is as powerfull as it gets - do not think it is "*not* typical DNS zones" it is and can be registered as such!
Well then good for you. If you're doing hundreds of domains then automating it is cool. So what is the problem... <-- not needing an answer Of course the zones created by ISP are standards based, they just aren't run by a listening DNS server that other servers can pickup without aditional work. If you automate that then great. I'm running mine behind a firewall so require different entries for the public DNS. No problem for me.
Thats exactly the way ISPConfig works. 1) Install ISPConfig on both nameservers. 2) Create primary DNS records on your first nameserver. 3) Create secondary dns records on your secondyry nameserver. The zone data is transferred automatically from the primary to the secondary server.
Manual Precisely a good manual process sample, However I want to accomplish that by only doing the Primary work, the rest is automated - the secondary config entry is transferred via ssh to the secondary and appended to the named.conf that side - reloaded! After checking all is ok the Registrar’s bit is done via mail registration system direct and Automatic, remember all data is available in the DB.
Registrar’s I must also mention that nat all Registrar’s allow registration via automated systems - but some do. E.G. co.za domainspace in South Africa only work via automated mail system, very efficient also.
You may write a script for registering domains automatically and then setup the websites in ISPConfig with the remoting framework.
What would be nice is a SOAP interface we can install on a secondary server that will automatically add/delete domains for bind. Currently I have to manually add/delete each domain on the secondary if my customers use my dns which is a real pain.
Wrong type of interface I am talking about. The one you mention is to control a fully installed ISPConfig already. What I am asking for is a *tiny* SOAP version that will only do dns zones... EG; Main ISPConfig --> secondary dns server with tiny DNS SOAP installed That way when the main server setups a dns zone it transmits that info to the secondary via SOAP and that in turn sets up the slave zone. It can also delete the slave zone when the master is deleted as well.
You don't need SOAP for it. If your secondary DNS is configured right, it will fetch the records automatically. Also take a look here: http://www.howtoforge.com/traditional_dns_howto
