I am running a geo-replicated dns setup, where masters and slave are sitting in different countries/continents and all ispconfig servers are connected over vpn tunnels to the master ispconfig server. In the event of a vpn tunnel failing, it happens that a remote server cannot connect to the ispconfig server. I had such failure today, for more than 24 hours, and there was no sign in ispconfig of the condition (i.e. one of the remote dns servers was not being updated). I had not been aware of the condition, as all servers in ispconfig were showing green status (as the remote server was accessible over the internet, but was not accessible via the vpn tunnel used for mysql sync). In case there is no such provision, I would try to ask for a feature, where a server is checked for the last update made (cron job run against the main server) and flag it "unreachable" or "misbehaving" in case it's has not connected for a user-configurable amount of time. This is not specific to my setup, but also applies in general, when the server is running, but otherwise unable to get it's updates from the main ispconfig server, and thus might be working but carrying bad information. This is specifically bad when dealing with dns service, as issues can get unnoticed for a lot of time, and cause other administrator headakes.
Yes, we should add some warning for this case. I thought we added it already some time ago, maybe the fearure is broken in the current release.