Knowledgebase

Knowledgebase

Portal Home > Knowledgebase > Articles Database > Do you AUTH 3rd party DNS server?


Do you AUTH 3rd party DNS server?




Posted by Tomcatf14, 12-15-2010, 12:53 PM
One of my client is hosting his NS1 on his own server and wanted to use our server as NS2. He requested us to allow AUTH between NS1 and NS2 so that he can sync the zone. Would you allow this?
Posted by MikeDVB, 12-15-2010, 01:05 PM
I wouldn't, because they could theoretically overwrite zones that don't belong to them depending on how it's set up. You could set them up with a reseller account on your NameServers and then set up clustering on that reseller so that they could only touch their own DNS Zones but that seems like too much work - assuming you're running cPanel. Not sure how cPanel DNSOnly works when it comes to clustering and various resellers.
Posted by ServerManagement, 12-16-2010, 04:47 PM
It really depends on what software you are running and what you can restrict them to. If you restrict them to readonly, then it shouldn't really cause a problem. But it does depend on the dns software you are running (ie, Bind, Nsd, etc....) and what control panel you have.
Posted by JTY, 12-16-2010, 07:14 PM
I wouldn't allow it.
Posted by foobic, 12-16-2010, 07:40 PM
I wouldn't either. The request doesn't really make sense: If he's using your hosting, why not use your dns as the master and run his own as slave? Or, if he really needs to run the master himself there would be nothing special about your server - he could equally well use one of the free dns services.
Posted by funkywizard, 12-16-2010, 07:42 PM
have them set up a vps with cpanel dns-only, and let them use that if they need a second dns server. just about any vps should be powerful enough for this, so if they can't spare $10 / mo for this, then certainly they're not going to compensate you for the trouble of setting up whatever it is they want you to do for them. there's no reason to allow others rights to arbitrarily change the zones on your own dns servers
Posted by DJMizt73, 12-20-2010, 04:29 AM
this is absolutely fine ..i dont know why everyone else is being paranoid ..many ISPs do this all the time (providing secondary NS server set up as a slave) if you are using BIND ..its as simple as setting up their zone on your slave file. There are mechanisms to ensure it doesnt affect your own zone files. Anyways - if you still feel paranoid, you can always direct them to free secondary DNS services like afraid.org


Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
Looking someting cheap (Views: 556)
FTP between servers? (Views: 526)
How to commit changes to suhosin? (Views: 575)
MC Host Double Charge - Never Reply (Views: 547)
Splitting Dedicated Server into 2 Dedicated Server != IP ?! (Views: 573)


Language:

Contact us

Copyright © 2018 DC International LLC. - All Rights Reserved.