Guide to DNS Cluster Configuration

For WHM version 11.28

Introduction

A DNS cluster is a number of nameservers that share records.

This allows you to physically separate your nameservers so that in the event of, for instance, a power outage, you still have DNS functionality. This way, visitors can reach websites on your server more quickly after the web server comes back online. The cPanel DNS cluster feature only provides redundancy for DNS. It does not place Apache or any other services in a cluster configuration.

To optimally configure your DNS cluster, you will need 2 spare servers, both preferably running cPanel DNSONLY. You will also need at least 1 web server with cPanel & WHM installed.

• cPanel DNSONLY is software that allows you to run a dedicated physical nameserver. It should only be installed on nameservers with no previous content on them.
• You can download the cPanel DNSONLY software here.
• All machines in the cluster must be running cPanel or cPanel DNSONLY version 11 or higher. Some features may not work with older versions of cPanel.
• Note: You may have both multiple DNSONLY servers and multiple cPanel servers in a DNSONLY cluster.

Enabling DNS clustering on each server

First, you will need to enable DNS clustering via each server's WHM interface.

1. Navigate to WHM’s Configure Cluster screen.
2. Click Enable Dns Clustering.
3. Click Change.
4. Click Return to Cluster Status.

DNS clustering is now enabled. Next, you will need to specify which server(s) you wish to cluster, or share DNS information with.

• You will need to sync each web server to its DNS servers.
• You do not need to link dedicated DNS servers to each other, or link dedicated web servers to each other.
• You should not set a DNS server to sync data back to a web server, as this will put extraneous data on the web server.

Global cluster configuration options (in cPanel & WHM 11.25+)

These 2 new features (available in version 11.25+ only) work together to notify you about and disable unresponsive DNS cluster members.

Set your cluster's failure threshold

This section allows you to specify the number of dnsadmin commands that are allowed to fail before WHM disables a member of your cluster. Disabling unresponsive cluster members can improve server performance.

• If you wish for all of the members of your cluster to remain online at all times, enter 0.
• We recommend setting this value to 10.

Set up cluster failure notifications

When you click this checkbox, WHM will notify you when it disables a cluster member due to unresponsiveness. WHM will send the notifications during DNS queue processing.

About your DNS cluster configuration

Before you set up your DNS cluster, it is worthwhile to consider how it will be configured.

Creating a cluster setup with direct links between servers can decrease CPU load, improving the performance of your servers. The more steps, or "hops," between a web server and a nameserver, the slower the servers' performance will be.

If at all possible, you should link your web server directly to the DNS servers, as shown in the diagram below. This is the ideal DNS setup.

Figure 1. A direct link between the web server and 2 nameservers is optimal.

In this example, webserver.example.com sends DNS information directly to ns1.example.com and ns2.example.com. This is accomplished by using the WHM Configure Cluster feature to create a link on each server (see the instructions below).

If necessary, you may place the primary nameserver between the web server and the secondary nameserver. For each intermediate server you add, the data transfer time is 3 times slower than for a direct link.

Figure 2. An intermediate nameserver between the web server and secondary nameserver is acceptable.

This configuration can be accomplished by setting the web server to sync the primary nameserver, and setting the primary nameserver to sync the secondary nameserver (see the instructions below).

The least optimal configuration is one that uses multiple “hops,” or steps, between the web server and nameservers. This increases processor load on the servers, as their nameserver software works to update the DNS information on each hop, slowing response time.

Figure 3. Multiple hops between a web server and nameserver slows performance.

Each "hop" that is added to the DNS cluster configuration will add to the time it takes to add, edit or delete a DNS zone from any point in the cluster, so the configuration should be kept as simple as possible.

In this example, for web1.example.com to communicate with ns2.example.com, the information must be passed through 2 intermediary servers, increasing the overall processing load. This method is not recommended.

Adding servers to the cluster from the nameserver

On your web server's WHM interface, take the following steps:

1. On the Configure Cluster screen, under Servers in your DNS Cluster, locate the Add a new server to the cluster box.
   

2. Enter the nameserver's IP address in the Server Ip Address box.
3. Click Configure.
4. On the Create Trust Relationship screen, enter the nameserver's remote access key.
   • To retrieve the key from the nameserver, click the link at the bottom of the screen. You will need to enter the root password for the nameserver.
   • Once the key appears, cut and paste it into the Server Remote Access Key box.
     
5. Click Submit.
6. Repeat these steps, adding each additional nameserver to the cluster.

The cluster is now set up. When you return to the WHM Configure Cluster screen, the nameservers are listed in the Servers in your DNS Cluster table.

Specifying the web server's DNS role

Next, you will need to specify that you wish for this server to synchronize changes, or to write DNS data onto the nameservers in the cluster.

In the Servers in your DNS Cluster table, under Dns Role, select Synchronize Changes next to each nameserver's hostname and IP. This will cause the web server to send DNS data to the nameserver.

You do not need to link dedicated web servers to each other.

Remember: You will need to access WHM and configure the DNS role on each web server in the cluster.

Adding servers to the cluster from the nameserver

Next, you will need configure the cluster from each nameserver.

1. On your nameserver's WHM interface, take the following steps:
2. On the Configure Cluster screen, under Servers in your DNS Cluster, locate the Add a new server to the cluster box.

   

3. Enter the web server's IP address in the Server Ip Address box.
4. Click Configure.
5. On the Create Trust Relationship screen, enter the remote access key.
   • To retrieve the key from the web server, click the link at the bottom of the screen. You will need to enter the root password for the web server.
   • Once the key appears, cut and paste it into the Server Remote Access Key box.
     
     
6. Click Submit.
7. Repeat these steps, adding each additional web server to the cluster.

The cluster is now set up. When you return to the WHM Configure Cluster screen, the web servers are listed in the Servers in your DNS Cluster table.

Specifying the nameserver's DNS role

Finally, you will need to specify that you wish for this server to function as a standalone server — that is, a server that only receives DNS data from the other servers in the cluster.

In the Servers in your DNS Cluster table, under Dns Role, select Standalone next to each web server's hostname and IP. This will allow the nameserver to receive information from the web server, but not send data to it.

• Note: Setting a nameserver to synchronize data to a web server is not recommended, as it will create extraneous zones on the web server.
• In most cases, a DNS-only server should never be set to synchronize to a Web server. The Web server should always be set to synchronize to the DNSONLY server(s), and the DNSONLY server(s) should always be set as standalone.
• You do not need to link dedicated nameservers to each other.

Remember: You will need to access WHM and configure the DNS role on each nameserver in the cluster.