DNSSEC subdomain to push DS to remote DA server when in two-way DNS

Version 1.58.2


Relates to this feature: https://www.directadmin.com/features.php?id=1963 dnssec_add_subdomain_ds_to_remote_parent=1 Where should have: - domain.com on box A - sub.domain.com on box B when signing sub.domain.com on B, the DS records get added to domain.com's zone on A This is all fine, except when A and B are in two-way clustering. A -> B B -> A The issue was that before deciding to push the DS records to the parent zone, DA figures out if that zone is local or not. Because A had pushed it's copy of domain.com over to B, the lookup on B of "is the parent local" returns true, thus the remote push is not attempted. The local write then fails as domain.com on B is a raw dnssec file not meant to be read by DA, stored on B in /var/named/domain.com.db (rather than domain.com.db.signed on A) The fix is to simply add another check when doing the "is this domain local" lookup, so also exclude any zone that is dnssec signed (the larger domain.com.db zone on B with more DNSSEC data). So "is parent domain local and not the dnssec from some other server", which now returns "false" for domain.com on B, thus DA goes to the cluster to push the DS records into domain.com on box A. T18678

Interested to try DirectAdmin? Get a 30-day Free Trial!