Symptoms

A domain hosted on an Operations Automation (OA) -managed Plesk server (which serves as a master DNS server) cannot be resolved using OA-managed DNS servers (which serve as slave name servers).

The following entry can be found in the slave zone file of the domain:

[root@ns01 ~]# cat /var/named/run-root/var/slave/example.com. example.com. SOA 203.0.113.2 not.yet.known. (0 60 60 60 60)

Cause

DNS records are not propagated from the master name server (Plesk) to the slave name servers (OA-managed DNS servers).

If only new domains are affected, the issue may be caused by the absence of the DNS role on the Plesk server. See Knowledgebase article #122372 for more details.

For all other cases, follow the resolution below.

Resolution

Make sure that zone transfer is allowed from the master name server (Plesk) to the slave name servers (OA-managed name servers) in:

Plesk Panel > Tools&Settings > DNS Template Settings > Transfer Restrictions Template

The IP addresses of OA name servers should be accessible from the VPS with Plesk.

If it is Bind, you should also check the allow-transfer parameter for the domain in question in '/var/named/run-root/etc/named.conf' on the Plesk server where the domain is hosted.

It should look like:

zone "domain.tld" {
    type master;
    file "domain.tld";
    allow-transfer {
        <SLAVE_NAMESERVER1_IP>;
        <SLAVE_NAMESERVER2_IP>;
        common-allow-transfer;
    };
};

The zone transfer may also be configured like:

zone "domain.tld" {
        type master;
        file "domain.tld";
        allow-transfer {
                common-allow-transfer;
        };
};
acl common-allow-transfer {
        10.39.83.102;
        10.39.83.103;
};

(SLAVE_NAMESERVER1_IP and SLAVE_NAMESERVER2_IP in the above examples are the IP addresses of the POA-managed name servers.)

If zone transfer is not allowed, transfer between slave DNS servers and the Plesk server will fail with the following messages in the Bind log (/var/log/messages by default) on the Plesk server:

04-Nov-2013 16:38:46.996 xfer-in: info: transfer of 'domain.tld/IN' from <MASTER_PLESK_IP>#53: connected using <SLAVE_NAMESERVER_IP>#57242
04-Nov-2013 16:38:46.998 xfer-in: error: transfer of 'domain.tld/IN' from <MASTER_PLESK_IP>#53: failed while receiving responses: REFUSED
04-Nov-2013 16:38:46.998 xfer-in: info: transfer of 'domain.tld/IN' from <MASTER_PLESK_IP>#53: end of transfer

Issue the following command on the slave name servers:

# rndc retransfer domain.tld

Replace <domain.tld> with the problem domain zone.

This will sync zones which have non-matching SOA records on the master and slave name servers.

Internal content