Question

DO DNS Extension for Plesk: NS records are reverted / reset after making a change in the master DNS zone

Posted February 7, 2020 390 views
DNS

Hello,

Currently I’m using the Digital Ocean DNS Extension in Plesk. What this basically does is syncing DNS zones from Plesk to DO DNS. See extension here.

In my case, the DO DNS servers act as slave DNS servers (secondary DNS servers), whereas the Plesk’s DNS server acts as primary. In other words: I only have to manage DNS records in Plesk and with the extension changes to the DNS are then being synced to DO DNS.

Also, I’m using vanity nameservers (see here).

Because of the vanity name servers I edited the NS records in DO DNS manually, to have them showing my domain instead of digitalocean.com:

When a new domain is added, DO DNS creates NS records like this:

mydomain.com   IN   NS   ns1.digitalocean.com
mydomain.com   IN   NS   ns2.digitalocean.com
mydomain.com   IN   NS   ns3.digitalocean.com

..and then after syncing from Plesk to DO, for vanity nameservers, I manually change them to:

mydomain.com   IN   NS   ns1.mydomain.com
mydomain.com   IN   NS   ns2.mydomain.com
mydomain.com   IN   NS   ns3.mydomain.com

Now, the issue I’m facing is this; if I make any change in the DNS zone in Plesk and let that sync, in DO DNS these NS records (and only the NS records) get reverted back to:

ns1.digitalocean.com
ns2.digitalocean.com
ns3.digitalocean.com

Everything else gets synced perfectly, just the three NS records are being ‘reset’. Also I’ve noticed that if I have additional records, e.g. ns4.mydomain.com then that one is being deleted in DO DNS (whereas in Plesk it remains). Hence I think the NS records get 'reset’ when synced.

I’m a very huge fan of the extension because it does so much for me, but not syncing the NS records properly is very inconvenient. Especially when Let’s Encrypt automatically renews SSL-certificates, it adds records to the DNS for verification and then the NS records in DO DNS are, also automatically, reverted back to pointing at digitalocean.com as well because this change will trigger the sync as well.

Also it causes differences in the records of the primary and secondary DNS servers, which against the purpose of the extension.

Anyone else having this problem? Is this something for the DO devs to fix?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
3 answers

Sir,maybe digitalocean DNS doesn’t support slave DNS.And vanity DNS usually need the origin dns’s permission,and if you don’t set vanity DNS properly,it maybe slow the resolve rate.Ask the extension’s creator and digitalocean support team for further view.

Have a nice day.

Show answer This answer has been marked as resolved by gtroeno.

Hi,

Since the Plesk DigitalOcean extension v1.2.0 release, it is possible to configure synchronizing NS records in the extension’s settings tab; it allows configuring branded name servers if required.

Changelog for 1.2.0 (28 Apr 2020):

[*] It is now possible to authorize the extension using DigitalOcean API tokens as well as OAuth2.
[*] NS records for vanity DNS servers ("ns1.yourdomain.com" instead of "ns1.digitalocean.com") are now correctly synchronized from Plesk to DigitalOcean.
[-] Changes made to the TTL values of DNS zones in Plesk are now correctly synchronized to DigitalOcean. (EXTPLESK-1677)
[-] CAA records created in Plesk are now correctly synchronized to DigitalOcean. (EXTPLESK-1745)
Submit an Answer