DNS settings. Need clarifcation.

Discussion in 'ISPConfig 3 Priority Support' started by pvanthony, May 28, 2026.

Tags:
  1. pvanthony

    pvanthony Active Member HowtoForge Supporter

    I have a multi server setup of ispconfig. Do I need to enter ip in the zone setting of the following fields
    - Allow zone transfers to these IPs (comma separated list)
    - Also Notify
    I am guessing no need because the multi server setup will do the dns syncing. Correct?
    And when do I use "Secondary DNS Zones" ? Do I need it when using multi server setup?
     
    pvanthony, May 28, 2026
    #1
  2. remkoh

    remkoh Well-Known Member HowtoForge Supporter

    You DON'T want to use a multi server setup for DNS services!
    At least not when DNSSEC is active in DNS zones.

    For DNS use a master-secondary setup.
    Then you have to setup zone transfer and notify fields in order for the secondary zone to propagate the records in the master zone.
     
    remkoh, May 29, 2026
    #2
    ahrasis likes this.
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    It depends on how you set it up. ISPConfig supports several ways to set up a multiserver setup, and the standard way we use today, which is described in the most recent multiserver guides, supports DNNSEC. @remkoh is right, though, that older setups that used mirroring in a multiserver setup did not support DNSSEC.

    So, back to the first post, it depends on how you installed your system. is the secondary DNS just a slave node (then it supports DNSSEC and you must create a secondary zone in ISPConfig), or is it a mirror node, then it does not support DNSSEC, but you don't have to create a slave zone.
     
    till, May 29, 2026
    #3
  4. remkoh

    remkoh Well-Known Member HowtoForge Supporter

    I assumed he ment mirrored servers, as most do when mentioning multi server setup.
     
    remkoh, May 29, 2026
    #4
  5. pvanthony

    pvanthony Active Member HowtoForge Supporter

    I really do not remember what I did. My bad.
    How do I check now if my secodary server is slave or mirror?
     
    pvanthony, Jun 1, 2026
    #5
  6. pvanthony

    pvanthony Active Member HowtoForge Supporter

    Need some advice on how to check if my secondary server is a slave or a mirror.
     
    pvanthony, Jun 2, 2026
    #6
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    Check in ISPConfig under System > Server services if the dns slave node has set something in the is mirror of server field.
     
    till, Jun 2, 2026
    #7
  8. pvanthony

    pvanthony Active Member HowtoForge Supporter

    Thank you very much for the quick reply.
    Looks like my secondary server is a slave.
    upload_2026-6-3_1-39-0.png
     
    pvanthony, Jun 2, 2026
    #8
  9. till

    till Super Moderator Staff Member ISPConfig Developer

    Yes, this is not a mirror setup. In this case, you add a slave zone in DNS Manager on the secondary server with ISPConfig. BIND will then automatically sync the zone. In the primary zone, you set the IP of the slave dns server in the field "Allow zone transfers" to allow the zone transfer, also notify does not need to be set.
     
    till, Jun 2, 2026
    #9
    ahrasis likes this.

Share This Page