3 dns servers

Discussion in 'Installation/Configuration' started by chief, May 28, 2023.

  1. chief

    chief Member HowtoForge Supporter

    I have a running multi server setup.
    panel, web01, web02, web03, web04, ns1, ns2, webmail, mx1, mx2.
    all on the same ip range 212.*.*.2-11 will be adding another mail server.
    anyhoo, i want to have a dns server NS3... off site, its ip is 194.*.*.12
    I have added to panel the remote user for ns3 as documented
    when i am trying to add via the script, i specify mysql master server hostname, root user, and root password.. it waits then times out
  2. chief

    chief Member HowtoForge Supporter

    firgured it.
    i missed this the last bit of page 1... adding to ufw the allow 3306 port and the IP
    ufw allow from 194.*.*.12 to any port 3306 proto tcp
    till and ahrasis like this.
  3. chief

    chief Member HowtoForge Supporter

    A follow on question.
    Lots of hosters such as ionos, fasthosts let you configure a domain using more than 2 nameservers.. i have added 2.
    1 being the main, 2 being the secondary - i have number 3 on an external IP in case my internet goes down, then at least i have the ability to still point any external resources.
    I cannot see how i set a domain i host to also set itself to use ns3..
    I see that under system - server config - ns2. that it is not set to be a mirror of ns1.. should it be and also does ns3 have to be a slave of ns1..?

    how do i get this done please?

    Last edited: May 28, 2023
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    This is done in the exact same way you do it fro ns2, and if you would have nas4, then this is added in the exact same way too. You can have as many NS servers in ISPConfig as you like.

    It depends on how you like to set it up. Mirroring is the easier setup but does not support DNSSEC (see the Multiserver tutorial, which describes this). So if you do not use DNSSEC, then all you have to do is to set ns2 and ns3 to be a mirror of ns1. If you need DNSSEC, then you do not set up mirroring but use slave DNS records in DNS manager instead. Create a slave DNS record on ns2 and ns3 for the zone you want to mirror. No matter which mirroring method you use, you should then adjust the DNS server template in DNS module and add a line for ns3 to the template.
    Last edited: May 29, 2023
    chief and ahrasis like this.
  5. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    It should be ... mirror of ns1.
    till and ahrasis like this.
  6. chief

    chief Member HowtoForge Supporter

    I do want to have the DNSSEC feature.
    You stated
    Confused!! and need to clarify..
    1. create client, domain, email domain, mailboxes etc, create dns record on ns1.
    2. create another 2 records on secondary zone for the same domain but choosing ns2 and ns3
    3. repeat this for all of my domains
    Secondary DNS Zone option 4 - NS (IP-address) (seperate multiple IP's with commas (meaning what? all my ns servers including ns1-ns3?) or just the secondary IP itself or all IP's for all ns servers?
    Option 5.. states "Allow zone transfers to these IP's (comma seperated list): ? also meaning all my IP's for ns servers - ns1-ns3?

    Can you describe step by step what i need to do keeping DNSSEC. using ns1, ns2, ns3 please..
    as the documentation and your replies have me a little confused

  7. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Set up a test system to practise configuring DNS.
    What documentation is confusing? Have you read ISPConfig Manual Chapter 4.8.3?
    chief likes this.
  8. chief

    chief Member HowtoForge Supporter

    Thanks till and taleman, forgot i had the manual, so used to searching and asking..
    sorted.. many thanks again


Share This Page