Discussion in 'Installation/Configuration' started by Zippy, Sep 15, 2013.

  1. Zippy

    Zippy Member

    Centos 6.4 / NGINX / ISPConfig3 (64 bit with 2 quad cores)

    Hello all,

    I set up some nameservers with my domain registrar (associated my servers external IP with domain name - glue record) and then used them in ISPConfig3 to create a DNS zone. (

    I have a server inside a LAN with a static IP NAT'd to my static external IP, but after 2 days my domain name is not resolving to my server. I have done multiple searches in an attempt to find the correct way to allow a LAN based server running it's own DNS to be "seen" outside the network and have come up empty!!

    Any suggestions to links would be appreciated!

    Thank you!
  2. tahunasky

    tahunasky New Member

    I dont understand what you mean by "(associated my servers external IP with domain name - glue record)", unless you have 2 network cards in your server, one for LAN and one for WAN.

    My DNS server is on the LAN, which is also connected to the internet router, and all dns port traffic on the router/WAN IP is forwarded to the to the server (port 53), and the DHCP server on the LAN has its primary DNS server also set to the LANs DNS server.
  3. Zippy

    Zippy Member

    Thank you for the response ! It is not altogether clear to me how to establish my own nameservers inside the LAN. I have searched various topics and read up on all I can, but I still do not have the correct DNS configuration.

    If I run a dig on ISPConfig3 it shows my nameservers and external IP in the CLI (the values that I entered into the ISPConfig3 graphical interface), but if I run the dig command for the server I get the IP from my internal gateway and the local domain.

    I am behind a firewall and a router and have established NAT rules to route my external IP to my internal IP - both of which are static.

    Before attempting to host my own nameservers I placed "A" records with my domain registrar and the domain resolved to the default HTML page, but I want to use HTTPS with my ISPConfig3 panel and I could not achieve this simply by adding records to my domain.

    I am a newbie with Linux - and do not have my arms around how DNS relates to ISPConfig3 - I have purchased the manual, but my situation appears to be unique. Would you recommend that I not set up my own nameservers? Or is there a guide that exists that can detail the process for me if the PC hosting my server is part of an internal domain?

    Thanks again
  4. Zippy

    Zippy Member

    Well, I tossed in the towel on creating my own nameservers and instead just added some records to my domain registrar to point at my ISPConfig3 install. I suppose the simplest way to accomplish my goal would be to move my server outside the network, but being behind the firewall has it's advantages!

    Thanks and if anyone knows of an example they can point me to please do!!
  5. tahunasky

    tahunasky New Member

    Ok, i understand what you are doing now.
    First, your can point your domain name to only 1 IP address, whether its a WAN or LAN IP (unless you have more than one server and doing load balancing).

    You need to set up the LAN DHCP servers primary DNS record to your DNS server's LAN IP address.

    So for me, where there are PC's accessing the domain from the internal network and from internet, you have 3 choices.

    1) Have 2 different DNS servers, one for external (internet) DNS queries, and one for the LAN queries.
    For the External DNS queries, forward port 53 on your router to the DNS server for external queries. And for LAN queries, set the DHCP server primary DNS record to the DNS server that does the LAN queries.

    2) Have 1 DNS server with 2 different domain names, one for external DNS queries, and one for LAN queries on the same DNS server. eg: points to WAN IP
    mydomain.local points to LAN IP

    3) Have 1 DNS server with 1 DNS record for the domain. And it will still work. Forward all external port 53 requests on your router to the DNS server. When you do a querie and the IP is your WAN address it goes to your router and then is forwarded to the server.

    I have used all 3 ways, on large sites will have 2 or more dns servers, and smaller sites just the one. Hope this helps.

    Also edit the DNS servers network cards interfaces config file, and add to the NAMESERVERS line eg:

    What this does, it makes the first place it looks for a DNS querie its own records, then if its not there it will go look outside (in above example google), and cache the record. This is useful for queries from LAN PC's.
    Last edited: Sep 17, 2013
  6. Zippy

    Zippy Member

    Wow, thank you much for all your help!!

    Things seem to be working well and I am running Joomla on nginx - great stuff! This is really great software for free!!

  7. orasis

    orasis Member


    I would like to ask some questions related to what you are talking here. I am using ispconfig for years on lan and sometimes I go online for some friends to give me feedback on local website tests (I have opened all needed ports on router) using some no-ip services. I am thinking though of switching to a static ip from my isp and point some godaddy domains to a new ispconfig 3 setup here on lan tomorrow and test.

    If I use the ispconfig 3 server as dns server can I set on godaddy only 1 nameserver ? Example ? Or does godaddy need both ns1 and ns2 ? I never tried. I prefer the idea of my server to be the dns server and not have to mess with godaddy dns-zone settings.

    I am using the dns-nameservers as well (plus in the ispconfig server settings,, and everything is fine so far. But I have set a DNS entry as well in the DNS-Zones of ispconfig. Do I need some special DNS entry in the ispconfig DNS-Zones area when I want it to work with godaddy ? If yes, what settings do you use there ? I just do not want the server to loop without a reason.

    Thanks !
    Last edited: Oct 29, 2013
  8. Quaxth

    Quaxth Member

    First: If use Nameserver from Registra, you don't should add DNS Zone Records in ISPConfig.

    I use such config in my installation: Debian Wheezy, Apache, PHP, Dovecot 64bit and that's working.

    Second: There 2 Nameservers needed in general, but: each need to have it's own external/public IP, means if run from LAN in own Office or Home, you'll need 2 Static and public IP's.

    If you use the nameserver from Registra, you mainly get min. 2 of them, mainly that would be even 4 or more.

    Reason are quite easy, if 1 nameserver goes down, the other remaining one take over in 0 time. It's a need IMHO! Or would you like to have your system/server down to the public because the nameserver fails? I don't guess you'll like that!


    1` are the static LAN IP of your server, NOT an public or external IP. and are the DNS Server (primary and secondary) of Google. Using those DNS Servers is bypassing the DNS Servers of your ISP.

    You have 3 ways for to use DNS Server:
    1. set primary and secondary in your Modem/Router
    2. set in NIC Adapter settings
    3. set using config files like in UNIX Servers
    While using the setting in config files in Unix servers, you'll have all time the correct setting for your desired connection because those will overwrite the other maybe existing settings.

    Using the Nameserver of your Registra, in your case GoDaddy, would be the better choice, special while using the server at your Home/Office. While changing to GoDaddy, you may have to delete that DNS Zones from ISPConfig for to avoid problems.
    Last edited: Oct 29, 2013
  9. orasis

    orasis Member

    Hey thanks for the help my friend,

    Right now all domains on godaddy point to my current host's ns1 and ns2 servers.
    Although godaddy is very complicated and always was with Ads in the middle of everywhere, I think I cannot see the DNS Zones right now, I think I got to disable those NS entries first or something, cause I could not find any setting for DNS Zones on the domain settings or they are very hidden somewhere. is the server on lan of course, but how else will I access the server and it's websites when I am on the same LAN ? It's got to see what is added on the local DNS first and then check the rest and this way I can have impossible domains such as www.testing.test

    So regarding the godaddy DNS Zone I currently have no idea if it will even work to set the NS to point to the server using my static (external) IP. All I am thinking of doing as I mentioned in my previous post is to create the ns1 on the ispconfig server and set that to godaddy. I am not going to have 2 external static Ips though.

    I have currently setup an ispconfig3 ubuntu server here and I am stuck at creating server Ips, for some reason they are not working. Websites only work if I use the * asterisk. Then if I check the checkbox “Network Configuration” The network configuration option is only available for Debian and Ubuntu Servers. Do not enable this option if your network interface is not eth0. Everything works. In that case the server adds each IP I set to /etc/network/interfaces but if I reboot the server I get the:

    - waiting for network configuration
    - waiting up to 60 more seconds for network configuration
    - booting system without full network cofiguration

    These messages delay boot about 2 to 3 mintues maybe more although this is a proper server setup. If I un-check it, the /etc/network/interfaces does not get updated. I do get rid of the boot message but IPs are not working. Till had said in the past that the default and recommended setting is NOT to have this box checked.
    Last edited: Oct 29, 2013
  10. Quaxth

    Quaxth Member

    Why not change to Debian Wheezy, if you already install new? It's the desired OS for ISPConfig which were build on this Linux distro.

    Personally I don't like GoDaddy, had huge problems with them in the past and changed some years ago to Namecheap. That just works with no problem.

    In Namecheap you use the Nameserver from them (you get 5), and use A Records for to point to your public/external IP of the server. All features etc easy to understand and they also having an excellent support and service. For all step an extensive help is available incl. Demo Videos How To.....!

    I use ISPConfig running on Debian Wheezy in my Office with 1 Public IP only and Nameserver from on Google DNS Servers. The last problem I have yesterday, was my own fault me think and have problem to access the CP via my desktop now. I'm not Linux savey at all, just an beginner with that. But working in Networking for a long time already, so understand many thing regarding those. Also have problems with my ISP and will get an new Modem/Router tomorrow to fix that.

    The most important things I need is just working well, is the Mail Server. That I was not able to get to work on zPanel, which I was try before moving to ISPConfig.

    All that said, I would suggest to move your Domain out from GoDaddy and use an other more reliable Registra. As I stated, I'm really happy with Namecheap! Also, recheck your installation of Ubuntu and ISPConfig using the Perfect Server Guide. If you will new install, I would suggest to move from Ubuntu to Debian Wheezy which is fully supported, even better than Ubuntu because ISPConfig was build on Debian Linux.
  11. orasis

    orasis Member

    Yes I am experimenting right now using the ubuntu setup and I already know that ispconfig is better on debian but I never used debian. The good thing is that debian is very similar to ubuntu. The server is right next to me naked completely and I will get some new hardware today to make it a little faster, meaning I can experiment as much as I can, I have already reinstalled twice.

    After your post I will give debian server a try maybe I will find it the same even, all I want from it is to work without problems !

    I am with you on the godaddy comments you made, years ago I even used their hosting pack and was completely ridiculous. Now I am moving from shared hosting to my own server and get rid of limitations and bad performance. I mean at least this server will perform better than to be on a good machine with 10000 and 20000 websites on a shared account !

    I think I am ready to go downlaod the debian iso – what is the current version of the server iso ?

    And do you know how to make it work the other way round ? Meaning to set the DNS on ispconfig and point that on the registar ? If that is impossible it's ok.
  12. orasis

    orasis Member

  13. Quaxth

    Quaxth Member

    All depend on your Server! If the CPU is 2 or more cores, and memory 4GB or more, use 64bit, if not use 32bit! The NetInst is the best for using with ISPConfig. Follow the Perfect Server Guide and all should be just fine.

    As I suggested, move your Domain out of GoDaddy! If you use to move to namecheap, it would need about 4h pro propagation or even faster! And it will gives you the benefit of ease of use.

    Good luck.
  14. orasis

    orasis Member

    thanks friend, I will install it after I make a bootable usb-stick :D and see what happens !
  15. orasis

    orasis Member

    ok !

    On debian everything is working without the slightest problem.
    The system is also faster. I am not going back to ubuntu server after this test. It feels like ICPConfig 3 is for debian :)

    I have also tried enabling the 'Network Configuration' check box and I got no weird messages or delays on boot. Additional server IPs do work excellent.

    I only get the 'Your virus protection is OUTDATED!' but the team has already explained in another thread what is the cause for this and I do not worry.

    So I am trying to imagine a way to do what I wanted to do with the DNS. Maybe by using one specific domain pointing to the server static IP while having dns entries for the ns1 and ns2 and then point the other domains to those and -- I need to experiment with this.

    Mr Quaxth, is transferring the domains from godaddy to Namecheap an easy task ?

    team keep up the great work, the server is working excellent on debian.
  16. Quaxth

    Quaxth Member

    Yes, that's easy. You need to get the Auth Code from GooDaddy for to change and that could be also done from within Namecheap account. Just create an Account first at Namecheap and that ask the Namecheap support how to, they also having Live Chat! Check for the How To transfer from 1 Registra to an other!

    You could use for all domains just an so called A Record which will point to your public IP. Namecheap will give you a total of 5 Nameserver and also some other extras for free. Just check their site and if you've question, ask their support, they're really great.

    If you use for all your domains the Namecheap nameservers, you don't create any DNS Zone in ISPConfig. All is the need of the A Record at Namecheap. And you've to keep in mind the you'll need for every domain, if you like to use your own Nameservers, min. 2 public IP's! In case of the use of the Nameservers from Namecheap, you need only 1 public IP for to run 1 or even more websites/domains.

    I use at the moment 4 domains with Namecheap and another 5 with and have 2 Namecheap Domains and 3 domains in ISPConfig running on the same public IP.
  17. orasis

    orasis Member

    Hello, thanks for the info.

    So if I use the registar's feature the ispconfig DNS area becomes useless in a way ? This is bad once I need this area for subdomains etc..
  18. Quaxth

    Quaxth Member

    NO, you don't need the DNS Zones for Subdomains. At Namecheap you've as much subdomains as you need free and using A Records as well. Subdomains are bound to an specific domain.

    Before you "think" further, look at Namecheap and what they're offering for free beside of Nameservers!!

    Don't think that I'm related to Namecheap, I didn't. I just run all my paid domains over the last 4 years with them and wouldn't change because of their very good service.

    And again, using the DNS Zones in ISPConfig, you'll need to have more public IP's, per Domain 2 Nameserver, each need his own public IP!

    OK, I'm gone for today. Good night.

Share This Page