Putting the puzzle together… On the install script if you warn users to create a minimal DNS record with their registrar for admin.example.com, then installation should go smoothly. Then during your configuration wizard, you should also ask users if their registrar has a special requirement to use their own dns server via Virtualmin or not. If not, the current script is good. If yes, warn users to create a “DNS Host” value with their registrar in order for Virtualmin DNS records to be used. Also, warn them to delete the default admin.example.com DNS record as well. My hosting provider is Alibaba if you want to test this.
For the domain, for the virtual server, or both?
Maybe, maybe not. Seeing as hosting your own sites with Virtualmin is the next logical step when upgrading from shared hosting, one should assume that the domain is already in place and proper DNS set up is a natural part of that.
The admin.* record is rather irrelevant.
You either host your DNS with your registrar/CloudFlare/Google whatever, or you host it yourself.
If you host it externally Virtualmin should be told so by not checking the “DNS domain enabled” feature when creating the virtual server.
If hosting yourself, just make sure the ns1/ns2 records are created, make the GLUE records at your registrar and that should be enough.
After that Virtualmin should handle the rest (although having both ns records pointing to the same is generally considered a bad decision).
Bottom line is that DNS can be quite intimidating.
If words like SPF, GLUE, PTR and TTL mean nothing to you, it might be better left handled by the pros.
both.
Alibaba seems to somehow block Virtualmin default DNS server, if I don’t specifically enable it in their interface… hence, this chain of confusion.
This isn’t an option during the current install wizard, hence my prior suggestion.
Are you sure? As you mentioned earlier, you hadn’t created the GLUE records for the domain pointing to your IP.
You mean the post-install configuration wizard? No, perhaps not. But if you know that you are hosting the DNS externally it’s just 2 more clicks to disable that feature anyway.
And if so, whatever records created during that initial config is irrelevant and will be deleted.
With Alibaba, they isn’t any mention of GLUE record. However, I have the option to configure example.com as a “DNS Host”… in which case I can configure ns1.example.com and ns2.example.com. Their “DNS Host” must be the GLUE record you mentioned.
Yeah, post-install config wizard is what I am referring to.
Completely new user with limited knowledge of DNS likely wouldn’t know that. I’m avg. intelligence (I hope 
), missed it.
???
Ok.
I’ve never used Alibaba so I have no idea how it works…
But what do you get if running the following command from home (assuming linux):
dig yourdomain.tld @ip.of.your.server
Here I meant that if you disable the DNS feature for the domain/virtual server, the records created in bind will be deleted and Virtualmin will not think that it’s hosting the domain any more.
Doesn’t look like you have a space between the domain and @ip.address
You were indeed correct.
However, I prefer not being tracked… I don’t know how useful this record is…
The “recursion requested but not available” would indicate that bind has no knowledge of the domain you are trying to query.
Guessing that means you’ve disabled the DNS feature for this domain?
yeah, did that as soon as you suggested it.
Ok, mate, then I’m not quite sure what the problem is anymore.
The message above proves that requests are served from bind - check
You’ve added the missing mail-related records at your registrar so that should work - check
If you want to host the DNS yourself, I found this from the FAQ on Alibaba’s website:
If you do this and enable the DNS feature for the virtual server again it should work.
Remember to also have ns1/ns2 A records and NS records for the domains you would want to host.
But I think you could just as well continue to use Alibaba, as far as I can see they use anycast so it will most likely be way faster than anything you could set up yourself.
@toreskev You solved my problem hours ago. I couldn’t be happier with you and your team’s product. I’ve been playing with Virtualmin for a few days and I can tell you that you guys have a new “evangelist” on your side. Your software kills crappy shared host.
I’d be wary about about those instructions, I used different instructions to create a different DNS server domain for a different server I use.
Again, awesome support, great product.
Thanks for the “new guy” pointers. 
@toreskev quick security question… the general security rule is disable any unused services and close its ports. Since I am using Alibaba DNS, would the same rule apply to bind9 and port 53 tcp/udp for me? can I safely closed the ports and disable bind9 without causing major problems on my system?
Hehe, cool, I didn’t get that 
Btw, I’m not a Virtualmin staff, just a user for 10+ years!
You can safely close of port 53, but do know that by default bind also works as the resolver for the system so change that before disabling bind completely
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.