Is it possible to set up a sub-domain to point to a different name-server?

Say I have two virtualmin powered servers. On the first server I have a virtualmin account set up for domain.com and domain.com’s nameservers have been set to point to the first server.

However I would like to set up a virtualmin account on a second server for a sub-domain of domain.com, eg, subdomain.domain.com, so that the site for subdomain.domain.com is on the second server.

Would I need to:

  • Create the subdomain account on the first server as well as the second server, but
  • on the first server go to virtualmin > manage virtual server > dns records then change all of the NS, A, AAAA records so that they include the nameserver or IP address of the second server

And then on the second server set the subdomain account up as usual.

Or is there a simpler/better way?

Name servers point to domains. Domains do not ‘point to’ name servers.

Simply set up your DNS records with the correct IP of the sub-domain, wherever those DNS records happen to be.

1 Like

Can you be more specific please?

What I mean is when you register a domain it asks you to set its nameservers (and I set those for the first server - the second server has different ns.nameservers)

You are making my head hurt. :wink:

Let’s break this down.
You can do your own DNS or you can let someone else do it.

If you do your own DNS then the first name server is usually set to automatically update the second name server. This should be a separate machine. Preferably at a different geographic location.

A server doesn’t need its’ own name servers. Choose your primary DNS. Add your domain. Set the primary to update the secondary. It has nothing to do with what machine anything is on. As long as the registrar points to the proper primary and secondary, you are good.

I don’t think I understand what you’re saying.

A zone (when you register a domain, a zone is created for that domain) has NS records, and they delegate authority to DNS servers. That kinda feels like a domain pointing to name servers, to me.

Your registrar is responsible for those NS records…they’re the glue records in your domain zone. They can point to your name servers managed by Virtualmin, or they can point to the registrars DNS servers, or some other DNS servers. When you do a whois on a domain (or dig with appropriate options), it’ll show those NS records:

$ whois virtualmin.com|grep 'Name Server'
Name Server: ns1.virtualmin.com
Name Server: ns2.virtualmin.com

Those two name servers can then delegate (point to) other name servers to be responsible for subdomain names under that domain name. Or all the names and subdomains can be served by those DNS servers without delegating anything.

@Brook, you seem to have Virtualmin Pro, so I’m pretty sure you can configure Virtualmin to host DNS on the domain.com server instead of having multiple DNS servers. (Virtualmin Pro recently got the ability to somewhat easily act as a name server for other Virtualmin servers. This has always kind been possible, by running a local BIND instance on the other Virtualmin systems and having the “main” server setup as a secondary for all of those others. This used to only be possible with Cloudmin Services, which is part of Cloudmin Pro/Cloudmin Connect.)

Without Pro, you can still just create A records on the domain.com server using Manage Records. You don’t need to delegate authority for the subdomain, if you’re not doing anything complicated with it that would make having a separate zone useful. I wouldn’t go to all the trouble to manually setup all the delegation rules unless you really have a complicated DNS situation and you need to allow another user to manage the subdomain zone. Zones are about delegation; if you’re managing everything yourself, there’s no reason to delegate.

Don’t do anything complicated if you don’t need to. It’s all just names.

Hi Joe, yes I have Virtualmin Pro but I only buy that to help support you : -) I am more than happy with the standard version of virtualmin so tend to just use that :blush:

Glad I wasn’t the only one, haha!

So the way I have set up nameservers is (afaik) the standard way for virtualmin - where you have a domain that you use as the nameserver domain and you specify this in the initial set up. So for instance that could be main-domain.com, and the nameservers are registered with the registrar as ns1.main-domain.com and ns2.main-domain.com (that point to the IP of the server) then all other domains you create accounts for are specified as having those nameservers with the domain name registrar, so for example domain2.com would have its nameservers set to ns1.main-domain.com and ns2.main-domain.com.

Then whenever anyone goes to domain2.com they are sent to the server which has been set up with main-domain.com as it’s hostname/ns server.

So all that works fine. And usually when I create a sub-domain (eg blog.domain2.com) it is hosted/set-up on the same server. However now, I would like to host blog.domain2.com on a second server.

Would I need to create a virtualmin account for blog.domain2.com on the first server (as well as the second server) and then on the first server edit the DNS records to basically tell it to go to server 2? (I guess by specifying the nameservers for the second server?) Or can I simply add the blog.domain2.com DNS records into the DNS records of domain2.com? If so how? These are what currently show for a test I just set up (so this would be domain2.com):

Screenshot 2024-07-03 at 21.17.11

For example, would I just need to add another record for the sub-domain nameserver, like this?

Screenshot 2024-07-03 at 21.19.09

Will that be enough to send any requests to blog.testforemail.com to the virtualmin account on the seconddnsserver.com?

(Sorry I should have used a better name that testforemail.com (just so happens I was testing something for email - which I need to post another thread about))

No. There’s no scenario where you’d create a Virtualmin account for a domain you aren’t hosting on the server.

You can either create delegation records (NS records point to the other server for your subdomain zone) or you can create A records using Manage Records. In both case, the only Virtualmin account the subdomain has is on the server where you want to host the website for the subdomain. I would probably just create A records and not delegate.

1 Like

Great… so just to confirm, all I need to do is create s single A record for the sub-domain and give it the IP address of the second server (i.e the server where the site is to be hosted):

Screenshot 2024-07-03 at 21.56.06

Correct?

If web is the only service and the only thing you want to get a certificate for, then, yes.

Make sure DNS Feature is disabled on the subdomain, since you’re not managing it locally. And, if you’re requesting a Let’s Encrypt certificate, make sure you don’t try to get a cert for names that don’t exist (if you only have a record blog.testforemail.com, it doesn’t make sense to ask for a cert for, e.g. www.blog.testforemail.com or mail.blog.testforemail.com or whatever, and it can’t possibly work).

1 Like

Doesn’t seem to be working : (

I copied the vritualmin backup to the new server and restored it, so blog.mydomain.com now has a vritualmin account on the second server (and all the DNS records look correct to me) then on the original/first server I went to virtualmin > edit virtual server > and unchecked DNS domain enabled (which has deleted all DNS records for it). Then for mydomain.com > dns records (still on the original/first server) I added an A record for blog.mydomain.com with the IP address of the second server but trying to ping blog.mydomain.com just says ping: cannot resolve blog.mydomain.com Unknown host. Even if I added a NS record and give it the nameservers of the second server I still can’t ping to it.

Any idea what I’m doing wrong?

What second server? I’m confused what you’re doing here. You shouldn’t be adding any NS records if you aren’t delegating to some other DNS server. I mean, you should have two NS records for the domain (not the subdomain), because you should always have two DNS servers. But, if you’re adding NS records because of subdomain, you’re misunderstanding something.

There are only two name servers in this scenario, and they serve the domain and all subdomains.

I could tell you what’s wrong if I had the actual names.

What I would do is this:

host -t ns domain.tld

This should show your two DNS servers.

And:

host -t ns sub.domain.tld

Also:

host -t ns sub.domain.tld <name server for domain.tld>

These two should return nothing. If they return something, you’ve delegated for this zone, which you shouldn’t do (unless you’re delegating, but it sounds like you’re adding A records, so it shouldn’t be delegated).

And, finally:

host sub.domain.tld <name server for domain.tld>

This confirms (or denies) you have an A record in your zone for sub.domain.tld on your DNS server for domain.tld.

1 Like
  • I have two servers, Server 1 and Server 2, each in different data centres.
  • Currently on server 1 I have mysite.com and blog.mysite.com.
  • I want to move blog.mysite.com to Server 2 (but for it to still be accessible via that url).

Steps done so far:

  • I transferred a backup of the virtualmin account for blog.mysite.com from Server 1 and restored it on to Server 2 (so it contains all the files, all the proper (server 2) DNS records etc).
  • I deleted the DNS record for blog.mysite.com on Server 1 (via virtualmin > edit virtual server > and then unchecked DNS domain enabled)
  • I edited virtualmin > DNS records of mysite.com on Server 1 to include an A entry for blog.mysite.com and gave it the IP of the second server.

Does that sound about right or did I miss something?


In terms of those commands…

$ host -t ns mysite.com
mysite.com name server ns2.myFIRSTserversNAMESERVERdomain.net.
mysite.com name server ns1.myFIRSTserversNAMESERVERdomain.net.
$ host -t ns blog.mysite.com
Host blog.mysite.com not found: 3(NXDOMAIN)
$ host -t ns mysite.com ns1.myFIRSTserversNAMESERVERdomain.net  
Using domain server:
Name: ns1.myFIRSTserversNAMESERVERdomain.net
Address: 11.22.33.44#53
Aliases: 

mysite.com name server ns1.myFIRSTserversNAMESERVERdomain.net.
mysite.com name server ns2.myFIRSTserversNAMESERVERdomain.net.
$ host -t ns blog.mysite.com ns1.myFIRSTserversNAMESERVERdomain.net
Using domain server:
Name: ns1.myFIRSTserversNAMESERVERdomain.net
Address: 11.22.33.44#53
Aliases: 

blog.mysite.com has no NS record
$ host -t ns blog.mysite.com ns1.mySECONDserversNAMESERVERdomain.net       
Using domain server:
Name: ns1.mySECONDserversNAMESERVERdomain.net
Address: 22.44.55.66#53
Aliases: 

blog.mysite.com name server ns1.mySECONDserversNAMESERVERdomain.net.
blog.mysite.com name server ns2.mySECONDserversNAMESERVERdomain.net.

Seems like it needs a nameserver record too?

Only if you’re delegating to it!

NS records say: Delegate this zone (e.g. blog.domain.tld) to the name server specified in the NS record.

You’re trying to do both delegation and have A records on the first server. If you don’t delegate, all subdomains (and subsubdomains, and so on) will have the same DNS server as their parents. If you don’t have any NS records for blog.domain.tld, then clients will ask the NS servers found in domain.tld. That’s what you want to happen (according to what you said above). So stop adding NS records to subdomains!

If you want to host DNS on the first server (and it’s secondary DNS server, which is presumably not the same system as the second hosting system that’s hosting blog), you need only two NS records for the parent domain. There should be no more NS records for subdomains.

So is there a reason why adding an A record to mysite.com’s DNS records on the first server for blog.mysite.com (with the IP address of the second server) is not working then? Do I need DNS to propagate or something, or am I missing something else?

If the above is way off, what would your steps be if someone asked the following?

Edit: just noticed that with that single A record and trying to ping blog.mysite.com it now pings to the correct (second server’s) IP address! So we’re definitely making progress, haha!

This is wrong:

What should it say Joe? How do I correct it?

Also not sure if you saw my edit:

Delete the NS records for blog.domain.tld. You’re not trying to delegate. You only need/want NS records for domain.tld.

Do you mean on the second server Joe? (There aren’t any NS records for blog.domain.tld on the first server now - just that single A record which has the IP address of the second server.)

Wherever you put it. There shouldn’t be any NS records for blog.domain.tld. Doesn’t matter what server it is, there shouldn’t be any NS records for it.

1 Like

They were autogenerated by virtualmin when I imported the account on to the second server… however when I go to delete them virtualmin says:

Warning! Errors were found in this domain’s DNS records : DNS zone does not have any NS records