We hope you find this tutorial helpful. In addition to guides like this one, we provide simple cloud infrastructure for developers. Learn more →

How To Create Vanity or Branded Nameservers with DigitalOcean Cloud Servers

PostedJuly 10, 2013 156.2k views DNS DigitalOcean

Introduction

Of particular interest to hosting providers or resellers, having branded or vanity nameservers provides a more professional look to clients. It eliminates the need of asking your clients to point their domains to another company's nameservers. This tutorial will outline two approaches to creating custom nameservers: (i) Vanity and (ii) Branded.

Types

Vanity nameservers allow you to use your own domain name, without having to setup complicated zone files; you can do this using DigitalOcean's nameservers and DNS Manager. This is accomplished by mapping your custom nameservers to DigitalOcean's IPs.

Branded Nameservers require a little more configuration, but allow you to exert complete control over DNS for your domain. The added control, however, carries with it the burden of having to self-manage your DNS. You'll need to deploy at least two VPS, with specialized software such as BIND, PowerDNS or NSD (for "name server daemon"). Wikipedia publishes a nice comparison of DNS server software.

Naming

You can use any naming scheme you want. If you're unsure, the most common schemes are ns1.yourdomain.com or a.ns.yourdomain.com.

Prerequisites

Ingredients for Both Vanity & Branded Nameservers:

1. Registered domain name from an established registrar, e.g. GoDaddy; NameCheap; 1&1; NetworkSolutions; Register.com etc. (at this time, DigitalOcean does not offer domain registration services.)

2. Glue Records: Ascertain your domain registrar's procedure for creating glue records. Different registrar's refer to glue records by different names, such as GoDaddy whom refers to them as host names. Other providers may refer to the process as "registering a nameserver" or "creating a host record." Glue records tell the rest of the world where to find your nameservers and are needed to prevent circular references. Circular references exist where the nameservers for a domain can't be resolved without resolving the domain they're responsible for. If you are not able to determine how to create Glue Records at your particular domain registrar (that is, how to "register a nameserver or host name"), then you need to contact your registrar directly and let them know that you need to register a nameserver.

For Vanity Nameservers Only

DigitalOcean's current IP addresses for its nameservers (which can be obtained by clicking on the respective hyperlinks, below; or, via nslookup; dig; or ping commands):

ns1.digitalocean.com

ns2.digitalocean.com

ns3.digitalocean.com

Additional Requirements if You'd Like to Maximize Control Over Your Domain's DNS, with Branded Nameservers:

Create or identify at least two VPS that you control that will act as Primary and Secondary Nameservers.

NOTE: It's technically possible to have only one VPS act as both the Primary and Secondary Nameserver. This approach, however, is not recommended because it sacrifices the safety that redundancy provides (i.e., fault tolerance). Keep in mind, however, that there's no hard limit of only two nameservers for your domain. You're only limited by the number of nameservers that your domain registrar allows you to register.

Deploy a DNS Server on your Primary and Secondary Nameservers. See How to Setup DNS Slave Auto Configuration Using Virtualmin/Webmin on Ubuntu; How to Install the BIND DNS Server on CentOS 6; or How To Install PowerDNS on CentOS 6.3 x64

The Quick & Easy Recipe: Vanity Nameservers:

1. First, login to your DigitalOcean Control Panel and add your domain name to the DigitalOcean DNS Manager.

2. Then, create A Records for your vanity nameservers and point them to DigitalOcean's IPs for ns1.digitalocean.com; ns2.digitalocean.com; ns3.digitalocean.com.

To accomplish this, create a new host A-Record with ns1.yourdomain.com. (do NOT forget to end the hostname with a period) in the hostname field. The IP address to use for ns1.yourdomain.com. is the IP address you discovered for ns1.digitalocean.com (above). Repeat these steps for ns2.yourdomain.com. and ns3.yourdomain.com.

For example:

(Do not forget the trailing dots)

A   ns1.yourdomain.com.     [IP address for ns1.digitalocean.com]
A   ns2.yourdomain.com.     [IP address for ns2.digitalocean.com]
A   ns3.yourdomain.com.     [IP address for ns3.digitalocean.com]

3. Next, you need to replace DigitalOcean's NS Records with each of your vanity nameservers in the DigitalOcean DNS Manager.

(Do not forget the trailing dots)

NS      ns1.yourdomain.com.
NS      ns2.yourdomain.com.
NS      ns3.yourdomain.com.

4. This next step will vary, depending on your domain name's registrar: Login to your domain name registrar's control panel and register the IPs of your nameservers by creating Glue Records. In another words, associate (or map) DigitalOcean's nameserver IPs with your vanity nameservers' hostnames.

With GoDaddy, for example, simply login to your Domain Name Control Panel and look for the area where you can list Host Names. There, click on Manage => Add Hostname and enter NS1 for the Hostname and ns1.digitalocean.com's IP address; click Add Hostname again and enter NS2 for the Hostname and ns2.digitalocean.com's IP Address. Click Add Hostname yet a third time and add NS3 for the Hostname and ns3.digitalocean.com's IP Address.

5. Almost done! Skip down to the DNS Testing section.

Recipe for Maximum Control, with Branded Nameservers:

The simplest way to configure DNS is to have someone else do it. For that reason, you should consider using DigitalOcean's DNS Manager.

If you really want to manage your domain's DNS yourself, however, you next need to deploy a DNS server such as BIND. A complete zone-file configuration is beyond the scope of this tutorial. However, you need to ensure that you apply the same principals described above:

1. Create both A & NS Records for ns1.yourdomain.com. and ns2.yourdomain.com. (with BIND, especially, do not forget the trailing periods).

2. Ultimately, your zone file will contain the following entries:

ns1.yourdomain.com. IN  A   1.2.3.4
ns2.yourdomain.com. IN  A   1.2.3.5
yourdomain.com.     IN  NS  ns1.yourdomain.com.
yourdomain.com.     IN  NS  ns2.yourdomain.com.

3. Remember, the IP addresses for your ns1 and ns2 A Records (and for your Glue Records) come from you--in that you have to set up at least two VPS to run your name servers.

4. Login to your domain name registrar's control panel and create Glue Records for as many nameservers you wish to deploy. Just make sure that you are using the IP addresses of servers under your control (and not the addresses of DigitalOcean's nameservers).

DNS Testing

To make sure you configured everything correctly, you can run the Check Domain Configuration tool. Keep in mind, however, that, depending on your registrar, nameserver changes can take up to 72 hours to properly propagate throughout the Internet.

Article Submitted by: Pablo Carranza

106 Comments

  • For vanity nameservers, when you write "create NS Records for each of your vanity nameservers" do you mean one should *replace* the existing NS records with this? (e.g. you should end up with 3x NS records pointing to the new vanity name, rather than end up with 6x NS records - three to the new, three to the old.)
  • Good catch @craig! Paragraph 3 of The Quick & Easy Recipe: Vanity Nameservers: section should read:

    Next, you need to [replace] DigitalOcean's NS Records [with] each of your vanity nameservers in the DigitalOcean DNS Manager[.]
  • Thanks, Craig, and Pablo! We've updated the article. :]
    • All my vanity NS are working fine but in diagnostics I always get a SOA Mname error:

      Primary Name Server Not Listed At Parent
      WARNING: Primary name server ns1.digitalocean.com. listed in SOA Record is not found at the parent name servers. The MNAME field defines the Primary Master name server for the zone, this name server should be found in your NS records.

      Does this mean I have to enter the actual name "ns1.digitalocean.com" at my domain providers panel?

  • PRO TIP: For those who want a fully-featured yet simple way of managing DNS servers and host records, cPanel provides a "DNSONLY" version of their cPanel/WHM control panel, and it's completely free to anyone. You can run any of the three nameserver software available in WHM (Bind, NDS & MyDNS), and you have the same dns management tools available in cPanel's commercial control panel, WHM (Web Host Manager). Details here: http://cpanel.net/cpanel-whm/the-cpanel-service-distribution/dns-only/
  • I believe I have this correct: • find Digital Ocean IP address for ns1 + ns2 + ns3 (click links above) • create (3) a records - ns1.vanity.tld. + ns3.vanity.tld. + ns3.vanity.tld. • assign Digital Ocean ns IPs to newly created (3) a records • replace three existing ns records (yellow boxes) with ns1.vanity.tld. + ns2.vanity.tld. + ns3.vanity.tld. Does capitalization matter? I'm not sure. If I did everything correctly, I'll know shortly because of http://www.webdnstools.com/dnstools/domain_check Thanks for the wicked article yo!
  • up and running - check out the pic if the above embed didn't work, visit -- http://i.imgur.com/UG8Ekhm.png
  • Seems kinda obvious now but this took me a while to realize and get working. make sure you change your domains name servers to use your new vanity name servers and not still using digital oceans.
  • "DigitalOcean's current IP addresses for its nameservers [...]" How likely is it these could change? If they do, would all domains pointing at ns1.mydomain.com stop working? I'd have to update with the new IP addresses, right? Is there some system in place that would prevent downtime?
  • @tissandier: They shouldn't be changed at all but if we ever need to change them for some reason you will have to update your NS servers to point to the new IPs manually.
  • Cool, thanks for the reply. Updating manually is fine, I was just worried it might happen out of the blue without me noticing. As long as an email warning gets sent out first or something.
  • When using Check Domain Config tool, I get the following: No name servers found for nerovivus.com. Received answer from ns2.digitalocean.com A search was performed starting with the root servers, but no NS records were found for this domain. I can access my site via ip, but not via my registered domain name, although it seems I did everything what was said in the tutorial for that. Also there's a thing, that on every third or fourth reload of the page, django fails to find the view, but when I hit refresh again it is ok (for three, four refreshes and then the same). Any tips?
  • I'm the same case tad @redviam… Using de DNS Tool i don't have records found in my domain. I did all the steps.
  • @redviam: nerovivus.com doesn't seem to exist in our DNS system, did you create it using our DNS manager?
  • 1.I've registered domain name on namecheap and transfered them to DO: http://i42.tinypic.com/15gfj0x.jpg 2.Registered them via control panel on DO: http://i41.tinypic.com/2bo21k.jpg http://i40.tinypic.com/25ev7cz.jpg What am I missing or misunderstanding here?
  • @redviam: The domain in the DigitalOcean DNS manager should be just the domain name without 'www'
  • hi. I want to create private nameservers for my domain. the problem is that I use this domain as reseller. so the others domain that I add through Cpanel not working. I have to add manually the records to DO DNS manager. is any way to do this film my cpanel?
  • @web.panosdotk: Follow the Branded Nameservers section of this article and point the nameservers to your cPanel droplet.
  • @web.panosdotk did you manage to set-up a multi domain hosting through DO? I've been trying to do the same with vestacp but having some difficulties!? On its forums I found out that it is technically possible to create a domain reseller and inside the control panel set-up the other domains... but I failed :-(
  • Dear all I’ve been trying to install a control panel with Vesta and be able to manage different domains for my clients website in a single DO droplet. Main domain name “arsenbenda.com” These are the steps I’ve been following but still having some trouble working it out! 0. No domain name nor DNS values inside DO droplet 1. Created arsenbenda.com domain on my Vesta panel under admin web with DNS support: [https://drive.google.com/file/d/0BxgnbUKV8kVfSHRGMWF1Z2V6OXM/edit?usp=sharing] 2. Created the DNS records in the DNS: A ns1.arsenbenda.com. 198.199.120.125 A ns2.arsenbenda.com. 141.0.170.89 A ns3.arsenbenda.com. 198.199.95.114 NS ns1.arsenbenda.com. NS ns2.arsenbenda.com. NS ns3.arsenbenda.com. [https://drive.google.com/file/d/0BxgnbUKV8kVfQTFwUU1CRnN4c2M/edit?usp=sharing] 3. Logged on my registar and changed the names servers ns1 -> 198.199.120.125 ns2 -> 141.0.170.89 ns3 -> 198.199.95.114 4. Within vesta panel inside user account settings set default name servers to ns1.arsenbenda.com, ns2.arsenbenda.com, ns3.arsenbenda.com [https://drive.google.com/file/d/0BxgnbUKV8kVfT0dMMXBoQ1AxUXc/edit?usp=sharing] Now for the other domains: 5. Modified name servers on second damain to: ns1.arsenbenda.com, ns2.arsenbenda.com 6. Inside vesta panel added domain with DNS support check mark selected. Modified NS and A records as on “Point 2.” [https://drive.google.com/file/d/0BxgnbUKV8kVfTHlqRjBlMnZqSmc/edit?usp=sharing] 7. inside user account settings set default name servers to ns1.arsenbenda.com, ns2.arsenbenda.com, ns3.arsenbenda.com After all this work I get “No name servers found for arsenbenda.com.” for second domain as well! What did I do wrong?
  • same issue here and still shows server returned no 'glue' records
  • @raafat88: Are you trying to set up Vanity or Branded Nameservers? Did you configure the glue records using your registrar's control panel?
  • i am trying to set up vanity nameservers... i have configured the glue records at godaddy and followed all the steps exactly as mentioned above... but still second domain on vesta control panel is not working... something is missing...
  • @raafat88: Please take a screenshot of your glue records at godaddy.
  • does this mean we can set our own ttl times?
  • @adrianbro: We do not support changing the TTL time so if you set up Vanity nameservers you will not be able to do that. However, setting up your own nameservers (Branded nameservers) allows you to set your own TTL time.
  • @Kamal Nasser: vestcp team suggested the following and it works great; If you want to manage DNS in vesta then you don't need DO DNS manager at all. IP address for child name servers should be your DO instance IP address. Domain registrar (i.e goddady or someone else ) 1. Create ns1/ns2 record and point them to instance ip address 2. Change name servers to ns1.site.com and ns2.site.com Vesta control panel 1. Add domain site.com 2. Edit dns domain site.com -> select child-ns template -> Save 3. Set ns1.site.com and ns2.site.com as default name servers
    • I realize it's been a while but... Could you elaborate, or confirm that what I have below is correct?

      Domain registrar

      1. Create ns1.example.tld and ns2.example.tld glue records and point them both to the Digital Ocean droplet IP address. (Skip ns3.)
      2. Set nameservers to ns1.example.tld and ns2.example.tld. (Again skip ns3).

      Vesta CP

      1. Under "Web", add example.tld.
      2. Under "DNS", edit domain and select child-ns template. (What goes under SOA?)
      3. Under "Packages", edit "default" and set ns1.example.tld and ns2.example.tld as nameservers.

      Digital Ocean
      Existing settings in DNS can be ignored because they don't affect anything.

      Is all that correct? Much thanks!

  • Hi, what do you mean "at least two VPS to run your nameservers." ? I have two droplets, one in AMS1 and AMS2 but they do different work. can I use AMS1 and AMS2 IPs for Private Nameserver? I use eNom.com as registrar. Thanks
  • @mohseni_92: You will need to install a DNS server on both of them, check out https://www.digitalocean.com/community/articles/how-to-install-the-bind-dns-server-on-centos-6. I would personally use DigitalOcean's DNS servers or Cloudflare's DNS.
    by Travis
    This article will show you how to setup and configure the BIND DNS Server on CentOS 6.
  • Ok, just to clarify, at the domain registrar nameservers = DO NS1, NS2, NS3 glue record = vanity NS1, NS2, NS3 or do both nameservers and glue record use the vanity?
  • @Peter: The other way :) You configure the glue records to point to ns1.digitalocean.com, ns2., and ns3. and set your domain's nameservers to ns1.yourdomain.com, ns2., and ns3..
  • @Kamal Thanks for the clarification!!
  • I can't get my vanity nameservers to work. I have configured my main domain and vanity NSs like this: My domain registrar is pointing qtsdev.com to nsX.digitalocean.com nameservers, and also created glue records vía its option "Register nameserver" with domains nsX.qtsdev.com and IPs of DO's nameservers (I coulnd't create the inverse way as commented right before by @Kamal because registrar only allowed to be qtsdev.com as the main ns domain). I have also pointed a domain (inscribirme.com.ar) to use NSs nsX.qtsdev.com, and added it to the domain list like this: It's neither working and a dig query to inscribirme.com.ar with tracing shows this: Thanks for any help in advance!
  • Now instead of showing the "not found" message shows last lines like this: inscribirme.com.ar. 3600 IN NS ns2.qtsdev.com. inscribirme.com.ar. 3600 IN NS ns1.qtsdev.com. ;; Received 82 bytes from 130.59.138.49#53(130.59.138.49) in 323 ms ;; Received 36 bytes from 198.211.117.8#53(198.211.117.8) in 188 ms
  • @QTSdev: Try renaming the A records as follows: ns1.qtsdev.com -> ns1 ns2.qtsdev.com -> ns2 ns3.qtsdev.com -> ns3
  • Really nice catch! Get the job done, easy and quickly! Is the vanity server method going to change the domain's SOA record as well?
  • Name Server Glue Server returned no 'glue' records. (Glue records are not necessary when the name servers are from a different domain.) Warn I setup my name servers at my registrar But when I test it i get that error :/ what gives $TTL 1800 @ IN SOA ns1.mysite.com. hostmaster.mysite.com. ( ----------------- ; last update: 2014-03-10 13:19:33 UTC 3600 ; refresh 900 ; retry 1209600 ; expire 1800 ; ttl ) IN NS ns1.mysite.com. NS ns2.mysite.com. NS ns3.mysite.com. @ IN A xxx.xxx.xx.xxx ns1 IN A 198.199.120.125 ns2 IN A 198.199.95.114 ns3 IN A 141.0.170.89
  • http://jsfiddle.net/ztLCR/1/
  • Can someone point me out how to do this with namecheap.com , this is my first time doing all this, I manage to add the IP to namecheap, but what do i do in digitalocean dns settings itself?
  • One problem that I stumbled with is with .no domains. When I try to point .no domain to my vanity name servers I get the following error message: --- This does not correspond with the nameservers you have entered, which are... The list you enter must be identical to the list of NS records returned by each nameserver on the list. For .no domains the nameservers must be configured correctly before the delegation can be completed. Not all ISPs are aware of this. Please contact the administrators of the nameservers you are trying to use, and ask them to create a valid zone file for somedomain.dk on all the nameservers. --- In other words for .no domains the registrar compares the vanity name servers to the actual hosted zone and it returns an error if different. Is it possible to somehow avoid this error message?
  • @kokominev I have a similar issue. I get an error from: http://www.intodns.com/ FAIL: The following nameservers are listed at your nameservers as nameservers for your domain, but are not listed at the parent nameservers (see RFC2181 5.4.1). You need to make sure that these nameservers are working.If they are not working ok, you may have problems! ns1.digitalocean.com ns3.digitalocean.com ns2.digitalocean.com I tried removing the digitalocean nameservers from the dns tool. But they seem to be automatically added back in! When I removed one digitalocean nameserver record, it stayed gone. When I removed all three they went back in: IN NS ns1.digitalocean.com. NS ns2.digitalocean.com. NS ns3.digitalocean.com. I assume this is a "helpful" feature from DO but can it be disabled?
  • @adam.jimenez: Are you trying to leave the NS fields blank? You need to replace DigitalOcean's NS Records with each of your vanity nameservers in the DNS Manager.
  • @Andrew SB I did add my own nameservers but the DO ones were also getting added back in automatically. I contacted DO support and they acknowledged the issue and have now fixed it. I can confirm it's working correctly now.
  • I'm really struggling with this because I can't figure out whether I need vanity or branded nameservers! I have installed Virtualmin on my VPS using parentdomain.com. I want to be able to manage the DNS of virtualmin servers using Virtualmin. I.e. you can create a new Virtualmin virtual server and that creates ftp.clientdomain.com, mail.clientdomain.com, etc I am happy to manage the DNS of the parentdomain.com with digitalocean's DNS manager. My registrar is setup so that parentdomain.com uses ns1.digitalocean.com and ns2.digitalocean.com. My clientdomain is setup to use ns1.parentdomain.com and ns2.parentdomain.com. Do I need vanity nameserver or branded?
  • Hello guys, I'm going crazy with Vanity Nameservers and my domain name mediamate.co. This is what I've done: 1. I have a domain name registered at Godaddy, I've created 3 GLUE records for NS1/NS2/NS3 pointing them to DigitalOcean nameservers (screenshot: http://cl.ly/image/32112Y0h2R3g) 2. In Godaddy I have changed my primary domain nameservers to reflect the new configuration (screenshot: http://cl.ly/image/3F2F2w301l2P) 3. I've updated the DNS settings in DigitalOcean creating NS and A records screenshot: http://cl.ly/image/3K3q3S2c1C2a 4. Finally, I've updated DNS settings on zPanel for my primary domain, A records: http://cl.ly/image/2u3w2h3C233t and NS records: http://cl.ly/image/3C3U2T0s411d mediamate.co is working and reachable but if I point any other domain to the new nameservers it will result unreachable. When checking my domain DNS configuration with online tools like dnsinspect.com, it seems GLUE records are not registered: ============== ns1.mediamate.co. TTL=7200 [NO GLUE4] [NO GLUE6] ns2.mediamate.co. TTL=7200 [NO GLUE4] [NO GLUE6] ns3.mediamate.co. TTL=7200 [NO GLUE4] [NO GLUE6] WARNING: Parent name server (ns2.cctld.co.) didn't provide IP addresses for all of your name servers. Extra queries will be necessary to retrieve name server's IP addresses. Name servers without glue: ns1.mediamate.co. ns2.mediamate.co. ns3.mediamate.co. ============== I can't understand if something is wrong with my zPanel DNS configuration or if the problem is related to DNS settings on DigitalOcean / Godaddy. Any help is appreciated! Thanks
  • @benmorganpowell: You can use either method but if you want to manage your DNS records via Virtualmin you will need to use the Branded Nameservers method.
  • @stef.dil: Your nameservers seem to be set up correctly. It probably took a few hours to propagate. Is it still not working for you?
  • Thank you for the information! I have just adjusted mine and will see how this works out.
  • Same problem here, Followed all steps but still no glue records yet. It's been 7 days already but non success yet. Really frustrated and domain mapping is not working on wordpress multisite.
  • FYI, This is the message from http://www.dnsinspect.com/mytrenz.com Vanity NS ------------------------------------------------------------------------------------------------------------ NS Records at Parent Servers ns1.mytrenz.com. TTL=172800 [198.199.120.125] [NO GLUE6] ns2.mytrenz.com. TTL=172800 [173.245.59.41] [NO GLUE6] ns3.mytrenz.com. TTL=172800 [198.199.95.114] [NO GLUE6] NS Records ns1.mytrenz.com. TTL=1800 [NO GLUE4] [NO GLUE6] ns2.mytrenz.com. TTL=1800 [NO GLUE4] [NO GLUE6] ns3.mytrenz.com. TTL=1800 [NO GLUE4] [NO GLUE6]
  • I've used this tutorial. But I have problem. I using VirtualMin for host managing. I tried to work correctly and step by step with this tutorial. The main domain it was ok and up. But when I hosted any new domain, It's not correct on DNSs. The main domain is: samac.ir http://www.dnsinspect.com/samac.ir The other hosted domain is: listor.ir http://www.dnsinspect.com/listor.ir The name server's main domain(samac.ir) on droplet is: A @ 107.170.140.195 A WWW.SAMAC.IR. 107.170.140.195 A NS1.SAMAC.IR. 198.199.120.125 A NS2.SAMAC.IR. 173.245.59.41 A NS3.SAMAC.IR. 198.41.222.173 NS NS1.SAMAC.IR. NS NS2.SAMAC.IR. NS NS3.SAMAC.IR. The name server's main domain (samac.ir) on my registrar is: NS1.SAMAC.IR. 198.199.120.125 NS2.SAMAC.IR. 173.245.59.41 NS3.SAMAC.IR. 198.41.222.173 The name server's other domain (listor.ir) on my registrar is: NS1.SAMAC.IR. NS2.SAMAC.IR. Could you please help me to solve this big problem (for me)? Thanks a lot.
  • @Zoshpaik: Glue records need to be created on the parent name servers. So I'd try contacting your domain name provider.
  • After all of this, at the registrar's end, do I need to change the domain's NS to it's own or leave them to Digital Ocean's ?
  • Looks like the DO NS ips changed recently and broke my dns! I hope this isn't a regular occurrence.

  • Same Here.

    DigitalOcean: You NEED to inform all customers about IP Changes to DNS

  • AGREED DO Must inform all userss!!! It just caused my website downtimee!!!

  • +1 on notifying customers when the IP changes. I used the tutorial above to set up a few sites months ago and just discovered that they're inaccessible (no idea since when) b/c of the IP changes. Don't see where anyone could use this technique on production sites, too unreliable if we're not going to get an advance warning.

  • We host our DNS Name Servers at CloudFlare, and unfortunately the IPs were changed unexpectedly.

    The new IPs for our Name Servers are the following:

    173.245.58.51
    173.245.59.41
    198.41.222.173

  • Please notify your customers of IP changes!

  • I agree. Digital Ocean is great most of the time, but stuff like this is frustrating.

    You can't just change nameserver IPs without notification to customers! My sites went down due to this.

  • When i ping my vanity name servers, the response comes from digital ocean name servers, is this normal? I was thinking DO DNS will be completely masked.

  • @obinna: Yes, that is normal. The only way to completely mask the DNS records is to host the nameservers yourself which you can do by following Parts 1, 2, and 5 (or 1, 2, and 6) of the DNS series and following this article's Branded Nameservers section.

  • I'm a bit lost in the thread. :)

    In the DigitalOcean control panel I have this:

    • 3 × A records (ns1.mydomain.com. + ns2 + ns3), targeting DigitalOcean's 3 IP adresses
    • 3 × NS records (ns1.mydomain.com. + ns2 + ns3)

    In my registrar's control panel I have this:

    • 3 × glue records (ns1.mydomain.com + ns2 + ns3), targeting DigitalOcean's 3 IP adresses
    • 3 × DNS servers (ns1.digitalocean.com + ns2 + ns3)

    It seems it works. Is it okay or should I change the DNS servers to ns1.mydomain.com + ns2 + ns3 as well?

  • Another question: does using vanity name servers slow requests down when accessing websites using them?

  • @tbnv: You should change your domain's nameservers to ns1-3.yourdomain.com as well. Using Vanity Nameservers does not slow down your website.

  • @kamal: Thanks for the info. Everything seems to work. Though I ran a DNS check on http://www.webdnstools.com/dnstools/ and there is a warning about glue records:

    Server returned no 'glue' records. (Glue records are not necessary when the name servers are from a different domain.)
    

    Wasn't it precisely the purpose of the procedure described in this tutorial? ^^

  • @tbnv: I recently encountered the same issue, but it turns out that the glue records are sent only if your nameservers are under the same domain name. So once you change the nameservers to ns1-3.yourdomain.com, the glue records should be returned as well.

  • @kamal: I changed the name servers to ns1-3.yourdomain.com 2 days ago, like you said, but I still get that warning.

    There is also a second warning about the SOA Serial Number:

    The SOA serial number appears not to conform to RFC1912, which recommends that the serial number should be in YYYYMMDDnn format. Some systems use the Unix timestamp for the serial number.

    Maybe it's nothing but I guess it's better when there's no warning at all. :)

  • @tbnv: You can ignore the warning, it's just saying that the zone's serial number doesn't follow the RFC1912 Serial format recommendation. But it's just a recommendation, it works just as fine if the Serial is of a different format.

    What is the actual domain name?

  • @kamal: Okay thanks for the info. Is there a private way to share the details with you?

  • Hi there,

    For "Additional Requirements if You'd Like to Maximize Control Over Your Domain's DNS, with Branded Nameservers:"

    Is there a tutorial to set up a DNS on Debian 7?

    If not, does this extra control make a difference?

    Thanks

  • You can disregard the last comment. However, I would add into the tutorial that you have to change your nameservers to point to your vanity ns*.yourdomain.com namserver after setting up the host names.

  • How can we customize the Primary Name Server declared in the SOA file?
    Default is set to ns1.digitalocean.com, but it must be ns1.vanity.tld.
    Thanks

  • Somehow, I am unable to get this to work. I add the A record, ns1.mydomain.com, and add in DO ip address, when I save it, it will automatically remove mydomain.com and only leave it with ns1. I already ask a question with full details. https://www.digitalocean.com/community/questions/changing-to-own-domain-nameservers

    Any kind souls that can help me in that? Thanks in advanced.

  • This seems complicated, any idea how to do the same when using Vestacp??

  • As it says in prerequisite #2, "Ascertain your domain registrar's procedure for creating glue records".

    So I contacted my registrar (registro.br) asking them how to configure the glue domains. Their answer was:

    "Glue Records are configured on the DNS servers bound to the domain."

    So, if I get it right, what they are saying is that I should config Glue records on Digital Ocean panel... is that so? Im confused.

  • My main domain name :: reesu.co.in. I have set up own name server and it's working file.

    But How to set DNS for virtual domain.

    i want to add a virtual domain such as example.com I have set up it in droplet. But unable to set proper DNS.

    i have try but it's pointing to main domain instead virtual domain path.

    Let me explain DNS for main domain :

    1. I have updated these records in DO's DNS (here)

    Record | value1 | value 2

    A | ns1 | 173.245.58.51
    A | ns2 | 173.245.59.41
    A | ns3 | 198.41.222.173

    CNAME | www | reesu.co.in
    CNAME | * | reesu.co.in

    NS | ns1.reesu.co.in.
    NS | ns2.reesu.co.in.
    NS | ns3.reesu.co.in.

    1. I have updated these records in my domain register control panel (bigrock domain register)

    A. Child Name Servers (Child Name Servers are Name Servers which are registered under your Domain Name.Once registered, you can use these Child Name Servers in turn as Name Servers for registering other Domain Names)

    ns1.reesu.co.in | 173.245.58.51
    ns2.reesu.co.in | 173.245.59.41
    ns3.reesu.co.in | 198.41.222.173

    B. Name Servers

    ns1.reesu.co.in
    ns2.reesu.co.in
    ns3.reesu.co.in

    main domain is working fine.

    But How to set DNS for virtual domain ?

    Please help.

  • As it says in the prerequisites of this article:

    "NOTE: It's technically possible to have only one VPS act as both the Primary and Secondary Nameserver. This approach, however, is not recommended because it sacrifices the safety that redundancy provides (i.e., fault tolerance). Keep in mind, however, that there's no hard limit of only two nameservers for your domain. You're only limited by the number of nameservers that your domain registrar allows you to register."

    I would like to do it this way (the same VPS act as both Primary and Secondary Nameserver), is there a tutorial somewhere? Or someone able to help guide me thrue such a setup?

  • This IS CRAZY!

    I had this setup (Vanity setup) working, was able to access my created virtual servers, even installed Joomla on one of them using firefox browser, now it suddenly stopped working, and I have no idea what might have happened.

    IN MY GODADDY ACCOUNT.
    Godaddy is registrar for my main droplet domainname, which I for this purpose describe as:

    maindropletdomain.tld

    This domain I have configured by adding 3 hostnames:
    ns1 --> 173.245.58.51 (ipadress of ns1.digitalocean.com)
    ns2 --> 173.245.59.41 (ipadress of ns2.digitalocean.com)
    ns3 --> 198.41.222.173 (ipadress of ns3.digitalocean.com)

    Then I have configured this same domain to use 3 nameservers
    ns1.maindropletdomain.tld
    ns2.maindropletdomain.tld
    ns3.maindropletdoman.tld

    .............................................................................................................

    IN MY DIGITALOCEAN control panel

    Droplet is created with the domainname maindropletdomain.tld

    Domain records says:

    A | @ | IPADRESS of droplet
    A | ns1 | 173.245.58.51
    A | ns2 | 173.245.59.41
    A | ns3 | 198.41.222.173
    NS | ns1.maindropletdomain.tld.
    NS | ns2.maindropletdomain.tld.
    NS | ns3.maindropletdomain.tld.

    And the content of the Zone File is:

    $ORIGIN maindropletdomain.tld.
    $TTL 1800
    maindropletdomain.tld. IN SOA ns1.digitalocean.com. hostmaster.maindropletdomain.tld. 1420321803 10800 3600 604800 1800
    maindropletdomain.tld. 1800 IN NS ns1.maindropletdomain.tld.
    maindropletdomain.tld. 1800 IN NS ns2.maindropletdomain.tld.
    maindropletdomain.tld. 1800 IN NS ns3.maindropletdomain.tld.
    maindropletdomain.tld. 1800 IN A xxx.xxx.xxxx.xxx (ipadress of droplet)
    ns1.maindropletdomain.tld. 1800 IN A 173.245.58.51
    ns2.maindropletdomain.tld. 1800 IN A 173.245.59.41
    ns3.maindropletdomain.tld. 1800 IN A 198.41.222.173

    .......................................................................................................................

    MY VIRTUAL DOMAINS

    My virtual domains all have set the following nameservers:
    ns1.maindropletdomain.tld
    ns2.maindropletdomain.tld
    ns3.maindropletdomain.tld

    Again, all of this worked yesterday and earlier today, I had even installed Joomla in one of those, but now I can not reach any virtual host, neither using a browser or ftp.

    So what could have happened after THIS WAS WORKING yesterday, and now suddenly does not work? I have not made any special configuration changes other than activating my firewall. After discovering this problem, I deactivated the firewall, still have the same problem, no virtual server is working.

    It DID work, so I know my configuration was (is) correct. Scratch my head! Any idea, anyone?

    • Pointing my browser to http://maindropletdomain.tld actually works, but I am not able to reach any of the created virtual servers.

      Again, virtual servers WAS working, evidently by the fact that I used ftp to upload joomla installation files and used firefox browser to install it on one of the virtual servers, and then signed up a testuser in joomla.

    • I just tried something, and it worked.

      I changed all three hostnames at godaddy to my droplet ip instead of the ip of DO nameservers.

      Then I went in to my DO control panel, and change all 3 A-records to point to my droplet ip instead of the DO nameserver ips.

      Then waited a few minutes, now all my virtualservers resolve and works. VIOLA!!

    • Hmmm.....using my droplets main ipaddress as the destination ipaddress for my NS, (which is the working setup I have now), is this setup now working totally independent of any DNS Records setting in the DO DNS area?

  • I did the Quick & Easy Vanity Nameserver setup but when I got to the DNS Testing it showed two warnings:

    "Your SOA record lists ns1.digitalocean.com as the Primary nameserver. This server is not listed as a valid nameserver at the parent servers."

    and

    "The SOA serial number appears not to conform to RFC1912, which recommends that the serial number should be in YYYYMMDDnn format. Some systems use the Unix timestamp for the serial number."

    How do we edit the SOA records?

  • Ok so here is what I've been doing so far:

    I'm trying to build my own hosting service, which is nor really a hosting company, just a place where I can put the websites I make myself, BUT I want some panel to make things easy when creating a new website and all of that.

    On DO:
    I created a new droplet with the name "myexamplehost.me"
    I then installed virtualmin on it, and after configuring it, I created the virtual server "mypersonalpage.com"
    On the DNS page on DO I added the domain "myexamplehost.me"
    I added the 3 A records named "[ns1-ns3].myexamplehost.me" pointing to the IPs of DO name servers
    I changed the 3 NS records to "[ns1-ns3].myexamplehost.me"

    On Godaddy (registrar of "mypersonalpage.com")
    I changed the nameservers to "[ns1-ns3].myexamplehost.me"

    On NameCheap (registrar of "myexamplehost.me")
    I went to "Domain Name Setup" and added "[ns1-ns3].digitalocean.com" there
    I went to "Nameserver Registration" and added "[ns1-ns3].myexamplehost.me" with the 3 IP values od DO nameservers.

    Shouldn't typing "mypersonalpage.com" on the browser take me to my website hosted on my host?
    Have I done something wrong?

  • Is there a reason you couldn't white label Digital Oceans name servers as such:

    ns1 -> CNAME -> ns1.digitalocean.com
    ns2 -> CNAME -> ns2.digitalocean.com
    ns3 -> CNAME -> ns3.digitalocean.com

    ns1 -> NS -> ns1.yourdomain.com
    ns2 -> NS -> ns2.yourdomain.com
    ns3 -> NS -> ns3.yourdomain.com

    I've seen this working before without problem through Cloudflare. Any adverse affects? Also, do the Digital Ocean name server IP's change often?

  • So now I got everything up & running using vanity route.
    But there's one problem. Digitalocean still appears as SOA.

    See this image: my DNS SOA entry

    Is there any way to change this to my domain as well?

  • I'm little late on the topic but I have a specific question. I have hosted my DNS with CloudFlare and it seems, DO's name servers are hosted with CF. So my issue is, that I cannot create A Record at CF as it throws an error - You cannot use CF IP..

    Do I really need to add any other record if I want to continue using CF DNS for my own website but use my name servers (ns1.mydomain.com, ns2.., ns..3) for my customers. Means, my customers would use my name servers to point to their servers.

  • When testing with http://www.webdnstools.com/dnstools/domain_check I get the following message:

    Your SOA record lists ns1.digitalocean.com as the Primary nameserver. This server is not listed as a valid nameserver at the parent servers.

    Would it be possible to change the SOA record to point to my vanity nameservers, or is it the only chance to add ns1.digitalocean.com as one of my domain's DNS records?

  • @kamaln7:

    Is this feature still working?

    Any possibility that this article could be updated with DO's new DNS manager?

    It isn't possible to put in the trailing dots in the A records and also the creation of a NS record without the field hostname doesn't seem possible to me.

    Any response would be great!

    Thanks...

    • I have the same exact questions/issues. I'm trying to install VirtualMin on my droplet and this is one of the requirements but it's hard to follow when the DNS Manager does not match the examples in the article.

      Re: the inability to add trailing dots to the A records, I'm just going to try without since the DNS Manager will not allow it.
      Re: creation of NS record without hostname, I guess I'll try adding the default @? We'll see if this works. Thanks for any help in advance.

  • Hi i have a problem i make all the tutorial and i cant get working

    I try to make Vanity nameserver

    i Have 2 domains registred on namesilo.com
    domain1.com
    domain2.com

    the domain1.com it in DO
    i create a glue records for domain1.com

    i create A records for the 3 ips ofDO
    A ns1.domain1.com. 173.245.58.51
    A ns2.domain1.com. 173.245.59.41
    A ns3.domain1.com. 206.81.11.78

    Change the NS Record from
    ns1.digitalocean.com. to ns1.domain1.com.
    ns2
    ns3

    Now i go to namesilo, and chege the nameserver for domain2

    in the domain2 i put

    ns1.domain1.com
    ns2.domain1.com
    ns3.domain1.com

    Now i make the dns test

    for domain1 its perfect.

    For domain2 say

    No name servers found for domain2.com.
    Received answer from
    A search was performed starting with the root servers, but no NS records were found for this domain.
    Try again as the name servers for this domain may have been busy and didn't respond in time. If this error persists, there may be a problem with your name servers.

    The domain2.com i need to add in some place in Digital Ocean

    to be able to work I must create a virtual server in virtualmin or the DNS test should work the same for more than the virtual server is not created in virtualmin

    Thanks

    • I Already create the Virtual Server in Virtual min for domain2

      if i try to make a ping to domain2.com not working.

      i need to add of something about the domain2.com in Digital Ocean ???

      Thanks

  • this post should be updated as the DO dashboard design and interface has changed.

    I just wonder at the step 3 (vanity) it says " 3. Next, you need to replace DigitalOcean's NS Records with each of your vanity nameservers in the DigitalOcean DNS Manager."

    what should i enter in the field "WILL DIRECT TO" in my DO dashboard? I have tried both directing it to my own or DO ns server.

    both tried this and no luck:

    Type Hostname Value TTL (seconds)

    NS

    ns3.mydomain.com.tr Copy directs to
    ns3.mydomain.com.tr Copy

    86400 Copy More
    NS

    ns2.mydomain.com.tr Copy directs to
    ns2.mydomain.com.tr Copy

    86400 Copy More
    NS

    ns1.mydomain.com.tr Copy directs to
    ns1.mydomain.com.tr Copy

    86400 Copy More
    A

    ns2.mydomain.com.tr Copy directs to
    173.245.59.41 Copy

    3600 Copy More
    A

    ns3.mydomain.com.tr Copy directs to
    198.41.222.173 Copy
    3600 Copy More
    A

    ns1.mydomain.com.tr Copy directs to
    173.245.58.51 Copy

    3600 Copy More

  • How to create the glue servers on AWS, in Route 53?

  • When I add my domain name to the DigitalOcean DNS Manager I must also change the Nameservers in the domain registrar?

Creative Commons License