So this is my setup:
ISP connection with static IP address - Gateway router - LAN (192.168.1.0/24)
I use virtualmin as hosting solution on debian 6 as platform.
My server IP is static internal (192.168.1.1) with firewall enable becauze it is on DMZ zone.
My firewall rules: pop3s imaps3, https server port, smtp, dns, ssh - all to pass policy.
As master dns server I use dns.he.net services, where in my account I've created my zone/domain with A record, TXT PTR, MX FTP FTP-DATA.
But I want to use virtualmin dns server as slave. For that I've installed Slave DNS domain acording to http://www.virtualmin.com/documentat...e_dns_domains/.
But zones created on master don't transfer on slave.
When I creat my domains, I enable Setup slave DNS zone? option on each virtualserver.
Where I find logs file regardin DNS server?

You must add a NS record pointing to your dns slave server:
where x.x.x.x is the static IP given by your ISP.
And of course you need to forward port 53 tcp/udp from your router to your internal server IP (192.168.1.1)

Regards

Ok. I added it. But I am in a dilema:

On internet there is only one nameserver for each IP?! It is posibile to have ns2.domain.com with A 10.0.0.1 and ns2.example.com with A 10.0.0.1
My real hostname server (FQDN) is master.domain.com - with A 10.0.0.1
I that case NS record must be FQDN or ns2.domain.com -with A 10.0.0.1 and master.domain.com entry allreaady exists.

My hosting server is in DMZ zone therefore it is enough to create a firewall rule for DNS on the server.

For root domain.com must be created an A record or it is ok to have www.domain.com and mail.domain.com A record pointing to the same IP?

It is necesary to have a Reverse DNS on my dns hosting services?

First of all, if you want your domain to be publicly available, you cannot use IPs like 10.x.x.x or 192.168.x.x. You should use the static IP you said that your ISP has provided you.
Of course you can have the same A RR for ns2.domain.com and ns2.example.com. Just note that it's better to use one nameserver (e.g. ns2.domain.com) authoritative for both domain.com and example.com domains

If I can understand you, the FQDN provided by the hosts file is irrelevant if you're going to use dns

If you mean that your server has a public IP, then yes. You have to only open port 53 on firewall (tcp/udp)

Whatever you want. All of domain.com, www.domain.com and mail.domain.com can point to the same A record if you want so

It's necessary for the IP of the mail server (if yu want to use one). But's it's always good to have. Of course you must make sure that you can administer the reverse zone, or you have to tell your ISP to do this for you

Regards

I was refering to public IP (10.0.0.1) not private (192.168.1.1)

If I use DNS on my hosting server?! As a master or slave
What I understand if my FQDN is master.domain.com then NS record must be master.domain.com , not ns2.domain.com.

That is allready done

I need A record for root domain if I want to acceess from internet at address http://domain.com

That I was afraid, for PRT record must talk to my ISP.
I sent test email to my yahoo and google account with succes.
I I don't have a PTR record for mail.domain.com

Both IPs are private for the rest of the world. Have a look here for details.

Not necessarily. Since there will be an A RR for ns2.domain.com it could always be resolved.

I guess you're using your ISP mail server as a relay (smarthost), that's why you had success. If you want your mail.domain.com to send mail directly to other mailservers, then its IP needs to be resolvable, i.e. have a PTR RR.

My real ip is starting with 89.bla.bla :-D
I am not using ISP as relay (smarthost), because I even don't know waht is the address of relay server.

on intoDNS.com a make a report for my domain.com:

MX Records Your MX records that were reported by your nameservers are:

5 mail.domain.com 89.xxx.xxx.xxx

[These are all the MX records that I found. If there are some non common MX records at your nameservers you should see them below. ]
Every think look ok except these:

Missing nameservers reported by parent FAIL: The following nameservers are listed at your nameservers as nameservers for your domain, but are not listed at the parent nameservers (see RFC2181 5.4.1). You need to make sure that these nameservers are working.If they are not working ok, you may have problems!
ns2.domain.com

At my registar account I have to request a form for nameserver(all done)

and

Reverse MX A records (PTR) ERROR: No reverse DNS (PTR) entries. The problem MX records are:
xxx.xxx.xxx.89.in-addr.arpa -> no reverse (PTR) detected
You should contact your ISP and ask him to add a PTR record for your ips

You might need to wait until changes are propagated.

Ditto.
But if you can send mail without ending in the recipient's spam/trash folder, then it might be that you use SPF/TXT (I guess the TXT you mentioned) RRs and maybe DKIM too.

Yes I use SPF.
I want to use DKIM but I don't know verry well how to that.
On my hosting server I installed and enable DKIM option, but from there ....god knows...

First of all I want to thank you very much for your help!
I'll wait 24 hours to propagate changes. Till now transfer not ocur (3 hours ago I mange to create ns2.domain.com on my registar pointing to 89.xxx.xxx.xxx , create an @ IN NS ns2.domain.com for each virtualdomain with ns2 A 89.xxx.xxx.xxx

You can increase the serial in master and watch the logs for notifies
Or you can try to do a manual transfer and see if it works
It may help you identify problems without waiting for the one to expire.

For the moment I remove ns2.domain.com from dns.he.net si deleted from my registar.
Now I can't access some website, could not resolve host, something like that.
Repo from virtualmin not working.