diff --git a/charts/ingress-nginx/README.md b/charts/ingress-nginx/README.md
index dbb0f68c78..7d8c1e74f7 100644
--- a/charts/ingress-nginx/README.md
+++ b/charts/ingress-nginx/README.md
@@ -447,6 +447,7 @@ metadata:
 | controller.service.enableHttps | bool | `true` | Enable the HTTPS listener on both controller services or not. |
 | controller.service.enabled | bool | `true` | Enable controller services or not. This does not influence the creation of either the admission webhook or the metrics service. |
 | controller.service.external.enabled | bool | `true` | Enable the external controller service or not. Useful for internal-only deployments. |
+| controller.service.external.labels | object | `{}` | Labels to be added to the external controller service. |
 | controller.service.externalIPs | list | `[]` | List of node IP addresses at which the external controller service is available. Ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips |
 | controller.service.externalTrafficPolicy | string | `""` | External traffic policy of the external controller service. Set to "Local" to preserve source IP on providers supporting it. Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip |
 | controller.service.internal.annotations | object | `{}` | Annotations to be added to the internal controller service. Mandatory for the internal controller service to be created. Varies with the cloud service. Ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer |
@@ -458,6 +459,7 @@ metadata:
 | controller.service.internal.externalTrafficPolicy | string | `""` | External traffic policy of the internal controller service. Set to "Local" to preserve source IP on providers supporting it. Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip |
 | controller.service.internal.ipFamilies | list | `["IPv4"]` | List of IP families (e.g. IPv4, IPv6) assigned to the internal controller service. This field is usually assigned automatically based on cluster configuration and the `ipFamilyPolicy` field. Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services |
 | controller.service.internal.ipFamilyPolicy | string | `"SingleStack"` | Represents the dual-stack capabilities of the internal controller service. Possible values are SingleStack, PreferDualStack or RequireDualStack. Fields `ipFamilies` and `clusterIP` depend on the value of this field. Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services |
+| controller.service.internal.labels | object | `{}` | Labels to be added to the internal controller service. |
 | controller.service.internal.loadBalancerClass | string | `""` | Load balancer class of the internal controller service. Used by cloud providers to select a load balancer implementation other than the cloud provider default. Ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class |
 | controller.service.internal.loadBalancerIP | string | `""` | Deprecated: Pre-defined IP address of the internal controller service. Used by cloud providers to connect the resulting load balancer service to a pre-existing static IP. Ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer |
 | controller.service.internal.loadBalancerSourceRanges | list | `[]` | Restrict access to the internal controller service. Values must be CIDRs. Allows any source address by default. |
diff --git a/charts/ingress-nginx/ci/controller-service-internal-values.yaml b/charts/ingress-nginx/ci/controller-service-internal-values.yaml
index 11108fbce9..01635e339a 100644
--- a/charts/ingress-nginx/ci/controller-service-internal-values.yaml
+++ b/charts/ingress-nginx/ci/controller-service-internal-values.yaml
@@ -9,5 +9,7 @@ controller:
 
     internal:
       enabled: true
+      labels:
+        external-dns.alpha.kubernetes.io/hostname: internal.example.com
       annotations:
         service.beta.kubernetes.io/aws-load-balancer-internal: "true"
diff --git a/charts/ingress-nginx/ci/controller-service-values.yaml b/charts/ingress-nginx/ci/controller-service-values.yaml
index 9039368c28..4ba3debbae 100644
--- a/charts/ingress-nginx/ci/controller-service-values.yaml
+++ b/charts/ingress-nginx/ci/controller-service-values.yaml
@@ -7,6 +7,10 @@ controller:
   service:
     type: NodePort
 
+    external:
+      labels:
+        external-dns.alpha.kubernetes.io/hostname: external.example.com
+
     nodePorts:
       tcp:
         9000: 30090
diff --git a/charts/ingress-nginx/templates/controller-service-internal.yaml b/charts/ingress-nginx/templates/controller-service-internal.yaml
index 24ac032acc..8d369526da 100644
--- a/charts/ingress-nginx/templates/controller-service-internal.yaml
+++ b/charts/ingress-nginx/templates/controller-service-internal.yaml
@@ -12,6 +12,9 @@ metadata:
   {{- if .Values.controller.service.labels }}
     {{- toYaml .Values.controller.service.labels | nindent 4 }}
   {{- end }}
+  {{- if .Values.controller.service.internal.labels }}
+    {{- toYaml .Values.controller.service.internal.labels | nindent 4 }}
+  {{- end }}
   name: {{ include "ingress-nginx.controller.fullname" . }}-internal
   namespace: {{ include "ingress-nginx.namespace" . }}
 spec:
diff --git a/charts/ingress-nginx/templates/controller-service.yaml b/charts/ingress-nginx/templates/controller-service.yaml
index c56d957b14..36d2e48847 100644
--- a/charts/ingress-nginx/templates/controller-service.yaml
+++ b/charts/ingress-nginx/templates/controller-service.yaml
@@ -12,6 +12,9 @@ metadata:
   {{- if .Values.controller.service.labels }}
     {{- toYaml .Values.controller.service.labels | nindent 4 }}
   {{- end }}
+  {{- if .Values.controller.service.external.labels }}
+    {{- toYaml .Values.controller.service.external.labels | nindent 4 }}
+  {{- end }}
   name: {{ include "ingress-nginx.controller.fullname" . }}
   namespace: {{ include "ingress-nginx.namespace" . }}
 spec:
diff --git a/charts/ingress-nginx/tests/controller-service-internal_test.yaml b/charts/ingress-nginx/tests/controller-service-internal_test.yaml
index 2680894069..c0ece07d54 100644
--- a/charts/ingress-nginx/tests/controller-service-internal_test.yaml
+++ b/charts/ingress-nginx/tests/controller-service-internal_test.yaml
@@ -61,3 +61,15 @@ tests:
       - equal:
           path: spec.trafficDistribution
           value: PreferClose
+
+  - it: should create a Service with labels if `controller.service.internal.labels` is set
+    set: 
+      controller.service.internal.enabled: true
+      controller.service.internal.annotations:
+        test.annotation: "true"
+      controller.service.internal.labels:
+        external-dns.alpha.kubernetes.io/hostname: internal.example.com
+    asserts:
+      - equal:
+          path: metadata.labels["external-dns.alpha.kubernetes.io/hostname"]
+          value: internal.example.com
diff --git a/charts/ingress-nginx/tests/controller-service_test.yaml b/charts/ingress-nginx/tests/controller-service_test.yaml
index 4741cdde9a..f3e8cf0302 100644
--- a/charts/ingress-nginx/tests/controller-service_test.yaml
+++ b/charts/ingress-nginx/tests/controller-service_test.yaml
@@ -62,3 +62,13 @@ tests:
       - equal:
           path: spec.trafficDistribution
           value: PreferClose
+
+  - it: should create a Service with labels if `controller.service.external.labels` is set
+    set:
+      controller.service.external.enabled: true
+      controller.service.external.labels:
+        external-dns.alpha.kubernetes.io/hostname: external.example.com
+    asserts:
+      - equal:
+          path: metadata.labels["external-dns.alpha.kubernetes.io/hostname"]
+          value: external.example.com
diff --git a/charts/ingress-nginx/values.yaml b/charts/ingress-nginx/values.yaml
index 9875b36933..ccebb9cebe 100644
--- a/charts/ingress-nginx/values.yaml
+++ b/charts/ingress-nginx/values.yaml
@@ -486,6 +486,8 @@ controller:
     external:
       # -- Enable the external controller service or not. Useful for internal-only deployments.
       enabled: true
+      # -- Labels to be added to the external controller service.
+      labels: {}
     # -- Annotations to be added to the external controller service. See `controller.service.internal.annotations` for annotations to be added to the internal controller service.
     annotations: {}
     # -- Labels to be added to both controller services.
@@ -574,6 +576,8 @@ controller:
     internal:
       # -- Enable the internal controller service or not. Remember to configure `controller.service.internal.annotations` when enabling this.
       enabled: false
+      # -- Labels to be added to the internal controller service.
+      labels: {}
       # -- Annotations to be added to the internal controller service. Mandatory for the internal controller service to be created. Varies with the cloud service.
       # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
       annotations: {}