Category:DNS

From Gr88erWiki

On this tab, you can create zones and DNS records for your domains. You can either do this by using the DNS Wizard (DNS > DNS Wizard > Add DNS Zone) which will automatically create a set of common DNS records for your domain (like www, mail, ns records, etc.), or you create the zones and records manually under DNS > DNS > Zones - you will also have to go there if you want to create further DNS records that are not created by the DNS Wizard.

DNS-Wizard

Add DNS-Zone

This is the wizard to create a new DNS zone. The form has the following fields:

  • Template: This refers to the templates that exist under DNS > DNS Wizard > Templates. These templates define what records will be created by default if you use the DNS Wizard. Let's assume we create a zone for the domain example.com - the Default template will create A records for example.com, www.example.com, and mail.example.com, two NS (nameserver) records, plus an MX (mail exchanger) record for example.com that points to mail.example.com.
  • Server: If more than one server is available, you can select the server on which the DNS zone will be located.
  • Client: Here you select the client that owns the new DNS zone.
  • Domain: Fill in the domain for which you want to create the zone, e.g. example.com - please note that you don't need a dot at the end, i.e., example.com. would work as well, but example.com (without the trailing dot) is sufficient.
  • IP Address: Fill in the IP address that example.com should point to - please note that www.example.com and mail.example.com will also point to that IP address (you can change that later on under DNS > DNS > Zones).
  • NS 1: Specify the hostname of the primary nameserver for the domain, e.g. ns1.somedomain.com. Again, no trailing dot is needed. ns1.somedomain.com must point to the server that you selected in the Server field.
  • NS 2: Specify the hostname of the secondary nameserver for the domain, e.g. ns2.somedomain.com. Again, no trailing dot is needed.
  • Email: Specify the email address of the zone administrator, e.g. zonemaster@somedomain.com.
  • DKIM: Enable this option to add a DKIM record for email signing automatically. The Record will get added to the DNS zone and also configured in the email domain settings. Read more about DKIM here: https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail
  • DNSSEC: Enable this option to sign the DNS Zone with DNSSEC. Read more about DNSSEC here: https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions
Zone-File Import

This form allows you to import an existing BIND zone file that you have as a text file on your client computer.

It supports NS, A, AAAA, CNAME, HINFO, MX, NAPTR, PTR, RP, SRV, and TXT records.

The form has the following fields:

  • Server: If more than one server is available, you can select the server on which the DNS zone will be located.
  • Client: Here you select the client that owns the imported DNS zone.
  • Domain: It is recommended that you fill in the domain for which you want to create the zone, e.g. example.com - please note that you don't need a dot at the end, i.e., example.com. would work as well, but example.com (without the trailing dot) is sufficient. If you don't fill in the domain here, the control panel tries to read the domain from the $ORIGIN line of your zone file, and if that doesn't exist, from the SOA line. If the SOA line doesn't contain the domain name (for example because it begins with an @), the control panel generates the domain name from the zone file name. For example, if your zone file is named example.com.txt or example.com.zone, the domain name would be example.com. But if your zone name is named pri.example.com.txt or doesn't even contain your domain name, the control panel would get a wrong value from the file name. Therefore it is recommended to fill in the domain name in this field.
  • Zone File: Select the zone file to upload from your local hard drive.

After a successful import, you can find the zone and its records under DNS > Zones (see Zones). Please note that the original NS records replace with the correct new values, depending on which server you choose in the Server field.

Templates

Here you can create templates for the DNS Wizard. A template defines what records will be created by default if a new zone is created with the DNS Wizard.

To create a new template, click on the Add new record button. This will lead you to the DNS Wizard template form with the tab DNS Template.

DNS Wizard template

The form contains the following fields:

  • Name: Specify a name for the template.
  • Fields: Here you can select what fields will be visible in the DNS Wizard form (Domain, IP Address, NS 1, NS 2, Email, DKIM, DNSSEC). For example, if you decide to hard-code the nameservers and the zonemaster email address into the template, it doesn't make sense to show those fields in the DNS Wizard.
  • Template: Fill in your template. As an example, here is the Default template:
[ZONE]
origin={DOMAIN}.
ns={NS1}.
mbox={EMAIL}.
refresh=28800
retry=7200
expire=604800
minimum=86400
ttl=86400
[DNS_RECORDS]
A|{DOMAIN}.|{IP}|0|86400
A|www|{IP}|0|86400
A|mail|{IP}|0|86400
NS|{DOMAIN}.|{NS1}.|0|86400
NS|{DOMAIN}.|{NS2}.|0|86400
MX|{DOMAIN}.|mail.{DOMAIN}.|10|86400 As you see, a template consists out of two stanzas, [ZONE] and [DNS_RECORDS].

In the [ZONE] stanza, you specify values for origin, ns1, mbox, refresh, retry, expire, minimum, and ttl in the form name=value.

  • origin: The name of this zone. Make sure you use a trailing dot, e.g. example.com. or {DOMAIN}.
  • ns: The name of the name server that is the original or primary source of data for this zone. Make sure you use a trailing dot.
  • mbox: A name which specifies the mailbox of the person responsible for this zone. If you don't use the {EMAIL} placeholder, this should be specified in the mailbox-as-domain-name format where the @ character is replaced with a dot, e.g. zonemaster.example.com. (for zonemaster@example.com). Make sure you use a trailing dot.
  • refresh: The number of seconds after which slave nameservers should check to see if this zone has been changed. If the zone's serial number has changed, the slave nameserver initiates a zone transfer.
  • retry: This specifies the number of seconds a slave nameserver should wait before retrying if it attempts to transfer this zone but fails.
  • expire: If for expire seconds the primary server cannot be reached, all information about the zone is invalidated on the secondary servers (i.e., they are no longer authoritative for that zone).
  • minimum: The minimum TTL field that should be exported with any record from this zone. If any record has a lower TTL, this TTL is sent instead.
  • ttl: The number of seconds that this zone may be cached before the source of the information should again be consulted. Zero values are interpreted to mean that the zone should not be cached.

In the [DNS_RECORDS] stanza, you specify all records that should be created by default, one record per line. A line has the following format: type|name|data|aux|ttl

As you see, there are five fields, separated by a pipe character (|). This is the meaning of the five fields:

  • type: The type of record (A, AAAA, ALIAS, CNAME, HINFO, MX, NS, PTR, RP, SRV, TXT).
    • A: An IPv4 host address. The data column should contain the IP address (in numbers-and-dots format) associated with the name.
      - Example: 192.168.1.88
    • AAAA: An IPv6 host address. The data column should contain the IPv6 address associated with the name.
      - Example: 3ffe:b00:c18:3::a
    • ALIAS: A server-side alias. An alias is like a CNAME, only it is handled entirely by the server. The data column should contain the hostname aliased by name. Aliases can be used in place of A records. The client will only see A records and will not be able to tell that aliases are involved. The hostname specified by data must exist in the database. It can be useful to use aliases for everything. Use A records for the canonical name of the machine and use aliases for any additional names. This is especially useful when combined with automatic PTR records. If a single IP address is only used for one A record, then there will never be any confusion over what the PTR record should be.
      - Example: albuquerque.example.com. (FQDN)
      - Example: albuquerque (hostname only)
    • CNAME: The canonical name for an alias. The data column should contain the real name of the machine specified by name. data may be a hostname or an FQDN.
      - Example: porcini.example.com. (FQDN)
      - Example: porcini (hostname only)
    • HINFO: Host information. The data column should contain two strings that provide information about the host specified by name. The first string specifies the CPU type, and the second string describes the operating system type. The two strings should be separated by a space. If either string needs to contain a space, enclose it in quotation marks.
      - Example: "Pentium Pro" Linux
    • MX: Mail exchanger. The data column should contain the hostname or FQDN of a mail server which will accept mail for the host specified by name. The aux column should contain a preference for this mail server. Mail transfer agents prefer MX records with lower values in aux.
      - Example: mail.example.com. (FQDN)
      - Example: mail (hostname only)
    • NS: An authoritative nameserver. The data column should contain the hostname or FQDN of a server which should be considered authoritative for the zone listed in name.
      - Example: ns1.example.com. (FQDN)
      - Example: ns1 (hostname only)
    • PTR: A domain name pointer. These records, used only with IN-ADDR.ARPA zones, should contain the canonical hostname of the machine referred to by name in data.
      - Example: webserver.example.com.
    • RP: A responsible person. The data column should contain the DNS-encoded email address of the person responsible for the name requested, then space, then a hostname that should return a TXT record containing additional information about the responsible person. If there is no such TXT record, the second value should contain a dot (.).
      - Example: webmaster.example.com. contactinfo.example.com.
    • SRV: Server location. Specifies the location of the server(s) for a specific protocol and domain. The data column must contain three space-separated values. The first value is a number specifying the weight for this entry. A second field is a number specifying the port on the target host of this service. The last field is a name specifying the target host. The aux column should contain the priority of this target host. Targets with a lower priority are preferred. For more information, read RFC 2782.
      - Example: 0 9 server.example.com. (FQDN)
      - Example: 0 9 server (hostname only)
    • TXT: A text string. The data column contains a text string that is returned only when a TXT query is issued for the host specified by name. TXT records can be used for SPF records.
      - Example: This is a string.
      - Example: v=spf1 a mx ptr -all (SPF record)
  • name: The name that this record describes. Wildcard values such as * or *.sub are supported, and this field can contain an FQDN or just a hostname. If you specify an FQDN, the name must end with a dot; if you specify just a hostname, it must not end with a dot. It may contain out-of-zone data if this is a glue record. Examples:
    - foo
    - foo.example.com.
    - {DOMAIN}.
    - www
  • data: The data associated with this record, e.g. an IP address for A records, a hostname/FQDN for CNAME/MX/NS records, etc. Please note that an MX record must always point to a hostname/FQDN that has an A record - CNAME records are not allowed.
  • aux: An auxiliary numeric value in addition to data. For MX records, this field specifies the preference. For SRV records, this field specifies the priority. Specify 0 for all other records.
  • ttl: The time interval (in seconds) that this record may be cached before the source of the information should again be consulted. Zero values are interpreted to mean that the record can only be used for the transaction in progress, and should not be cached.

The following placeholders are available in a template and will be replaced with the value of the corresponding field in the DNS Wizard: {DOMAIN}, {IP}, {NS1}, {NS2}, and {EMAIL}.

  • Visible: This defines whether this template is visible (i.e., can be selected) in the DNS Wizard or not.

DNS

Zones

Here you can create DNS zones manually (if you are experienced enough with DNS and don't want to use the DNS Wizard) and modify existing DNS zones (that were created, for example, with the DNS Wizard).

To create a new DNS zone, click on the Add new DNS Zone manually button. This will lead you to the DNS Zone form with the tabs DNS Zone and Records.

DNS Zones · Records

Secondary DNS

Secondary DNS-Zones

Here you can create secondary (slave) zones, i.e., zones for which another server is the primary (master) nameserver. A slave zone will then automatically be transferred from the master to the slave so that both servers hold the same information about the zone. If the master fails, the slave can still answer DNS requests.

To create a new slave zone, click on the Add new secondary DNS Zone button. This will lead you to the Secondary DNS Zone form with the tab Secondary DNS Zone.

The form has the following fields:

  • Server: If more than one server is available, you can select the server on which the secondary DNS zone will be located.
  • Client: Here you select the client that owns the new secondary DNS zone.
  • DNS Zone: Fill in the domain for which you want to create the secondary zone, e.g. example.com. - please note that you need a dot at the end.
  • NS: Specify the IPv4 address of the primary nameserver for the domain, e.g. 1.2.3.4.
  • Allow zone transfers to these IPs (comma separated list): This field can contain one or more IP addresses separated by commas. These IP addresses will be allowed to connect to the server to transfer the zone. If no IP is specified, any server is allowed to connect. Usually, you can leave this field empty because all slave DNS servers for this zone should contact the master DNS server for the zone, not another slave server.
  • Active: This defines whether this secondary DNS zone is active or not.

Pages in category "DNS"

The following 2 pages are in this category, out of 2 total.