Difference between revisions of "DNS"
Rootadminacc (talk | contribs) |
Rootadminacc (talk | contribs) m (→.gov.uk) |
||
(5 intermediate revisions by the same user not shown) | |||
Line 183: | Line 183: | ||
dig +trace domain.co.uk | dig +trace domain.co.uk | ||
== .gov.uk == | |||
A lot of .gov.uk are managed by https://www.ja.net | |||
To do a WHOIS lookup on .gov or .gov.uk domains, go to http://cqcounter.com | |||
== Installing PowerDNS == | == Installing PowerDNS == | ||
Line 221: | Line 227: | ||
=== Configure PowerDNS === | === Configure PowerDNS === | ||
<pre>vim /etc/powerdns/recursor.conf</pre> | In progress... | ||
<!-- <pre>vim /etc/powerdns/recursor.conf</pre> | |||
Uncomment the following lines: | Uncomment the following lines: | ||
Line 237: | Line 245: | ||
Add a domain and it's records: | Add a domain and it's records: | ||
<pre>INSERT INTO domains (name, type) values ('domain.co.uk', 'NATIVE', 'account'); | <pre>INSERT INTO domains (name, type, account) values ('domain.co.uk', 'NATIVE', 'account'); | ||
INSERT INTO records (domain_id, name, content, type,ttl,prio) VALUES (1,'domain.co.uk','localhost','SOA',86400,NULL); | INSERT INTO records (domain_id, name, content, type,ttl,prio) VALUES (1,'domain.co.uk','localhost','SOA',86400,NULL); | ||
Line 256: | Line 264: | ||
Test DNS by doing: | Test DNS by doing: | ||
dig @ | dig @localhost domain.co.uk NS --> | ||
== Issue creating subdomain == | == Issue creating subdomain == | ||
Line 269: | Line 277: | ||
Commonly in C:\Windows\System32\drivers\etc\hosts | Commonly in C:\Windows\System32\drivers\etc\hosts | ||
If you are Administrator but still can't edit the file, go to Start > search for notepad > right click it and Run as Administrator. Then go to File > Open and navigate to C:\Windows\System32\drivers\etc and Open the hosts file. You will then be able to save the file. | |||
Alternatively, install a program called HostsMan. | |||
== Most common DNS settings == | == Most common DNS settings == |
Latest revision as of 12:17, 2 May 2013
301 Redirect
http://www.123-reg.co.uk/support/answers/Domains/Web-Forwarding/how-do-i-add-301-permanent-web-forwarding-2520/
http://www.123-reg.co.uk/support/answers/what-is-the-difference-between-301-and-302-web-forwarding-2511/
Alternatively, place the following in your index page:
<?php Header( "HTTP/1.1 301 Moved Permanently" ); Header( "Location: http://serverIP" ); ?>
Add a DNS Record in Plesk 9 and 10
Plesk 9: http://www.webfusion.co.uk/support/answers/how-do-i-add-a-dns-record-to-my-vps-server-%E2%80%93-vps-2-0-plesk-9-2298/
Plesk 10: http://www.webfusion.co.uk/support/answers/how-do-i-add-a-dns-record-to-my-vps-server-%E2%80%93-vps-3-0-plesk-10-2382/
Best practice when moving sites
BIND
Key file error in Ubuntu
WARNING: key file (/etc/bind/rndc.key) exists, but using default configuration file (/etc/bind/rndc.conf)
To resolve on a WHM/cPanel server do:
mv /etc/rndc.conf /etc/backuprndc.conf cp /etc/named.conf /etc/backupnamed.conf
vim /etc/named.conf
Lines 1-5:
include "/etc/rndc.key"; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1 localhost; } keys { "rndc-key"; }; };
Then just do any rndc commands and it should not say the error any more.
Enable Query Logging
This can be used to check when nameservers on your server are queries for results, do:
rndc querylog
And then do:
tail -f /var/log/messages
You should then see entries such as this when the website is visited with a clear cache:
Sep 20 16:15:24 ftpuser named[2726]: client 81.21.76.12#49649: view external: query: domain.co.uk IN A + (37.122.208.32) Sep 20 16:16:20 ftpuser named[2726]: client 66.90.68.15#61686: view external: query: domain.co.uk IN A -ED (37.122.208.32) Sep 20 16:16:20 ftpuser named[2726]: client 66.90.68.15#58646: view external: query: domain.co.uk IN AAAA -ED (37.122.208.32) Sep 20 16:16:39 ftpuser named[2726]: client 93.113.174.225#34122: view external: query: domain.co.uk IN NS + (37.122.208.32) Sep 20 16:16:39 ftpuser named[2726]: client 93.113.174.225#38358: view external: query: domain.co.uk IN MX + (37.122.208.32) Sep 20 16:16:39 ftpuser named[2726]: client 93.113.174.225#44659: view external: query: adobe.com IN A + (37.122.208.32) Sep 20 16:16:39 ftpuser named[2726]: client 93.113.174.225#44659: view external: query (cache) 'adobe.com/A/IN' denied
To disable it do this again:
rndc querylog
DJBDNS Data file location
/usr/local/djbdns/var/data
cd /usr/local/djbdns/var
cat data.XXXXX | grep domain.co.uk
+ - A Z – SOA & - NS ‘ – TXT (used for SPF) @ - MX
Domain Alias
If a domain's DNS is correct and they are pointing it to a different domain, but the website content is different on the right URL, this means you will need to add a domain alias. Go to:
Hosting Services > Domains > Control Panel for the domain (should only be on entry so web forwarding works) Website and Domains tab > Show Advanced Operations Domain Aliases > Add Domain Alias > Enter the alternate domain name
This needs to be done through Plesk otherwise domain.com will not go to domainexample.com, vice versa or example.com to www.example.com
/etc/apache2/mods-enabled/dir.conf shows the default priority in which the index page is picked up and this should be set in the htaccess file as well.
DNS Settings and Records
- NS - specifies which are the DNS servers (NS = NameServers) for your domain. A nameserver is a program that maintains a list of your domain names and their corresponding IP addresses, allowing visitors to find the domains hosted on your server. They hold DNS records.
- A - Address. specifies IP addresses corresponding to your domain and its subdomains.
- MX - Mail Exchange. Specifies where the emails for your domain should be delivered.
- CNAME - Canonical Name. Specifies redirects from your domain's subdomains to other domains / subdomains.
- SPF - Sender Policy Framework (SPF) is an attempt to control forged e-mail. Uses the TXT record format.
- PTR - Pointer record. Pointer to a canonical name. Unlike a CNAME, DNS processing does NOT proceed, just the name is returned. The most common use is for implementing reverse DNS lookups, but other uses include such things as DNS-SD. Many mailservers, accordingly to RFC1912 2.1, will not accept mail from mailservers with no PTR (reverse DNS) entry.
- When someone looks up your IP, they are able to resolve it to hostname. Similar to when someone looks up your domain and the A record returns the IP
- SOA - Start Of [a zone of] Authority record. Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone.
Tools and Checks
Add an SPF record: http://www.123-reg.co.uk/support/support/answers/how-do-i-add-an-spf-record-to-my-domain-name-349/
Manage Domain > Advanced DNS, add a TXT record with @ in the first namefield and the string in the second.
Check SPF Syntax: http://www.mtgsy.net/dns/spfwizard.php/
How SPF records work: http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/
Add SPF for Gmail http://www.google.com/support/a/bin/answer.py?answer=178723/
Failover Nameservers
This is quite complicated, use http://www.intodns.com/ to check these settings afterwards. To explain this I will use this website as an example which runs off a Linux server. serverkb.co.uk was bought with 123-reg and the website content is hosted on server number one - 212.67.205.129.
serverkb.co.uk will use the 123-reg nameservers: ns.123-reg.co.uk and ns2.123-reg.co.uk by default and so we will use these two as part of four nameservers in total.
I have set up the nameservers ns.mymusicstation.co.uk and ns2.mymusicstation.co.uk on server number two - 37.122.208.32. Now to get this to work you need to:
- First - Add the domains that you want to have four nameservers (ns.123-reg.co.uk, ns2.123-reg.co.uk, ns.mymusicstation.co.uk and ns2.mymusicstation.co.uk) to the server which will run as a nameserver. In this case I have added serverkb.co.uk and mymusicstation.co.uk to server number two.
- Second - Setup server number two to have one domain run as the nameserver. In this case, mymusicstation.co.uk uses server number two for it's nameserver by having the following DNS records in place:
mymusicstation.co.uk. NS ns.123-reg.co.uk. mymusicstation.co.uk. NS ns2.123-reg.co.uk. mymusicstation.co.uk. A 37.122.208.32 mymusicstation.co.uk. NS ns.mymusicstation.co.uk. mymusicstation.co.uk. NS ns2.mymusicstation.co.uk. ns.mymusicstation.co.uk A 37.122.208.32 ns2.mymusicstation.co.uk A 37.122.208.32 serverkb.co.uk A 212.67.205.129
- Third - Setup the main domain that you are trying to have four nameservers for to have only the following DNS records:
@ A 212.67.205.129 serverkb.co.uk. NS ns.mymusicstation.co.uk. serverkb.co.uk. NS ns2.mymusicstation.co.uk.
- Fourth - In /etc/named.conf ensure you have the following so the SOA record syncs with the nameservers:
allow-transfer {"212.67.202.2";}; allow-transfer {"92.51.159.40";};
// Comment ns.123-reg.co.uk = 212.67.202.2 // Comment ns2.123-reg.co.uk = 92.51.159.40 // Comment After making the allow-transfer change run rndc reload
- Fifth - Ensure /var/named/yourdomain.co.uk.db has the right TTL, SOA nameserver (e.g. ns.123-reg.co.uk) and SOA Serial Value. Ensure /etc/nsd/nsd.conf or the bind configuration file has something like/similar the following:
database: /var/lib/nsd/nsd.db difffile: /var/lib/nsd/ixfr.db ip4-only: yes pidfile: /var/run/nsd/nsd.pid username: named xfrdfile: /var/lib/nsd/xfrd.state zonesdir: /var/named ip-address: 127.0.0.1 ip-address: 37.122.208.32 zone: name: "mymusicstation.co.uk" zonefile: "mymusicstation.co.uk.db" zone: name: "serverkb.co.uk" zonefile: "serverkb.co.uk.db"
And that /etc/rndc.key is something such as key "rndc-key" { algorithm hmac-md5; secret "=="; };
- Sixth - Run /usr/local/cpanel/scripts/updatenameserverips and check the following file if you have resolvers /etc/resolv.conf
- Seventh - Ensure the SOA Expire and Serial is the same at all nameservers and reverse DNS is set for your domain.
dig +trace domain.co.uk
.gov.uk
A lot of .gov.uk are managed by https://www.ja.net
To do a WHOIS lookup on .gov or .gov.uk domains, go to http://cqcounter.com
Installing PowerDNS
This is on an Ubuntu 12.04 server.
apt-get install pdns-server pdns-backend-mysql
Run through the install until it fails with:
mysql said: ERROR 1064 (42000) at line 1: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'type=InnoDB' at line 10
vim /etc/powerdns/pdns.d/pdns.local.gmysql
Change localhost to 127.0.0.1, then connect to MySQL with mysql -p and use your database:
use pdns
Then go to Section "1. Example: configuring MySQL" of this documentation until after the final GRANT ALL MySQL command. Then quit out of MySQL.
Test the connection to the database:
mysql -h 127.0.0.1 -u MySQLuser -Ddatabasename -p *password* quit
Start PowerDNS:
/etc/init.d/pdns start /etc/init.d/pdns status
Warning: Host names and the MNAME of a SOA records are NEVER terminated with a '.' in PowerDNS storage! If a trailing '.' is present it will inevitably cause problems, problems that may be hard to debug.
You will then need to install the PowerDNS Recursor:
apt-get install pdns-recursor
Configure PowerDNS
In progress...
Issue creating subdomain
If you get the following error when adding a subdomain in Plesk:
"The specified directory contains a service directory"
See if upgrading Plesk to the newest available version will help. Try to run the following commands within this thread: http://forum.parallels.com/showthread.php?t=105624
Please bear in mind in version 10.4.4 the way DNS zones work have changed: http://kb.parallels.com/en/112966
Hosts file
Commonly in C:\Windows\System32\drivers\etc\hosts
If you are Administrator but still can't edit the file, go to Start > search for notepad > right click it and Run as Administrator. Then go to File > Open and navigate to C:\Windows\System32\drivers\etc and Open the hosts file. You will then be able to save the file.
Alternatively, install a program called HostsMan.
Most common DNS settings
DNS Entry/Name/Host | Record Type | Destination/Target/Value/Content |
@ | A | Server IP Address |
* (Asterix) | A | Server IP Address |
ftp | CNAME | www |
A | Server IP Address | |
webmail | A | Server IP Address |
www | A | Server IP Address |
@ | MX (set Priority e.g. 0, 10 or 20) | mail.yourdomain.co.uk |
If your domain registrar is 123-reg to set the above records up; pick a domain, Manage > Advanced Domain Settings > Manage DNS > Advanced DNS.
It is always advised to use your domain registrars name-servers. In 123-reg this can be done going to Manage > Advanced Domain Settings > Change Nameservers > Set nameservers to 123-reg
Nameservers are DNS records that serve DNS records. The DNS records then tell browsers visiting your website which server to go to.
Nameserver Daemon (NSD)
Be aware if you use this DNS service it doesn't seem to listen on 0.0.0.0:53 and IP:53, only DNS locally at 127.0.0.1
To switch from NSD to BIND in WHM go to Service Configuration > Nameserver Selection
NSD Integration with cPanel
Setting up Nameservers in a cPanel & WHM Environment
Reverse DNS
Reverse DNS should propagate to the root name servers in 30-60 minutes. It is common to set this to a domain or mail.yourdomain.com
Set nameservers to point to your own server
Part of this process is done through the domain registrar. You need to change the nameserver to ns/ns2.domain.co.uk . To prevent circular dependencies GLUE records (an A record) need to be set too which are the nameserver -> VPS IP. Explanation
Setup the following DNS records in Plesk (in Websites & Domains > DNS Settings) or in WHM, this will set the server to be the nameservers for that domain. So you basically want this setup:
Host: yourdomain.co.uk NS record Value: ns1.yourdomain.co.uk Host: yourdomain.co.uk NS record Value: ns2.yourdomain.co.uk Host: ns1.yourdomain.co.uk A record Value: Server IP address Host: ns2.yourdomain.co.uk A record Value: Server IP address
If you have two IPs you can set the values to different IPs. Both nameservers can be on the same IP if you wish, it causes no problems.
The DNS settings within Plesk are only picked up if the VPS is it's own nameserver, however leave these as they are if you do manage the DNS through your domain registrar's control panel.
Sync DNS Zones with Plesk Database
cd %plesk_bin% dnsmng.exe update *
It will sync DNS zones for all domains with Plesk database data.
Website setup with www
If this has been done, you can add the following record to DNS:
@ A www
If this is picking up content from a different site, check in Tools and Utilities > IP Addresses to see what the IP address is set as and what the default site is. If there is more than one domain it needs to be set as Shared, not Dedicated. Setting the default site to the one with the issue can also help as well. If the default site is set to none, it may pick up the content from /var/www/vhosts/htdocs/default
The record: www CNAME domain can take over 1 hour to propagate.
If you try to add a domain alias for www in Plesk and it fails, remove the A/CNAME record in Plesk's DNS settings for that domain.
WHOIS privacy
WHOIS privacy on .com domains has to be paid for. .co.uk addresses can get it for free.
Notes
EPP key = Auth code
You need to renew a domain before transferring.
To point a subdomain at a server, normally you go into the domain registrars DNS control panel and add the example bit of example.testwebsite.com as an A record to the IP address of the server.
From CLI to check just the nameservers do:
whois domain.co.uk | grep -i -A 3 "name server"