Your Webhosting Questions
Answered by the Webhosting Experts
Tags
...
...

DNS Configuration: Everything You Need to Know

This guide covers a variety of topics related to DNS, and is intended for beginners to intermediate level users. Starting with the basics every beginner needs to know, it provides instructions on various installation and configuration methods, as well as some advanced techniques that will help prevent future issues down the road.

If you have a specific question or issue you’re troubleshooting, use the table of contents to jump to the appropriate section below. If however, your goal is just to learn more about DNS in general, this guide will provide you with a greater understanding as well as some useful tips.

 

What is DNS? A Beginner’s Guide

DNS stands for Domain Name System. A Domain Name is a human language representation of an IP address. An IP Address is what every computer on the internet uses to address itself when interacting with other computers, using a network protocol called TCP/IP. IP (v4) addresses look like a series of numbers and decimal points, such as 123.123.123.12.

When someone types in a domain name like www.domain.com, their browser communicates with a series of root domain name servers that act as a reference book, providing the IP address associated with that domain name. The browser then uses that IP to communicate directly to the server that the website is hosted on.

In this way, DNS acts as a middle-man, translating user requests into IP addresses. This is what allows people to connect to websites over the internet. Without DNS, people would be required to memorize and enter long IP addresses when connecting to other websites instead of just typing in the website’s name.

 

DNS Terminology

The following is a list of important terms and concepts related to the Domain Name System.

  • TLD (Top Level Domain) – the TLD is the last part of a domain name, such as .com, .net, .org, a two letter country domain, or one of several other TLDs out there.
  • SLD (Second Level Domain) – the SLD is the most human readable part of the domain name. In a domain name like www.domain.com, “domain” is the SLD. An SLD can contain any alphanumeric character in it (a-z, 0-9), dashes or minuses ( – ), or underscores ( _ ), but it cannot have spaces between characters.
  • Sub-Domain (Third Level Domain) – sub-domains are technically called Canonical Domains (or CNAMEs) for short. A sub-domain is like having an extra domain name and can be almost anything you like. In a domain name like www.subdomain.domain.com, “subdomain” is the sub-domain. Other than that, it works the same as a regular domain name.
  • Addon Domain – an addon domain is a separate domain, hosted on your primary domain and controlled through the same control panel, which appears to visitors as a completely separate website. Addon domains allow site owners to host multiple websites without requiring separate control panels for each. To use addon domains, you must have registered domain names for each and they should all use the same name servers as your primary domain.
  • Parked Domain – a parked domain is a secondary domain name that points to your primary domain. These domains display the same website as your primary domains and do not have separate web statistics, but can have their own email boxes.

    For example, if you’re the owner of mywebsite.net, you can purchase mywebsite.com and set it up as a parked domain. In this example, should a user then search for your website with the “.com” instead of the “.net”, your parked domain would show them the same content as if they had gone to your primary domain.

  • A-Records (Address Records) – A-records are the most important part of a DNS record. A-records point to a specific IP address. Your short domain name (without the www), NS, and FTP should all have A-records. Subdomains sometimes have A-records too. An A-record can point to any IP-address.
  • CNAME-Records (Canonical Domain Records) – CNAMEs include subdomains and Aliases, and are used to point to a domain name or to a file within a domain. However, CNAMEs should always point to an A-record, not another CNAME. It is a common practice to create a CNAME for www and for subdomains that are actually hosted by your domain. CNAMES can also be used as temporary aliases to point your domain to another domain.

    *Note: when pointing a CNAME, always put a period after the domain (ie: ftp -> CNAME -> domain.com.)

  • MX-Records (Mail Exchange Records) – MX-records point to the name of an email server and hold a priority number for that server. MX-records must point to an A-record or in some situations an IP-address.

    For more information on MX-records, check out our guide on Configuring an MX Record.

  • PTR Record (Reverse DNS Record) – A PTR record is a reverse mapping from IP to name. For instance, when a lookup is made on the IP of 1.2.3.4, it should come back with host.mydomain.com. It is a very good idea to have the hostname of your server match the PTR record assigned to it’s IP. This can only be changed by the owner of the IP address.
  • DNS Cluster – A DNS cluster is a network of nameservers that share records between each other. This allows for a greater degree of physical separation between servers without sacrificing DNS functionality. When established correctly, it can even allow visitors faster access to a website by provided multiple outlets for processing DNS requests.

    For more information on DNS Clusters, check out our guide on Setting DNS Clusters in WHM.

  • Round Robin DNS – Round robin DNS is a method by which a DNS record has more than one value. The result is, when a request is made to the DNS server which serves this record, the answer given alternates for each request. For instance, if you had two webservers that you wished to distribute requests between, you could set up your DNS zone like this:

    www IN A 1.2.3.4

    IN A 2.3.4.5

    In this instance, when a query is made to the DNS server, it will first give the IP of 1.2.3.4 for the www host. However, the next time a request is made for the IP of www, it will serve 2.3.4.5. This process will alternate back and forth for each subsequent query.

    While a round robin DNS setup allows for greater load balancing, it should be noted that if one of the hosts becomes unavailable, the DNS server will not know this. Should this happen, the DNS will continue to alternate giving out the IP of the downed server.

 

Example DNS Record

The following is an example of what a sample DNS record might look like.

Host Name IP Address/URL Record Type
@ 123.123.123.12 A-Record
www domain.com. CNAME
ftp 123.123.123.12 A-Record
mail 123.123.123.12 A-Record
ns1 123.123.123.12 A-Record
ns2 123.123.123.13 A-Record
subdomain1 domain.com. CNAME
subdomain2 domain.com. CNAME

*Note: Don’t forget to put a period after the domain name like in the examples above.

 

How to Install and Configure DNS

Now you know more about the Domain Name System and what it does, but before you can start using it, you’ll need to know how to install and configure DNS. for the purposes of this guide we’ll be covering the DNS configuration and installation procedure specifically for an older Windows Server 2003. For information on installing DNS onto newer server models, check out our guide on How to Setup DNS Server on Windows Server 2012.

 

Preliminary Requirements for DNS Configuration

Before you can configure your DNS, you’ll need to gather some basic information. Some of these requirements must be pre-approved by InterNIC for use on the Internet. If you’re configuring your server for internal use only, you can decide which names and IP addresses to use yourself.

To start, you must have the following information:

  • Your domain name (approved by InterNIC)
  • The IP address and host name of each server that you want to provide name resolution for

*Note: Your servers may include mail servers, public access servers, FTP servers, WWW servers, and others.

Additionally, before you can configure your computer as a DNS, you’ll need to verify that the following conditions are true:

  • First, you’ll need to ensure that your operating system is configured correctly. In the Windows Server 2003 family, the DNS service relies on the correct configuration of the operating system and its services, such as TCP/IP. If you have a new installation of a Windows Server 2003 operating system, you can use the default service settings, removing the need to take additional action.
  • Next, make sure you’ve allocated all the available disk space.
  • Lastly, check that all existing disk volumes use the NTFS file system. FAT32 volumes are not secure, and do not support file and folder compression, disk quotas, file encryption, or individual file permissions.

 

DNS Installation

To install DNS, just follow these 4 steps:

  1. First, you’ll need to open the Windows Components Wizard. To locate the Windows Components Wizard:
    1. Click Start, -> Control Panel, and then click on Add or Remove Programs.
    2. Click Add/Remove Windows Components.
  2. In Components, select the Networking Services check box, and then click Details.
  3. In Subcomponents of Networking Services, select the Domain Name System (DNS) check box, click OK, and then click Next.
  4. If you are prompted, in Copy files from, type the full path of the distribution files, and then click OK.

Once this process is completed, DNS should begin installing.

 

DNS Configuration

To configure your DNS server, follow these 5 steps:

  1. First, you’ll need to start the Configure Your Server Wizard. To do so, click Start -> All Programs -> Administrative Tools, and then click Configure Your Server Wizard.
  2. On the Server Role page, click DNS server, and then click Next.
  3. On the Summary of Selections page, view and confirm the options that you have selected. The following items should appear on this page:
    • Install DNS
    • Run the Configure a DNS Wizard to configure DNS

    If the Summary of Selections page lists these two items, click Next.

    If the Summary of Selections page does not list these two items, click Back to return to the Server Role page, click DNS, and then click Next to load the page again.

  4. When the Configure Your Server Wizard installs the DNS service, it first determines whether the IP address for this server is static or is configured automatically. If your server is currently configured to obtain its IP address automatically, the Configuring Components page of the Windows Components Wizard will prompt you to configure the server with a static IP address. To do so perform the following actions:
    1. In the Local Area Connection Properties dialog box, click Internet Protocol (TCP/IP), and then click Properties.
    2. Next, click Use the following IP address, and then type the static IP address, subnet mask, and default gateway for this server.
    3. In Preferred DNS, type the IP address of this server.
    4. In Alternate DNS, either type the IP address of another internal DNS server, or leave this box blank.
    5. When you’ve finished setting up the static IP addresses for your DNS, click OK, and then click Close.
  5. After you Close the Windows Components Wizard, the Configure a DNS Server Wizard will start. In the wizard, follow these steps:
    1. On the Select Configuration Action page, select the Create a forward lookup zone check box, and then click Next.
    2. To specify that this DNS hosts a zone containing DNS resource records for your network resources, on the Primary Server Location page, click This server maintains the zone, and then click Next.
    3. On the Zone Name page, in Zone name, specify the name of the DNS zone for your network, and then click Next. The name of the zone is the same as the name of the DNS domain for your small organization or branch office.
    4. On the Dynamic Update page, click Allow both nonsecure and secure dynamic updates, and then click Next. This makes sure that the DNS resource records for the resources in your network update automatically.
    5. On the Forwarders page, click Yes, it should forward queries to DNS servers with the following IP addresses, and then click Next. When you select this configuration, you forward all DNS queries for DNS names outside your network to a DNS at either your ISP or central office. Type one or more IP addresses that either your ISP or central office DNS servers use.
    6. On the Completing the Configure a DNS Wizard page of the Configure a DNS Wizard, you can click Back to change any of your selected settings. Once you’re happy with your selections, click Finish to apply them.

After finishing the Configure a DNS Wizard, the Configure Your Server Wizard displays the This Server is Now a DNS Server page. To review the changes made to your server or to make sure that a new role was installed successfully, click on the Configure Your Server log. The Configure Your Server Wizard log is located at:

%systemroot%\Debug\Configure Your Server.log

To close the Configure Your Server Wizard, just click Finish.

 

Setting Up a DNS Forward Lookup Zone

Forward lookup zones are the specific zones which resolve domain names into IP addresses. If you’ve followed the configuration instructions above, your forward lookup zone should already be set up. If for some reason you need to set up a forward lookup zone after configuring your DNS, you can follow these instructions:

  1. First, open up DNS by navigating to the Start menu -> Administrative Tools -> DNS.
  2. Expand the server and right click Forward Lookup Zones and click New Zone.
  3. Click Next and select the type of zone you want to create.
  4. Select the method to replicate zone data throughout the network and click Next.
  5. Type in the name of the zone.
  6. Select the type of updates you want to allow and click Next.
  7. Once you’ve completed everything, click on Finish.

 

Changing the DNS Server for Network Interfaces

If you need to change the DNS server for different network interfaces, you can do so using the following:

  1. In Network Connections, right-click the local area connection, and then click Properties.
  2. In Local Area Connection Properties, select Internet Protocol (TCP/IP), and then click Properties.
  3. Click Use the following DNS server addresses, and in Preferred DNS server and Alternate DNS server, type the IP addresses of the preferred and alternate DNS servers.
  4. To add more DNS servers, click the Advanced button.

 

Flush the DNS Resolver Cache

A DNS resolver cache is a temporary database created by a server to store data on recent DNS lookups. Keeping a cache helps speed up the lookup process for returning IP addresses. You can use the command ipconfig /displaydns to see what entries are currently stored in your server’s cache.

Sometimes though, a virus will hijack a servers DNS cache and use it to re-route requests. This is sometimes referred to as cache poisoning, and is one of several reasons why you may want to flush the DNS cache.

To do so, enter the following command:

ipconfig /flushdns

When completed successfully, you should receive a message that says “Windows IP configuration successfully flushed the DNS Resolver Cache.”

 

Creating a DNS Entry for the Web Server

Obviously, one of the most important things about running a website is ensuring that it is accessible to users. Part of this process involves creating alias or CNAME (Canonical Name) records for the DNS server on which you’ve configured IIS (Internet Information Services). This step is important, because it makes sure that external host computers can connect to your Web server by using the “www” host name.

To create a new DNS entry, just follow these steps:

  1. First, you’ll need to open the DNS snap-in. To do this, click Start -> Administrative Tools -> DNS.
  2. Once you’ve opened DNS, expand “Host name” (where “Host name” is the host name of your DNS server).
  3. Expand the option labelled Forward Lookup Zones.
  4. Within the Forward Lookup Zones, right-click the zone you want (for example, domain_name.com) and then click New Alias (CNAME).
  5. In the Alias name box, type “www.”
  6. Lastly, in the Fully qualified name for target host box, type the fully qualified host name of the DNS server on which IIS is installed (for example, dns.domain_name.com).
  7. When you’ve finished, click OK to finalize your changes.

 

Creating a DNS Entry Using cPanel, WHM, or Plesk

Depending on your server’s setup, you may prefer to create your DNS entries using your server’s GUI control panel. The following is a list of links to articles that deal specifically with making new DNS entries using cPanel, WHM, or Plesk. If you use any of these three control panels, you might want to look over the corresponding article for more information on using DNS alongside your preferred control panel.

 

Secure Recursive DNS

A recursive look up is when a DNS server gets queried for a domain which it isn’t authoritative. For example, if you queried your nameserver for the domain yahoo.com, that would be a non-authorative or recursive lookup.

Based on this principle, DNS recursion, also known as having an open DNS server, is when your DNS server is available for DNS lookups for the general public. If you have an open DNS server, chances are higher your server will get abused by spammers. In addition, open DNS recursion is very resource consuming.

To lighten the load on your server and reduce potential risk, the following changes can be made to restrict recursive and caching lookups to only the IP blocks listed in the configuration. This can help reduce the risk associated with DNS exploitations used by hackers and malicious actors online.

First, you’ll need to follow the set of instructions specific to your server’s OS. We’ve included instructions for both Linux and Windows server users.

 

Linux Servers

To secure recursion on Linux servers running Bind, you’ll need to modify the file /etc/named.conf. *Note: before making any changes, please be sure to back up the file to ensure nothing is lost.

If you look at the example below, you’ll notice that the first line of “allow-recursion” is set up for the IP address 127.0.0.1. What this does is allow the local Linux machine to query this specific IP address (127.0.0.1), assuming the server has a nameserver 127.0.0.1 with which to query. Additionally, if you wanted to lock your DNS down even further, you can edit these lines to include only your required or preferred subnets.

options {
 recursion yes;
 allow-recursion { 127.0.0.1/32; };
 allow-query-cache { 127.0.0.1/32; };
}

After making any changes, you’ll need to restart Bind with the following command:

service named restart

or

/etc/init.d/named restart

 

Windows Servers

For Window Servers, if the local DNS server is not used for caching, then recursion needs to be disabled. Luckily, this is an easy change to make, involving a simple check mark in the DNS servers configuration settings.

If you need to turn DNS recursion off for your Bind installation, follow these steps:

  1. First, log in to your Windows server via Remote Desktop.
  2. Open the Windows DNS server console, by navigating to Start -> Administrative Tools -> DNS.
  3. In the console tree, right-click on the name of the DNS server you are making changes on.
  4. Select Properties which will open a new window, and then select the Advanced tab.
  5. Under Server Options select the Disable Recursion checkbox, then click the application’s OK or Apply buttons.

Now, recursion has been turned off for your DNS server. Should you ever wish to change this setting, simply repeat the above process and deselect the Disable Recursion checkbox.

 

In Closing and Further Reading

Now, you should have a better understanding of what DNS is and what it does, as well as the processes necessary to install and configure it. In addition, we’ve covered several more advanced DNS features including setting recursion and creating CNAMEs.

For further information on DNS, we’ve included a series of links to related articles in the list below. If you are facing issues not covered in this article, feel free to look over these or reach out to our support team for assistance.

DNS Related Links:

 

Popular Links

Looking for more information on DNS? Search our Knowledge Base!

Interested in more articles about Web Hosting? Navigate to our Categories page using the bar on the left or check out these popular articles:

Popular tags within this category include: DNS, FTP, IIS, MX Records, and more.

Don’t see what you’re looking for? Use the search bar at the top to search our entire Knowledge Base.

 

The Hivelocity Difference

Seeking a better Dedicated Server solution? In the market for Private Cloud or Colocation services? Check out Hivelocity’s extensive list of products for great deals and offers.

With best-in-class customer service, affordable pricing, a wide-range of fully-customizable options, and a network like no other, Hivelocity is the hosting solution you’ve been waiting for.

Unsure which of our services is best for your particular needs? Call or live chat with one of our sales agents today and see the difference Hivelocity can make for you.

Need More Personalized Help?

If you have any further issues, questions, or would like some assistance checking on this or anything else, please reach out to us from your my.hivelocity.net account and provide your server credentials within the encrypted field for the best possible security and support.

If you are unable to reach your my.hivelocity.net account or if you are on the go, please reach out from your valid my.hivelocity.net account email to us here at: support@hivelocity.net. We are also available to you through our phone and live chat system 24/7/365.

Tags +
...