NodeWorx DNS Guide

by InterWorx LLC

Overview

DNS, or domain name system, is the component of the Internet that translates hostnames (which are easily remembered by humans) into IP address (numeric values such as 207.32.181.140 for IPv4 or 2607:f8b0:4006:800::100e for IPv6) that computers need to correctly address and route Internet traffic. This system exists so that users can type an address such as www.interworx.com in their browser, and reach computer-readable number addresses. Large DNS servers for this purpose are generally provided by an end user’s ISP or perhaps a large public DNS such as Google DNS or OpenDNS. These large DNS servers, however, still need to be able to access DNS information quickly and easily so that the average Internet user can reach newly-created websites that you will be hosting on your InterWorx server. As a result, InteWorx provides an integrated DNS server so that you can create, edit, and maintain DNS information for any number of websites (typically this will be those that are hosted on your servers). This guide is for the system administrator who already understands the basics of DNS and wishes to understand the specifics of implementation of DNS on your InterWorx server.
For a more in-depth introduction to DNS and how it works, you may want to visit the Wikipedia entry on DNS at http://en.wikipedia.org/wiki/Domain_Name_System.
InterWorx has three main pages for interaction and control of its DNS server.

1 Overview Page

This is available at NodeWorx ▷ System Services  ▷ DNS Server  ▷  Overview

1.1 DNS Server information

The version of the DNS server installed. By default, InterWorx uses DJBdns, a DNS implementation created by Daniel J. Bernstein in response to security holes present in some older standard DNS software, BIND.

1.2 Default DNS Servers

Primary DNS, Secondary DNS, Tertiary DNS
These are the nameservers that you want your InterWorx server to handle. A typical set-up includes at the very minimum two named DNS servers, with a possibility of up to three for more redundancy’s sake. This is what is set as the nameservers for new SiteWorx accounts created on this server.

1.3 Zone Defaults

These are advanced DNS settings that control the timeout and expiration times for DNS lookups. The default settings should work for a majority of users.
  1. Refresh time sets the number of seconds that a slave will cache the record before re-checking the primary server. Recommended values are between 1200 (twenty minutes) and 43200 (twelve hours).
  2. Retry Time sets the number of seconds to retry a refresh after the previous refresh attempt fails. Recommended values are between 180 (three minutes) and 900 (fifteen minutes).
  3. Expire Time sets the number of seconds for refresh and retry attempts before the server will stop serving the zone. Per RFC 1912, recommended values are between 1209600 (two weeks) and 2419200 (four weeks). This value is only used by slave servers.
  4. Minimum TTL sets how often dns servers check back for changes to existing records. This is usually the server default but can be changed on an A Record by A Record basis.

1.4 SOA Serial Format

Advanced setting for DNS record formatting.
SOA is a “State of Authority” record that is required for all DNS zones that includes source host, contact email, refresh time, retry time, expire time, and minimum TTL (time to live) for the zone. InterWorx provides two options for the format of these records, the Tinydns default and a different recomendation by a DNS standardization organization. Either setting is acceptable in the majority of situations.

1.5 Active DNS Services

figure dns-activednsservices.png
This box holds all of the system IPs and determines whether or not a DNS service is installed, running, or halted. Similarly, DNS services can be removed and installed on a per IP basis. Lastly, the DNS cache can be flushed on this page. When a DNS serice is installed on an IP address determines whether that IP will respond to DNS requests on that IP. You may not need to have DNS services installed on each IP if that IP is not set to handle DNS requests. This is defined on a per-IP basis for large servers that have multiple IPs on them that may not necessarily be assigned to handle DNS queries.
It is typical for DNS servers to cache DNS queries in order to increase performance so that the server does not have to make network queries every time that DNS service is asked for information. You may wish to flush the DNS cache to make the service “forget” previously-saved DNS requests if it is reporting wrong or out of date information.

1.6 IP Addresses Without DNS Services.

If a DNS Service gets uninstalled for any reason on a system IP, InterWorx can reinstall it for you. If port 53 is not responding on your system, and the firewall is configured to let traffic through to that port, it is good to check that a DNS Service is installed on that IP. If traffic is being let through on your InterWorx server on the default DNS port of 53, but it not responding to DNS queries, it is possible that there is no DNS service installed on that IP.

2 Zones Page

This page lets you edit the DNS records of any SiteWorx account hosted on your InterWorx Server. InterWorx defines a DNS zone as the set of DNS records for a domain, including NS records, A records, CNAME records, PTR records, TXT records and SOA records for a specific domain.
This menu can be accessed from NodeWorx ▷ System Services  ▷ DNS Server  ▷ Zones
Figure 2.1 Adding an ’A’ record for our ns1 DNS server.
figure C:/home/dlloyd/git/iworx-docs/images/nodeworx/nw-dns-record-addA.png

2.1 Types of Records

2.1.1 A Record

An A Record points a hostname to an IPv4 address. This is the main record responsible for directing a browser’s hostname (human-readable) query to its IP address. This, in general should not be changed manually, as a correctly-configured InterWorx server will create the correct A record for all new domains.

2.1.2 AAAA record

An AAAA Record has the same purpose as an A record in pointing a hostname to an IP address, however, an AAAA record points a hostname to an IPv6 address, which will be the standard IP address system that was recently released and willl soon be the standard IP format for all domains in the future.

2.1.3 NS Record

An NS Record states the authoritative nameserver for the zone. When a domain is registerred at a domain registrar, the registrar will ask for the authoritative nameservers for that domain. This should be set as the nameservers that serve your domain as set at the registrar.

2.1.4 CNAME

A CNAME record, or Canonical Name record allows a domain to respond to more than one hostname. This is so that an end-user visting aliases such www.domain.com, mail.domain.com, or ftp.domain.com will be forwarded to the correct domain.com.

2.1.5 MX Record

An MX Record states the mailserver for the zone. This is so that when a user sends uses his mail client to send an email to emailbox@domain.com that the email is sent to the correct mailserver for domain.com. An interesting feature of MX records is that they have a preference number from 0-65535 that indicates the order in which mailservers should attempted to be reached. Lower numbers have preference. The typical number for a main mailserver is 10 while redundant mailservers will be set to 20 or 30. This is there for historical reasons to make sure that users recieved their mail. In practice, however, most modern domains have no issue, and usually require only one MX record with a preference of 10.

2.1.6 PTR record

A PTR record maps an IP back to a hostname. This is the “opposite” of an A record. The format of PTR records are a little strange; the octets of the IP address are reversed and .in-addr.arpa is added to the end. For example if the A record of example.com points to 12.34.56.78, the associated PTR record is 78.56.34.12.in-addr.arpa. Note that typically PTR records are handled by your ISP or data centers for security reasons including spam checking and guaranteeing that secure connections hit the correct IP. If this is the case, you must contact your ISP or data center to grant you control over your PTR records.

2.1.7 TXT record

A TXT record holds various extra information about a zone. One common time one will encounter them is if you enable SPF, an anti-spam mechanism which provides authentication information about the server in a TXT record. TXT records can hold any arbitrary human-readable to be distributed over DNS.

2.1.8 SOA (State of Authority) Records

The SOA record contains information that is required for all DNS zones that including source host, contact email, refresh time, retry time, expire time, and minimum TTL (time to live) for the zone. This is an advanced setting.

2.2 DNS Template

This is the template for default DNS records to be used when InterWorx creates a new SiteWorx account. This is useful so you, the server administrator, can count that DNS records will be created correctly anytime you create a new domain. This allows the server administrator to modify the default DNS records that are created with any new domain. Any reference to the template domain name (dns-template.com) will be replaced by the actual SiteWorx domain name. All references to the IP address 1.1.1.1 will be replaced by the actual SiteWorx IP address. All other hostnames and IPs will be left unchanged.

2.2.1 Sample configuration for example.com on IP 12.34.45.56

2.2.1.1 Configuration for a domain that has its own authoritative nameservers

For a domain that will have its own nameservers that will be the main page for your hosting company, say interworxhostingusa.com, you will want the following records, at a minumum. You will need two NS records, usually ns1.interworxhostingusa.com and ns2.interworxhostingusa.com, pointing to the authoritative nameservers as set at the registrar. Next, you will need an MX record, usually this will be mail.interworxhostingusa.com. CNAME records should also be included so that ftp.interworxhostingusa.com and www.interworxhostingusa.com will point to example.com. The two nameservers, ns1.interworxhostingusa.com, ns2.interworxhostingusa.com, the mailserver, mail.example.com, and example.com itself should all have A records that point to the domain’s IP address. It is also a good idea to include a PTR record of the form 56.45.34.12.in-addr.arpa (Note: when adding a PTR record, InterWorx will automatically reverse the octets and append them to include .in-addr.arpa when you enter the octets in the “normal” order. For example, adding a PTR record and entering 12.34.45.56 will cause InterWorx to automatically create a PTR record of the form 12.34.45.56.in-addr.arpa). Lastly, you must include an SOA record which will contain crucial data relating to how your DNS server communicates with others. InterWorx’s default settings are best, and only advanced users should change this.

2.2.1.2 Configuration for a domain that has uses another zone’s authoritative nameserver

If you run a main domain on your InterWorx server that is the front end to your hosting business, for example, interworxhostingusa.com with two nameservers, ns1.interworxhostingusa.com and ns2.interworxhostingusa.com and you have a new hosting customer who has registerred a domain, say, edsfancymoustachewax.com, the sample configuration will be a little different. When this client registers his domain, he should set his authoritative nameservers as ns1.interworxhostingusa.com and ns2.interworxhostingusa.com, two nameservers already present on your InterWorx server. You should set his DNS records as follows. You should set his two NS records to point to ns1.interworxhostingusa.com and ns2.interworxhostingusa.com. He should have an A record pointing edsfancymoustachewax.com to 12.34.45.56, an MX record pointing to mail.edsfancymoustachewax.com, at the very least two CNAME records pointing www.edsfancymoustachewax.com and ftp.edsfancymoustachewax.com to edsfancymoustachewax.com. The aliases, mail.edsfancymoustachewax.com and ftp.edsfancymoustachewax.com should have A records pointing to the IP 12.34.5.56. Similar to the earlier example, you should include an SOA record for this domain that includes the standard SOA information such information as contact information for the domain owner refresh times, and TTL (time to live times) for your DNS records.

2.2.1.3 Configuration for a domain that is not hosted on this InterWorx server

If you have multiple domains that are not hosted on this particular InterWorx server, you can add relevant records for that domain on the zones page provided that the domain owner has set the authoritative nameservers as ns1.interworxhostingusa.com and ns2.interworxhostingusa.com at the registrar. Your InterWorx server will handle DNS queries for said domain if you choose to manually add the records on the Zones page. This zone should have the same format for records as those provided in the prevvious example.
One you have DNS records created on the zones page, you can edit, delete, and view these records from the NodeWorx Zones page.

3 Synchronization Page

If you want some redundancy in DNS servers and have an external InterWorx DNS server with which you wish to synchronize, InterWorx can do this easily. This allows you to synchronize two or more InterWorx servers’ DNS functionality so that if one of the DNS services goes down, there will be a redundant service in place. This is available at NodeWorx  ▷  System Services  ▷ DNS Server  ▷  Synchronization

3.2.1 Add a DNS listening Server

First, verify that the correct Default Network Interface is selected at NodeWorx -> Server -> Settings. Select the Interface that implements the primary IP address of the server. You will need to enter the Hostname of the external server and the InterWorx API key for that server as generated in the Clustering guide. From here you can test connectivity as well as finalize the synchronization. Reminder: The API key is available at NodeWorx  ▷  Clustering  ▷  Setup.

3.2.2 Synchronized DNS Servers

The Synchronized DNS server section lists servers that are listening to this server for updates as well as servers that this server is listening to.

(C) 2017 by InterWorx LLC