Khóa học DNS Administration in WHM
Introduction to Managing DNS with WHMCourse Goals
When you complete this course, you will:
Understand the benefits and limitations of MyDNS and BIND, and be able to select the best one for various scenarios
Know how to manage DNS from within the WHM interface
Understand the basics of cPanel DNS Clustering and know how to implement a cluster
Troubelshooting Issues
After you complete this unit, you will be able to solve the followin issues:
My website doesn't resolve
My mail is going to the wrong server
Mail I send from my domain is being delivered to the spam box
I'm reseller and I want to set up a custom DNS record for all my customers
Unit Objectives
After you complete this unit, you will be able to:
Be able to explain what a nameserver is and how DNS works
How to list common resource records and what occurs when each type is missing or duplicated in a zone file
Terms to know
Nameserver
A piece of hardware or software that answers queries to the internet protocol's directory service which is known as the domain name system (DNS)
Authoritative
The nameserver who's answer is always considered accurate
The AA flag in a query respone shows that the answer is considered authoritative
Propagation
Movement of a change in DNS throughout the distributed system
Resolve
To accquire the resource record for a domain from a nameserver, whether that is an IP address or otherwise
Resource Record
Records used to explain the characteristics of a domain. These are stored in binary format (RFC1035), but sent across the network in a text format
What is a nameserver and why do I need it?
The use of a nameserver allows you to take an easy-to-remember domain, and return it's associated IP address, or enven vice versa, where you determine whether and IP address has reverse DNS infomation
stored for it on the nameserver
A nameserver is used for nearly every interaction on the internet. It's primary purpose is to translate domain names into IP addresses, but it is also one
of the methods used by email systems to determine your mail server's validity, as part of their spam prevention algorithms
Root Nameservers
A "root" nameserver acts as one of the nameservers for the root zone of the internet. It can take request for records in the root
zone, or alternatively, it can provide a list of authoritative nameservers for the associated TLD (top-level domain). These are the first step in handling domain-to-IP translation.
Registrars
The domain's registrar, who manages the WHOIS data for a registered domain, will send updated record data for
your domain to the TLD nameservers. When the domain's information or ownership has been changed,created, or removed.
This effectively makes the domain "exist" on the internet, and allows the root nameservers to redirect queries to the appropriate
place or return the appropriate information on the domain
The most important information replayed to the TLD nameservers is the nameservers that will be authoritative for your domain.
This step is important, because every domain on your server should have its nameservers set to your server at the registrar
(unless you are using a DNS cluster, in which case the cluster IPs should be set at the registrar).
In addition to domain names needing to ben registered, nameservers should also be registered with the registrar. This is
especially important when the nameservers for a domain is "under" the domain itself. For example, the nameservers for cpanel.net
are hg.cpanel.net, mn,cpanel.net, and c.cpanel.net. All these domains are "under" cpanel.net, so we need glue records
at the registrar to avoid a circular reference.
Because every registrar is different we cannot provide instructions on how to set up nameservers at your registrar.
Howerver, each registrar's website will gernerally contain intructions on how you can go about performing this procedure on that particular
registrar
In our documnetation, we have intructions on how to accomplish this on a few of the more popular registrars, including
DirectNIC, GoDaddy, eNom, Network Solutions and Register.com
https://documentation.cpanel.net/display/CKB/How+to+Set+Up+Nameservers+in+a+cPanel+Environment
How DNS gets you to a website
Replies to queries take the following path to return a response to the client:
Once the resolver has properly determined what IP the domain should be translated to, the IP is delivered to the client, which can then
proceed with connecting to the appropriate server, now that it has the address for the domain.
Propagation
Each ISP maintains its own caching nameservers, which store a local cache of the DNS zone for a domain to save time/load
from having to query the authoritative nameservers every time a domain is requested This cache is updated periodically (gernerally defined by TTL - "time to live")
and if a domain's serial number has changed on one of those updates, the new information will be loaded into that cache
Earlier in the internet's history, this could potentially take quite a while to complete, which resulted in sporadic
resolvability of a new or altered domain. However, these days the process typically completes much quicker than that, and
it's not uncommon to have a domain completely propgated and resolvable with minutes, instead of days.
Hostname
One of the first things you will set up on your server is the hostname. A hostname should ideally be a publicly resolvable, fully-qualified domain name (FQDN)
particularly if you intend to operate a mail server. With that in mind, though, an DQDN is not required, simply recommended,
so cPanel & WHM does not enforce this recommendation and allows you to set a hostname that is not a FQDN.
Remote mail servers, in a effort to reduce risk of spoofing and spam incidents will every frequently reply on
ability to confirm the validity of its hostname and its ability to verify that the server's IP address comes back to that hostname.
Hostname Zone
When setting up your server for the first time, because there are generally not going to be any pre-existing zones, it is likely that the creation of the hostname
and use of "create A record for hostname" functionality will result in a zone being created exclusively for the hostname, which -while functional is unnecessary.
If the second-level domain used in the hostname will be served from your server, you can simply create a corresponding A record from within the base domain's zone, once created, and remove
the hostname's zone afterwards so that there's no confusion on what's being served.
Resource Records
We've mentioned that you can add an A record, but what exactly is an A record?
And what types of the other records are there?
The records in a DNS zone are called resource records and there are quite a few of them. Here are a few of the most common types you might see on a cPanel server:
A (Address)
NS (Nameserver)
TXT (Text)
MX (Mail Exchange)
CNAME (Canonical Name)
We'll also discuss Time To Live entries (TTLs). Let's take a look at these now.
A (Address) Records
An "A" record is used in a zone to instruct servers to resolve a domain name to a corresponding IP address
At least one A record is required so that the second-level domain itself has instructions to translate to an IP address.
Otherwise, there is no real destination. In effect, this is a good way to point out that, ultimately, the goal is to find out what
the destination for your query is and that the IP address represents that destination.
If more than one A record are provided for the same domain or hostname, thay will be randomly selected to resolve for queries, which
can be used for load balancing or, to a less effective extent, redundacy.
NS (Nameserver) Records
The NS (Name Server) records in a DNS zone are used to define what should be considered as the authoritative nameservers
for that zone as a whole
If the NS records are missing from the zone, which if unchanged from the default they will not be, the zone will technically
fail a validity check perfomed by the DNS software, howerver the zone itself will still load
A typical zone should usually have at least 2 NS records defined for very basic redundancy. This is not required, but always
highly recommended. The ideal scenario is that you have two separate nameserverson two separate hosts, so that if an occurs on one host
the domain can still be resolved using the other host. This can be expanded as much as needed and there is no unreasonable limit on NS records
TXT (text) Records
A TXT record is essentially a way to provide arbitrary "notes" to outside sources. These may be notes meant for human
interpretation or they may be notes meant to be interpreted and processed by an application or machine, such as the case with SPF records
Services like Google Analytics and verification methods like SPF use TXT records in specific formats
and syntaxes to be parsed and used by an application to handle them appropriately.
TXT records are entirely optional and will not interrupt a zone's ability to load or update if missing.
The DKIM records that are present by default utilize TXT records
If you have more than one TXT record, they will all be displayed. Any application reading them should automatically
append any additional records
MX (Mail Exchange) Records
An MX record represents the " Mail Exchanger" that should be used for this zone in particular. The primary use of the MX
record of "domain.com" would be resolved
No comments: