Subdomain and # record - dns

I'm facing an interrogation on how to set up an # record for a sub DNS zone.
Imagine I have a domain example.com on my primary DNS servers.
I want to delegate the sub-zone france.example.com to a secondary external DNS server, so I create an NS record for this zone pointing to the correct server. This works.
I then want to declare the A record france.example.com on this secondary server.
It seems to me that this is not possible.
Can you confirm the correct workflow while trying to resolve this record?
The client asks its recursive DNS server for resolution.
The recursive DNS server determines who is the NS for example.com from the internet root servers.
The recursive DNS server asks the example.com name servers for the "france" record.
No issues for records xxx.france.example.com, they can be defined on the secondary server as the workflow changes this way :
The client asks its recursive DNS server for resolution.
The recursive DNS server determines who is the NS for example.com from the internet root servers.
The recursive DNS server determines who is the NS for france.example.com from the example.com servers.
The recursive DNS server asks the france.example.com name servers for the "xxx" record.
Any help would be greatly appreciated.

Related

Bypass subdomain limit by hosting own DNS server

The following is more theoretical than practical, I want to test if I have understood the DNS system.
I'm currently renting a domain, lets call it example.com, from a provider.
I also own a server with a static ip.
Using the webinterface of my domain provider, I created an A-Record for my domain to point to my server.
Now everyone pinging example.com will find that A-Record (that should distribute itself to serveral more DNS servers) and thus ping my server.
Now I want a subdomain, which points to a different ip address.
My provider on the other hand won't let me create subdomains.
I can simply host an own DNS server at example.com, where I can add (arbitraryly) many records for any domain that is a subdomain to example.com (so not only subdomain.example.com but also subdomain.subdomain.example.com).
Now, if someone pings subdomain.example.com the following will happen:
They go to their favourite DNS server, which has an entry for example.com by now (due to distribution, see above)
Since there is no entry for subdomain.example.com, the will send an DNS request on udp port 53 to the A-Record ip behind example.com (my server)
My server will reply with the correct ip of subdomain.example.com
They send their ping to the correct ip
Is my understanding correct?
It's not far off, but there are more subtle things under the hood. If you want to host your example.com zone yourself, then you need to have your parent (.com) have NS records that point to your nameserver on your static IP. You would need to register that within your parent through your registrar that you bought the DNS registration with.
.com would need to host:
example.com. NS myns.example.com
myns.example.com. A YOURIP
And in your zone running on your machine, you would need something like:
example.com. SOA ....
example.com. NS myns.example.com
myns.example.com. A YOURIP
subdomain.example.com A SUBDOMINIP
If "subdomain" (your wording) is actually supposed to be in another zone enirely, then you need to use NS/A records to point to its DNS server (which can be the same).
You might go look for a good tutorial about how the DNS works in general. It will take you a lot further.

Making nameserver for put domain on server ip

I have a domain and i want to set it to my server(centos 7).
I made a dns server by bind on my server and made 2 nameserver (ns1.myDomain.ir and ns1.myDomain.ir) and set it in my domain configuration, But i cant ping to my domain.
What is the problem?
At the domain registrar, you need to specify the authorised DNS server for your domain. My suggestion is to use the domain registrar's DNS server for resolution and create a zone file there for your domain and enter the A records and other records for your use case.
To have a domain working you don't need to setup your on DNS (bind) server.

Different name servers for different subdomains

Let's say I have a website example.com which I bought via a common domain registry nomcheap.com.
I want all traffic to a specific subdomain app.example.com to go to name server ns1.appserver.com so I can serve a specific user app.
I also want all other traffic (www.example.com, hello.example.com, *.example.com, etc.) to go to a different name server from a different provider ns1.squaresites.com so I can serve a general website (think something like a commerce Wordpress site).
None of the name servers are provided by the original domain registry nomcheap.com.
Is this possible? If so, any suggestions on how?
To point a subdomain to a name servers you need to create an NS record for the subdomain:
app.example.com NS ns1.appserver.com
This will make all queries go to ns1.appserver.com
*.example.com NS ns1.squaresites.com
The second record should catch all subdomains that don't have their own records (of any kind).
Delegating name server DNS responses can be done was the answer by #Lanexbg describes.
Realize that chaining your DNS lookups this way adds more time to DNS resolution and adds another potential point of failure in the resolution process. If the parent's name servers are down, they won't able to deliver the NS records to tell the client's resolver to continue the lookup process through a delegated name server.
Consider if using DNS "A" or "CNAME" records at the parent's DNS server would be acceptable alternative.
For more detail on how DNS resolution is delegated see this answer on serverfault.com:
How exactly should I set up DNS to delegate authority for subdomains?

Forward subdomain to my own name server Names.co.uk

I have a domain (for example test.example.com) that I wish to forward to my own network for Active directory purposes. The network already has a static IP address, and a DNS server set up that is successfully handling requests for the Domain controller internally.
What I can't figure out is how to set it up so that I can connect to the Domain Controller from outside my Local network.
We use Names.co.uk for hosting, I've been messing around with the DNS settings for about a week, but the names will not resolve. can anybody explain what I need to dO?
FYI I've tried adding the SRV records to the names.co.uk DNS server, but they do not resolve back to the DC, I've also tried adding a NS record for the names.co.uk DNS server to get my DNS to resolve it, but that doesnt seem to work either!
DNS is resolves names using a hierarchy, with each level requiring NS record listing the low-levels. E.g. test.example.com: the 'com' zone has NS records for the 'example.com' nameservers and the 'example.com' zone has NS records for the 'test.example.com' nameservers.
So, not knowing your domain name, I can't check how it resolves. But I can say that to make it visible to the rest of the world, you need to have NS records created in the parent domain which point to your own nameservers (which should also contain NS records for your domain to pointing to themselves).

Is it normal for a DNS server to not respond until the name servers are switched on the whois record?

I have someone telling me that DNS servers only start responding after the whois record is updated to point at their DNS servers. Is this normal behaviour? Or should a DNS server respond before the whois record is updated?
Also, once the domain is active, (so either after the domain is added or after the whois record is update, depending on the answer to the above question) how long till the name servers should start responding?
I'm not referring to the time that it takes to propagate acorss the internet, but just the time on the name server for the domain. I am also not concerned with when the rest of the internet sees the change, only wondering when that DNS server should respond when using a command such as:
nslookup www.example.com ns1.dnsserver.com
For the DNS servers to be found what you call the whois record must know where to find them.
Stricly speaking, the whois record contains much more than just the DNS servers for a domain, but let's not nitpick.
Say your DesktopA needs to connect to example.com, the following servers will be contacted, assuming the answer wasn't already cached by your ISP's DNS or the local machine.
DesktopA has DNS settings pointing to the ISP, so DektopA will ask the ISP's DNS servers if they know where example.com. is located (its IP).
ISP DNS server doesn't know, so it will contact the root domain database for com. (all Fully Qualified Domain Names end in a ., even though we generally don't use it explicitly, but you can try insert it in web requests, it should work fine).
This bootstrap list of global root servers is usually updated by the OS regularly.
The root servers will know which Top Level Domain TLD server to contact for each global domain such as .com, .org, .uk, etc.
In our example, the ISP will ask the root which server to query for com domains.
The root server answers with the IP address of one of the the .COM TLD servers.
The ISP DNS server will now contact the .COM TLD server and ask it where to find EXAMPLE.
The .COM database record for example.com will contain the 2 (or more) DNS servers registered along with the domain name example.com. These are part of your whois record.
The ISP now has the IP addresses of the DNS servers for example.com as setup in the whois. It will query the first one (or the second one if the first isn't available) and ask it: what's the IP of 'example.com'?
The DNS server for example.com will look in its records and return the A record defined for the example.com domain as IP 1.2.3.4 for instance.
Your ISP's DNS server will cache this information for a predetermined amount of time (TTL) and return the IP 1.2.3.4 to DesktopA.
Desktop A can now contact the server for example.com directly by its IP.
DesktopA may cache this information for a little while for fast lookup.
Tis would be the same for subdomains such as www.example.com or john.people.example.com. Everything before the domain example.com must be declared in your DNS server so when someone query for their address, your DNS server for example.com can look up the definitions and answer them (it could very well pass them on to another server as well if necessary).
In conclusion
So, to go back to your question, your whois record must be set with the proper DNS records for your domain before anyone can access them using that domain name.
DNS Servers operate completely separate from the Whois server. The relation of how fast DNS is updated after Whois depends completely on the registrar. A registrar or web host may update DNS within a second or 2 of a customer making a change in the control panel, or it may take minutes or hours if they make updates in batch mode.
Ideally all DNS changes that a customer request should happen very quickly on the DNS server (within a few seconds), but as you note, there may be a delay until changes propagate across the internet.

Resources