DNS Manager Documentation

Page tree

Specifies a host which should be authoritative for the chosen class. This page explains how to add, edit and remove DNS records.

Overview

Records can be added only for zones added from the DNS Manager control panel.

In order to manage DNS records for a DNS zone, click the chosen DNS zone name. The DNS Zone management page will open and the following details will be displayed: 

  • DNS Zone type: This field displays the type of the DNS zone, which can be Master or Slave. It also displays the number of Transfer IPs for Master zones and the number of Master IPs for Slave zones.
  • Hosts in this zone: Displays the first and last available IP (these parameters depend on the reverse zone IP class).

Hosts in this zone is displayed only for reverse DNS zones.

  • Last DNS Zone update: This field displays the date when the DNS zone was last updated by the user or from the remote update location.
  • Last DNS Zone update source: The source of the last update. The DNS zone can be updated from the interface or from a remote update location. If the zone was update from a remote location, the icon is displayed. Click this icon to access the configuration page of the respective remote update location.

You can add new DNS records, view and delete existing records. Click the DNS zone name to manage the Zone records.

For Slave DNS zones, you cannot add records and the current records are not displayed because the actual DNS records are transferred from the master server(s).

In the list of existing DNS records, the following details are available:

  • S: Indicates if the record is enabled or disabled. The green  icon indicates that the record is enabled. Click it to disable it. The red icon indicates that the record is disabled. Click it to enable it. The gray icon indicates that the record has been temporarily disabled by Round Robin, which hasn't been able to access it.

The records status can be modified only for zones added from the DNS Manager control panel.

  • P: Indicates if there are any Round Robin polls monitoring the record. The blue  icon indicates there are Round Robin polls set up for the corresponding record. If you click it, the Round Robin polls management page for the record will open.

The gray icon indicates there are no Round Robin polls set up for the corresponding record.

This column is available only for Forward Zones added from the DNS Manager control panel.

  • Host: This field displays the host name or IP address of every DNS record.
  • Record Type: This is the type of the DNS record. There can be several types of records, based on the DNS Zone type.
Record TypeDetails
IP Address (A)

Maps a hostname to a 32-bit IPv4 address.

Type A rules have the following format:

hostname. IN A XXX.XXX.XXX.XXX

where:

  • XXX.XXX.XXX.XXX is the IP address for the hostname.
  • hostname. is the zone name or one of its subdomains.

Examples:

domain.com. IN A 1.2.3.4
subdomain.domain.com. IN A 1.2.3.4
domain.com. IN A [IP]

Click here for more info on this type of record.

AAAA record (AAAA)

Maps a hostname to a 128-bit IPv6 address.

AAAA rules have the following format:

hostname. IN AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA

where:

  • AAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA is the IPv6 address for the hostname.
  • hostname. is the zone name or one of its subdomains.

Examples:

domain.com. IN AAAA abcd:1234:ffff:0:12:3:ab1:aa
subdomain.domain.com. IN AAAA abcd:1234:ffff:0:12:3:ab1:aa

Click here for more info on this type of record.

Certification Authority Authorization (CAA)

Specifies one or more Certification Authorities (CAs) authorized to issue certificates for that domain.

CAA rules have the following format:

hostname. IN CAA flags tag value

where:  

  • flags is an unsigned integer between 0 and 255. It is currently used to represent the critical flag, that has a specific meaning per RFC.
  • tag is an ASCII string that represents the identifier of the property represented by the record
  • value is the value associated with the tag.

The CAA record consists of a flags byte and a tag-value pair referred to as a ‘property’. Multiple properties may be associated with the same domain name by publishing multiple CAA records at that domain name.


There are 3 available tags:

  • issue: explicity authorizes a single certificate authority to issue a certificate (any type) for the hostname.
  • issuewild: explicity authorizes a single certificate authority to issue a wildcard certificate (and only wildcard) for the hostname.
  • iodef: specifies a URL to which a certificate authority may report policy violations.

Examples:

example.com. IN	CAA	0 issue ";"
example.com.  CAA 0 issue "letsencrypt.org"
example.com.  CAA 0 issuewild "comodoca.com"
example.com.  CAA 0 iodef "mailto:example@example.com"
Alias for record (CNAME)

Canonical name record is an alias (or nickname) of one name to another.

The A record to which the alias points can be either local or remote - on a foreign name server. This is useful when running multiple services (like an FTP and a webserver) from a single IP address.

Each service can then have its own entry in DNS (like ftp.example.com. and www.example.com.). It is also used when running multiple HTTP servers, with different names, on the same physical host.

CNAME rules have the following format:

hostname. IN CNAME servername.

where:

  • hostname. is the zone name or one of its subdomains
  • servername. is a fully qualified domain name (FQDN) either inside or outside the zone.

Examples:

ftp.domain.com. IN CNAME inside.domain.com.
ftp1.domain.com IN CNAME outside.zone.com.
k1._domainkey.domain.com IN CNAME dkim.zone.com.

RFC 1034 states: “If a CNAME record is present at a node, no other data should be present; this ensures that the data for a canonical name and its aliases cannot be different.” In order for these requirements to be met in DNS Manager, the value specified in the Zone alias name field of the CNAME record cannot be set for the DNS Zone name filed in NS, A, AAAA, SRV, CNAME and TXT records or for the Zone email field in an MX record.

Click here for more info on this type of record.

Nameserver (NS)

Maps a domain name to a list of DNS servers authoritative for that domain. Delegations depend on NS records.

NS rules have the following format:

hostname. IN NS servername.

where:

  • hostname. is the zone name or one of its subdomains
  • servername. is a domain name which specifies an

authoritative host for the specified hostname.

Examples:

domain.com. IN NS ns1.example.com.
domain.com. IN NS ns2.example.com.

The NS records of $ORIGIN are displayed in bold characters. DNS Manager allows to choose in the interface which is the primary nameserver on a zone (required for some local TLDs). In order to set up an NS record as primary check Make primary when you add/edit the desired NS record.

For BIND to take a DNS zone into consideration, at least one NS record must be defined for $ORIGIN in the respective zone.

For best practice, it is recommended to have at least two NS records defined for each public domain.

Click here for more info on this type of record.

Mail exchanger (MX)

Maps a domain name to a list of mail exchange servers for that domain.

MX rules have the following format:

hostname. IN MX preference servername.

where:

  • hostname. is the zone name or one of its subdomains
  • preference indicates the hostname's priority. The lower the preference,
    the higher the priority. This parameter accepts values between 0 and 50.
  • servername. is a fully qualified domain name (FQDN) inside the zone

Examples:

mail.domain.com. IN MX 10 domain.com.
webmail.domain.com. IN MX 5 domain.com.

Click here for more info on this type of record.

Text record (TXT)

Allows an administrator to insert arbitrary text into a DNS record. This has been used to implement new functions with DNS support without allocating new Record Types. For example, this record is used to implement the Sender Policy Framework and DomainKeys specifications.

TXT rules have the following format:

hostname. IN TXT "Text information"

where:

  • hostname. is the zone name or one of its subdomains
  • "Text information" can be any type of string including strings generated by SPF Rules

Examples:

domain.com. IN TXT "k=rsa; p=MEwwDQYerwqEWwE"
subdomain.domain.com. IN TXT "this is a test"

Click here for more info on this type of record.

Service record (SRV)

Specifies the location of the server(s) for a specific protocol and domain.

SRV rules have the following format:

_Service._Protocol.Hostname. IN SRV TTL Priority Weight Port Target

where:

  • Service is the symbolic name of the desired service. You can find a list of the available services at http://www.dns-sd.org/ServiceTypes.html.
  • Protocol is the protocol of the desired service. This is usually TCP or UDP, but 4PSA DNS Manager supports all the protocols listed here http://www.iana.org/assignments/protocol-numbers.
  • Hostname. is the domain name for which the record is valid.
  • TTL is the standard DNS time to live field. If there is no TTL specified for the record, the TTL value for the zone will be employed.

  • Priority is the priority of the target host. The lower the value, the
    higher the priority level.

  • Weight indicates a relative weight between records with the same
    priority.

  • Port is the port on which the service is to be found.

  • Target is the domain name of the target host.

    The Target parameter can not be an alias (CNAME). When Target is set to . the service is unavailable.

Examples:

_service._tcp.domain.com. IN SRV 0 1 9 subdomain.domain.com.
*._tcp.domain.com. IN SRV 0 0 0 .

on TCP protocol

Click here for more info on this type of record.

NAPTR record (NAPTR)

Naming Authority Pointers.

NAPTR rules have the following format:

order preference services flag regexp replacement

where:

  • order indicates the order in which records are to be processed when a query returns multiple NAPTR records
  • preference indicates the processing order for multiple records with identical order
  • services indicate the resolution protocol and resolution services employed when applying a rewrite according to the regexp or replacement field
  • flag is a modifier that affects the next DNS lookup
  • regexp is the primary field used for rewrite rules
  • replacement is a secondary field used for rewrite rules

Examples:

domain.com. IN NAPTR 100 10 "u" "sip+E2U" "!^.*$! sip:information@foo.se!i" .
subdomain.domain.com. IN NAPTR 102 10 "u" "smtp+E2U" "!^.*$! mailto:information@foo.se!i" .

Click here for more info on this type of record.

Record TypeDetails
Nameserver (NS)

Specifies a host which should be authoritative for the specified class. For class C reverse zones, 4PSA DNS Manager accepts NS records for $ORIGIN and supports classless delegation records, as described in RFC 2317, chapter 4.

The NS records of $ORIGIN are displayed in bold characters. DNS Manager allows to choose in the interface which is the primary nameserver on a zone (required for some local TLDs). In order to set up an NS record as primary check Make primary when you add/edit the desired NS record.

For BIND to take a DNS zone into consideration, at least one NS record must be defined for $ORIGIN in the respective zone.

For best practice, it is recommended to have at least two NS records defined for each public domain.

Class A and B zones support NS records for $ORIGIN and inferior class zones and do not support classless delegation records.
For class C reverse zones, 4PSA DNS Manager automatically generates CNAME records that correspond to the NS records created for classless delegation records. If the Automatically generate CNAME records for delegated subnets checkbox is selected, then the CNAME records will be automatically generated. This checkbox is available only for NS records with a subnet mask lower than 24 (having a numeric value higher than 24).

NS rules have the following format:

ip_part.host_ip_addr.in-addr.arpa. IN NS servername.

where:

  • host_ip_addr.in-addr.arpa. is the zone name.
  • ip_part is the IP section that completes the IP address when prepended to host_ip_addr (for class A, B and D zones, and for class C $ORIGIN NS).
  • for classless delegation records, ip_part is the IP section that completes the IP address when prepended to host_ip_addr including the subnet mask.
  • servername. is a domain name which specifies an authoritative host for the specified zone.

Examples:

1.2.3.in-addr.arpa. IN NS ns2.server.com.
1.2.3.in-addr.arpa. IN NS ns3.server.com.
0/29.1.2.3.in-addr.arpa. IN NS example.com.

Click here for more info on this type of record.

Reverse record (PTR)

Maps an IPv4 address to the canonical name for that host. Setting up a PTR record for a hostname in the in-addr.arpa. domain that corresponds to an IP address implements reverse DNS lookup for that address.

PTR rules have the following format:

IPaddress IN PTR hostname.

where:

  • IPaddress is the IPv4 address in the IN-ADDR.ARPA. domain
  • hostname. is the corresponding location in the domain name space

Examples:

5.1.2.3.in-addr.arpa. IN PTR test.com.

Click here for more info on this type of record.

Alias for record (CNAME)

A canonical name record is an alias of one name to another. According to RFC 2317, CNAME records are only supported in C class reverse zones. CNAME rules have the following format:

ip_part.network.host_ip_addr.in-addr.arpa. IN CNAME ip_part.host_ip_addr.in-addr.arpa.

where:

  • ip_part is the IP section that completes the IP address when prepended to host_ip_addr
  • network is the subnet mask
  • host_ip_addr.in-addr.arpa. is the zone name

Examples:

0.1.2.3.in-addr.arpa. IN CNAME 0.0/29.1.2.3.in-addr.arpa.
1.1.2.3.in-addr.arpa. IN CNAME 1.0/29.1.2.3.in-addr.arpa.
...
7.1.2.3.in-addr.arpa. IN CNAME 7.0/29.1.2.3.in-addr.arpa.

Click here for more info on this type of record.

Text record (TXT)

Allows an administrator to insert arbitrary text into a DNS record. This has been used to implement new functions with DNS support without allocating new Record Types. For example, this record is used to implement the Sender Policy Framework and DomainKeys specifications.

TXT rules have the following format:

ip_part.host_ip_addr.in-addr.arpa. IN TXT "Text information"

where:

  • ip_part is the IP section that completes the IP address when prepended to host_ip_addr
  • host_ip_addr.in-addr.arpa. is the zone name
  • "Text information" can be any type of string

Examples:

4.1.2.3.in-addr.arpa. IN TXT "This is a test"

Click here for more info on this type of record.

Record TypeDetails
Nameserver (NS)

Specifies a host which should be authoritative for the chosen class.

The NS records can be defined only for $ORIGIN.

The NS rules have the following format:

ipv6_part.host_ipv6_addr.IP6.ARPA. IN NS servername.

where:

  • ipv6_part is the IP section that completes the IP address when prepended to host_ipv6_addr.

  • host_ipv6_addr.IP6.ARPA. is the zone name.

  • servername. is a domain name which specifies an authoritative host for the defined zone.

For example:

1.0.2.3.4.5.6.7.8.9.0.1.2.3.4.5.6.7.8.9.0.A.B.C.D.E.F.IP6.ARPA. IN NS example.com.
5.5.1.3.2.1.0.2.3.4.5.6.7.8.9.0.1.2.3.4.5.6.7.8.9.0.A.B.C.D.E.F.IP6.ARPA. IN NS example.com.

For more information about this Record Type, see RFC4291.

Reverse record (PTR)

This Record Type maps an IPv6 address to the canonical name for that host. Setting up a PTR record for a hostname in the IP6.ARPA. domain that corresponds to an IPv6 address implements reverse DNS lookup for that address. The PTR rules have the following format:

IPv6_address IN PTR hostname.

where:

  • IPv6_address is the IPv6 address in the IP6.ARPA. domain
  • hostname. is the corresponding location in the domain name space

For example:

8.b.d.0.1.0.0.2.IP6.ARPA. IN PTR test.com.
1.1.1.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.B.D.0.1.0.0.2.IP6.ARPA. IN PTR test.com.
*.1.1.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.B.D.0.1.0.0.2.IP6.ARPA. IN PTR test.com.

For more information about this Record Type, see RFC4291.

Record TypeDetails
Nameserver (NS)

Maps a domain name to a list of DNS servers authoritative for that domain. Delegations depend on NS records.

NS rules have the following format:

hostname. IN NS servername.

where:

  • hostname. is the zone name or one of its subdomains
  • servername. is a domain name which specifies an authoritative host for the specified hostname.

Examples:

1.2.e164.arpa. IN NS ns1.example.com.
1.2.e164.arpa. IN NS ns2.example.com.
5.1.2.e164.arpa. IN NS ns1.example.com.

The NS records of $ORIGIN are displayed in bold characters. DNS Manager allows to choose in the interface which is the primary nameserver on a zone (required for some local TLDs). In order to set up an NS record as primary check Make primary when you add/edit the desired NS record.

For BIND to take a DNS zone into consideration, at least one NS record must be defined for $ORIGIN in the respective zone. For best practice, it is recommended to have at least two NS records defined for each public domain.

Click here for more info on this type of record.

NAPTR record (NAPTR)

Naming Authority Pointers.

NAPTR rules have the following format:

order preference services flag regexp replacement

where:

  • order indicates the order in which records are to be processed when a query returns multiple NAPTR records
  • preference indicates the processing order for multiple records with identical order
  • services indicate the resolution protocol and resolution services employed when applying a rewrite according to the regexp or replacement field
  • flag is a modifier that affects the next DNS lookup
  • regexp is the primary field used for rewrite rules
  • replacement is a secondary field used for rewrite rules

Examples:

1.2.e164.arpa. IN NAPTR 100 10 "u" "sip+E2U" "!^.*$! sip:information@foo.se!i" .
1.2.e164.arpa. IN NAPTR 102 10 "u" "smtp+E2U" "!^.*$! mailto:information@foo.se!i" .

Click here for more info on this type of record.

  • Value: Depending on the Record Type, this field displays an IP address, an alias, a name server, a host name, or a text. If the value is truncated, by clicking on View button you can see the whole value.
  • Replacement
  • Priority
  • Weight
  • Last update: The date the record was last modified (from the web based interface, or by updateurl).
  • M: By clicking the Modify icon, you can edit the details of the corresponding DNS record.

You can only edit records for zones added from the DNS Manager control panel.

Adding a DNS record

You can only add records for zones added from the DNS Manager control panel.

In order to add a DNS record, open the management page of the respective zone and click the Add DNS record button. The Add NEW record to DNS Zone page will open.

If the DNS zone is a reverse zone, DNS Manager will display the value for Hosts in this zone (first and last available IP address; these parameters depend on the reverse zone IP class).

In the next area, Record Type, you will choose the Record Type. Decide if you want the record to be enabled when you create it. The record is enabled checkbox is selected by default.

The domain name can be automatically replaced by the name of the newly created domain if [domain] is specified in the domain name field. In order to have an IP address automatically replaced the [ip] tag must be used.

Editing a DNS record

You can only edit records for zones added from the DNS Manager control panel.

To edit a DNS record, click the modify icon (M column) in the DNS records list.

You can change the Record Type by selecting the corresponding option from the Select Record Type drop-down box. You can also enable or disable a record by selecting or deselecting the record is enabled checkbox. If the DNS zone is a reverse zone, DNS Manager will display the value for Hosts in this zone (first and last available IP address; these parameters depend on the reverse zone IP class).

Removing DNS records

You can only delete records for zones added from the DNS Manager control panel.

To remove DNS records, follow the steps below:

  • Go to the records list and select the checkboxes of the records you want to delete. 
  • Click the Remove Selected link at the top of the table.

  • Confirm the removal operation and click OK.

#trackbackRdf ($trackbackUtils.getContentIdentifier($page) $page.title $trackbackUtils.getPingUrl($page))
  • No labels

Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution 4.0 International.