Introduction
The Domain Name System (DNS) essentially provides a phone directory for the Internet. You might want to type in apple.com
to your web browser to buy iPhone accessories, but how will your
request reach Apple's web server at IP address 17.172.224.47? That's
what the domain name record system does for us.
If you're a small
business owner or WordPress blogger, you've probably been told to
configure your A and CNAME records. Or, that time you tried to move your
email, you were told to change your MX record. Or, a cool web service
asked you to set up a TXT record before it would work with you. What's
all this for, and why is it so confusing?
In this tutorial, I'll introduce you to the Internet's DNS system and
guide you through configuring records for the common requirements of
everyday technology consultants and business owners.
If you have any questions or comments on the tutorial, please feel free to post them below in the comments.
Learning About DNS Record Types
Name Servers
When
you bought your domain name, your registrar probably configured default
DNS records for you and provided the Name Servers (NS) for them. You
need to have a Name Server (which are often mirrored in pairs and
triplets for redundancy, e.g. ns1.yourregistrarserver.com, ns2.yourregistrarserver.com) to tell the Internet's DNS directory the numeric IP addresses of your web servers and services.
Here's an example of my NS records for my website, JeffReifman.com:
All
the settings we'll describe below will be configured by you at your NS
host and published by their server for the Internet to update their
directories.
There are a handful of types of DNS record types, and the most common you've probably heard of are A Records.
A Records
If a web user types in jeffreifman.com,
the request will be passed off to a directory which will look for a DNS
record that corresponds to my root domain. By root, I mean no prefix,
no www, i.e. no sub-domain, just http://jeffreifman.com.
For example, the root-level A record of your domain might point to
107.164.32.96. That will tell the Internet to which IP address to send
your browsing request.
I've used the Kloth website for years to check DNS records, but there are many you can use, e.g. Google Dig or KeyCDN, whose content delivery network services I wrote about for Tuts+ earlier this year. Many sites offer these tools.
Here's an example query for an A record on Kloth:
Subdomain Records
You can also configure A records for a variety of sub-domains. For example, if you want www.yourwebsite.com
to go to the same address, you can set up an identical A record for the
sub-domain www, i.e. the root domain, and the www domain would have
identical IP addresses.
Recently, I co-founded Flee the Jungle at http://fleethejungle.com to guide shoppers away from Amazon after my stories about the company's harm to Seattle and the viral exposé published by the New York Times:
Soon, we'll be launching city-specific sub-domains, e.g. portland.fleethejungle.com.
If we wish to host these on different servers, we'd need to set up
distinct A records for each city sub-domain to point to the servers'
unique IP addresses.
Wildcard Entries
DNS
records also allow wildcard entries (using an asterisk *) that make it
easy to route all sub-domain traffic to one IP address. For example, if I
want any city request for Flee the Jungle to be hosted by one server, I
could do something like this:
Wildcards make it easier to catch traffic from many sub-domains to one server.
Inbound Routing on Your Server
When
traffic arrives at your server from the DNS mapping system, how your
server handles it must be configured there. For example, here's my
Apache site configuration for my root domain traffic and www traffic:
01
02
03
04
05
06
07
08
09
10
11
| <VirtualHost *:80> ServerName jeffreifman.com ServerAlias www.jeffreifman.com DocumentRoot /var/www/jeffreifman DirectoryIndex index.php <Directory /var/www/wpapps/ > AllowOverride All Order Deny,Allow Allow from all < /Directory > < /VirtualHost > |
I also sell domains using a web site which dynamically prices them. So, here's how I tell Apache to accept traffic for all those different domains and DNS records:
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
| <VirtualHost *:80> ServerName newscloud.com ServerAlias *acro.io ServerAlias *acroyoga.io ServerAlias *acupuncture.io ServerAlias *allmisses.com ServerAlias *amehzon.com ServerAlias *carestrategies.com ServerAlias *caringsitters.com ServerAlias *clipboards.io ServerAlias *commonbits.com ServerAlias *commonroad.com ServerAlias *commontunes.com ServerAlias *completelady.com ... |
Next
I'm going to tell you about CNAME records. These are helpful in a
number of ways and can be especially helpful in simplifying the
management of your IP addresses and future migrations from one server to
another.
CNAME Records
CNAMEs are essentially domain and sub-domain text aliases to map
traffic to. For example, if you've ever set up a blog through a service
such as WordPress or Tumblr, they may ask you to map your domain name
to a CNAME rather than with an A record to an IP address.
I don't use Tumblr much, but a while ago I set up a site with them to try at http://misc.jeffreifman.com. Here are their instructions for configuring your domain name. They allow either A records or CNAMEs. I used a CNAME:
Here's my DNS record for misc.jeffreifman.com:
1
| misc.jeffreifman.com CNAME domains.tumblr.com. |
Note: You should put a closing period on your CNAME addresses.
When a user requests misc.jeffreifman.com in their browser, the DNS points them to domains.tumblr.com which it will then recursively look up the IP address for, which will be 66.6.44.4.
One
advantage of CNAMEs is that if Tumblr ever changes the IP address of
their inbound server, I might not need to ever change my CNAME record.
It could stay the same and Tumblr can manage the IP change by changing
the A record for domains.tumblr.com.
I
use this approach for my domain names for sale—most of them point to a
CNAME for my web server. If I need to change hosts and change the IP
address of my web server, I can change one sub-domain A record for the
CNAME I used, rather than changing one hundred A records for each domain
name.
Note: The DNS standards don't technically allow you to point root domain records to a CNAME address, e.g. jeffreifman.com CNAME domains.tumblr.com.
That's why Tumblr suggests an A record for your root domains. However,
some DNS name servers do support this—so check with yours. To learn
more, read this post by Josh Strange.
Another scenario you'll use CNAMEs with is CDN services such as described in the KeyCDN tutorial I wrote for Tuts+. I set up four cloud subdomains named c1, c2, c3, c4, all pointing to KeyCDN's content mirror at jr-faf.kxcdn.com.
What Happens When You Change DNS Records?
DNS
records for root domains and sub-domains are generally independent of
one another. A change to an A record for a root domain doesn't affect
the existing addressing of a sub-domain's CNAME. However, I recently
signed up with web security service Incapsula
and found it requires two A records for the same root domain—this can
make things a bit more complicated. In other words, you can technically
have multiple A records for the same domain, which could create
conflicts.
It's
also important to realize that DNS changes don't take effect
immediately. When you set up your DNS records for the first time (or
when you change them), Internet users will not be connected to your most
current settings immediately. This is one of the things that makes
migrating from one server or hosting company to another more difficult.
In fact, in a worst case, it can take more than 36 hours.
My registrar introduced me to WhatsMyDNS.net for
a visual report of the propagation of my DNS changes to various areas.
Below was a screenshot I took when my Flee the Jungle server moved,
requiring changes that ended up taking several hours.
The map below shows that DNS servers around the world had finally caught up to my latest changes:
MX Records
If
you're wondering by now what an MX record is, it's time to tell you. MX
records tell the DNS system where to send all that email you receive.
So, if I bought StarWars.io and want to receive email at jeff@starwars.io, I need to do two things.
First, I need to sign up for an email service such as Google Apps or FastMail to
host my email. Second, I need to follow their instructions for
configuring MX records to their multiple redundant email servers.
For example, here's what it looks like for Google Apps:
1
2
3
4
5
6
| Priority Mail Server 1 ASPMX.L.GOOGLE.COM. 5 ALT1.ASPMX.L.GOOGLE.COM. 5 ALT2.ASPMX.L.GOOGLE.COM. 10 ALT3.ASPMX.L.GOOGLE.COM. 10 ALT4.ASPMX.L.GOOGLE.COM. |
FastMail looks something like this:
1
2
| in1-smtp.messagingengine.com (first, priority=10) in2-smtp.messagingengine.com (second, priority=20) |
If you want to run your own email server, you'll need to configure your MX record to point to the IP address of your own server.
A lot of people have begun using MX Toolbox for looking up their MX records, but you can use any DNS lookup service for that too.
Changing Email Providers and Moving Email
MX
records only instruct the DNS system where to route today's email—your
existing email is stored in the cloud databases of your current email
provider. If you wish to move all of your existing messages, you'll need
to rely on their tools or your mail client software. And, of course, you'll also have to update your MX records to your new provider's settings.
During the DNS propagation period, you may receive some emails at your old provider and some at your new.
Changing your MX record does not damage your prior email repository—but nothing new will ever arrive there.
TXT Records
TXT
records allow the domain owner to authenticate themselves by posting
secret codes within their DNS. When you register with Google Webmaster
Tools, it will ask you to verify that you own the domain by doing just
that.
For example, Google will ask you to post a code specific to your domain like this:
1
| jeffreifman.com TXT google-site-verification=Ih8iC4iSOcBSkk |
I actually have three TXT records posted for jeffreifman.com right now:
1
2
3
| jeffreifman.com TXT "keybase-site-verification=qG2zMYf_hw2sXUCgtYWk" jeffreifman.com TXT "v=spf1 include:spf.efwd.regsrvrs.com ~all" jeffreifman.com TXT "google-site-verification=blTgEw5QFSx5M" |
Keybase, which I wrote about for Tuts+ while covering PGP Keys, Privacy and Encryption, uses TXT records for me to verify my website as a means to authenticate my identity with my public key records.
You
can also use TXT records to tell spam detection servers that your mail
server sends only legitimate emails as I did with the SPF record above.
Services such as Mailgun use both SPF and DKIM records to use their email cannons.
AAAA Records
As the Internet runs out of IP addresses, we're slowly moving to a larger addressing scheme, IPV6.
If you decide to support IPv6 addressing, you'll need to configure an AAAA record with its larger addressing scheme:
Today,
most IPv4 to IPv6 conversion is handled transparently behind the
scenes. Though at some point long after climate change has killed off
the last polar bear (thanks Senator Inhofe), A records may become a relic and AAAA will be the primary DNS record to configur
محول الاكواد محول الأكواد اضافة الإبتسمات اضافة الإبتسمات تابع المدونة تابع المدونة