DNS Management on dedicated servers

This document is going to give some more information with respect to managing DNS on your Anchor dedicated server for the purposes of completing the following tasks:

  • Adding domains to the DNS configuration
  • Removing domains from the DNS configuration
  • Making DNS changes to domains hosted on this DNS server.

There are a number of Anchor custom scripts which can be installed on the machine to assist with this, the scope of this document assumes this has already been completed.

DNS Management overview

All DNS management is completed via the 'dnsadm' user account using the BIND/named DNS server.

Access to this account can be obtained through using the command:

dns

This is where all the DNS configuration is contained, under normal operating circumstances there should not be any requirement to make changes outside of this account.

You should able to tell relatively easily if you are the DNS admin user as the prompt should look similar to the following:

[dnsadm@XXXXX named]$ 

In this location you will see a number of different files and directories which serve a specific purpose. For the point of this article we are only concerned with the following directories:

  • /var/named/master - Contains the DNS configuration for all domains where this server is acting as the primary (master) DNS server. The vast majority of DNS changes will be made to files in this location.

  • /var/named/slave - Contains the DNS configuration for all domains where this server is acting as the secondary (slave) DNS server.

  • /var/named/includes - The includes directory allows for common DNS configuration to be included. This is really handy if you have multiple domains with identical configuration. Instead of making the changes in lots of disparate zone files, they can be made in one single location. Not only does this increase the speed of which changes can be made but it also reduces errors.

  • /var/named/templates - This location contains a selection of templates which can be used when adding new domains to the DNS server.

Adding a domain to the nameserver

  • This will allow you to add a new zone based on the contents in /var/named/template/default-template
    1. Become the dns admin user
      •            [root@XXXXX ~]# dns
                   [dnsadm@XXXXX named]$ 
    2. Run:
      •           zone-add example-domainname.com.au 
  • Once this has run it will automatically add the DNS records and reload the configuration.
  • To use alternative templates these can be created and saved in /var/named/templates and can be called using the -t flag.
    • For example: if I wanted to have a group of clients with alternative DNS records I could create a template called 'template1' and then use
             zone-add -t template1 example-domain2.com.au

Removing a domain from the nameserver

  • Why would you want to do this?
    • Client has requested that we no longer host their DNS on the namesever
    • The domain has been delegated away from the name server (as seen in the whois record)
    It is important to note that as soon as this is removed, DNS records will no longer be returned which will mean the site and/or email will stop working.
    1. Become the dns admin user
      •            [root@XXXXX ~]# dns
                   [dnsadm@XXXXX named]$ 
    2. Run:
      •           zone-del example-domainname.com.au
    • Once this has run it will automatically add the DNS records and reload the configuration.

Making DNS changes

  • Before making any DNS changes it is recommended that you read the our article on How DNS works - this will make the contents of the DNS configuration files make a lot more sense.

  • The process is general is:
    1. Become the dns admin user
                 [root@XXXXX ~]# dns
                 [dnsadm@XXXXX named]$ 
    2. Run:
                vim master/example-domainname.com.au 
    1. This will open up the zone file and you will be able to make your required changes.
    2. Reload the configuration using:
      •           rndc reload example-domainname.com.au
        • Note: On all our dedicated servers we have installed an rndc wrapper, which will complete all of the following for you:
          1. Increment the serial number
          2. Check that the configuration is sane (ie, the configuration is not generating errors)
          3. Allow you to use tab completion on the command line when typing in the domain name

Article creation resources


See also: