One place for hosting & domains

      DNS

      Advanced Troubleshooting DNS Problems


      The most common DNS error is a simple typo, whether it’s from the client or the server. Typos and other incorrect DNS data cause many problems. Even when data is correct, DNS can still be a difficult protocol to troubleshoot.

      The DNS process starts at the client, which queries a specified upstream DNS server. The upstream DNS server could already have the answer in its cache. In which case, an IP address is answered and the query is resolved. If not, it queries further upstream until a successive answer is given, which is authoritative for the query. The Top Level Domain (TLD), such as a .com, .net, or org, may be the root authority for a query. Authoritative servers on a local network may also be the correct resolver.

      Possible causes of unsatisfied queries include:

      • No network circuit path from the client to the specified DNS server.
      • The specified DNS server might not have the query credentials needed.
      • The cached information on the specified DNS server could be out of date.
      • The specified DNS server may have no upstream path to a TLD server.

      Fortunately, there are a variety of tools available for Windows, macOS, and Linux used to troubleshoot DNS problems. Most DNS troubleshooting tools focus on tracing the circuits to a DNS resolver or querying DNS servers for a correct response.

      Tracing the Resolver Network Circuit

      Clients must be able to reach the DNS server with a query. The most common failure is an interruption in the network circuit between the client app and the desired DNS server.

      Each client declares a default DNS server for DNS queries. If the address of the default DNS server is incorrect, or points to an unavailable resource, there can be no resolution to the request. In this case, the requesting application receives an error, or simply hangs. The IP address of the default DNS server must be known to troubleshoot further.

      The IP address of the default DNS server is found in the properties of the network adapter in use. To find yours, follow the instructions below for your operating system:

      Windows

      1. Right-click the network icon in the Notification Area of the Taskbar.

      2. Choose Network and Internet Settings.

      3. Select your network adapter.

      4. Scroll down to reveal the settings for that network adapter.

      macOS

      1. Click the network icon in the Menu Bar.

      2. Click Network Preferences.

      3. Select your network adapter.

      4. Click Advanced.

      5. Click DNS to reveal the settings for that adapter.

      Linux

      In Linux, the location of the desired DNS server depends on the values set in the resolver configuration file located at /etc/resolve.conf.

      To find these values via the command line, enter:

      cat /etc/resolve.conf

      To find these values via the GUI in Ubuntu 22.04 LTS:

      1. Click network icon in the GNOME Panel.

      2. Select your network adapter.

      3. Click <adapter/connection/device> Settings.

      4. Click the gear icon next to your chosen adapter/connection/device

      Knowing the desired address helps trace the circuit to determine if the desired DNS server can be reached.

      Circuit Testing with Ping

      Troubleshooting the network communications circuit uses common tools like ping. Many queries fail because there is no network circuit to the desired DNS server. The ping command line tool is universal to all operating systems and does not require administrative rights.

      Open a command line and use ping to determine if the IP address responds. In this case, the public DNS server for Cloudflare (1.1.1.1) is cited:

      ping 1.1.1.1

      Or:

      ping cloudflare.com

      When a reply is returned, queries can be made to the server, in which case, skip to the next section.

      If there is no reply using ping, then the circuit is unusable and the requested resolver is not responding. This can be because it’s under attack, dead, or offline. Specify another resolver/DNS server and repeat the attempt.

      An unusable circuit, or route to a DNS server, means that an Internet connection is down for the host making queries. If the circuit is up, another DNS server can be used, and must be placed in the host’s settings. Reset the host to restart the network stack and read the new DNS server entry. Such alternate DNS Internet servers are 1.1.1.1 for Cloudflare, and 8.8.8.8 for Google.

      Note

      The traceroute command line tool is also handy in network circuit analysis. It uses either an IP address or a Fully Qualified Domain Name (FQDN) to show latencies between the host and the desired IP address/FQDN.

      Tracing Resolvers with NSLookup

      Windows, macOS, and Linux contain the command line tool, nslookup (Name Server Lookup). It performs a query on a known address, using the default DNS resolver, unless another resolver is specified.

      nslookup google.com

      Renders:

      nslookup google.com
    Server:  one.one.one.one
    Address:  1.1.1.1

    Non-authoritative answer:
    Name:	google.com
    Addresses:  2607:f8b0:4004:c19::8a
              2607:f8b0:4004:c19::71
              2607:f8b0:4004:c19::8b
              2607:f8b0:4004:c19::64
              64.233.177.138
              64.233.177.139
              64.233.177.102
              64.233.177.101
              64.233.177.100
              64.233.177.113

      Here, the default nameserver is Cloudflare.com’s public DNS server (one.one.one.one), with an IP address of 1.1.1.1. It uses a cached (non-authoritative) answer for the queried server (google.com). It then renders three lines of IPv6 addresses and six lines of IPv4 addresses.

      When there’s a working network circuit available, nslookup permits changing the nameserver so that entries among differing nameservers can be compared. When a TLD FQDN entry is changed, it can take as long as 48 hours to be uniform among nameservers/resolvers. This is because non-authoritative servers cache entries using a Time-To-Live (TTL) variable for speedier response. The answer is delivered from cache, without looking up the answer on the next higher-level server. When the cache expires on DNS servers/resolvers/nameservers, a request from a higher authority renews the cached and delivered answer.

      Start of Authority (SOA)

      Every domain used publicly in DNS has a registrar. The registrar keeps a record of ownership, which may not be visible to the public. The entry in this record that must be made public is the IP address(es) of its nameservers. The nameservers/resolvers, in turn, are the guardians of the DNS for TLDs.

      An organization that hosts a domain generally also contains its nameserver, and is the SOA for the domain and any subdomains underneath it. TLD resolvers such as .com, .net, and .org, are highly controlled. They are only accessible through other servers using the DNS Security Extensions (DNSSEC) authentication and security protocol.

      Hosting organizations like Linode may also use other Content Distribution Networks (CDNs) who provide a presence where heavily-used sites manage IP and DNS access. CDNs are not covered by this guide, because their troubleshooting often requires tools that only the CDNs can provide. Nonetheless, these sites must respond appropriately when a host makes a query.

      Dig

      The most popular client-side DNS query tool beyond nslookup is dig (Domain Information Groper). The dig app must be downloaded to Windows as part of the
      bind package, which also includes an optional DNS server. The dig command is included with most versions of macOS and Linux.

      The dig tool allows specific DNS records to be queried. This includes MX (mail), A records (domain), TXT records (specifically recorded details), and other host records included in the SOA nameserver.

      An example of the dig output shows its command line configuration:

      dig linode.com

      The output looks similar to:

      ; <<>> DiG 9.16.30 <<>> linode.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54592
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 1232
    ;; QUESTION SECTION:
    ;linode.com.                	IN  	A

    ;; ANSWER SECTION:
    linode.com.         	300 	IN  	A   	69.164.200.202
    linode.com.         	300 	IN  	A   	72.14.191.202
    linode.com.         	300 	IN  	A   	72.14.180.202

    ;; Query time: 62 msec
    ;; SERVER: 1.1.1.1#53(1.1.1.1)
    ;; WHEN: Thu Jul 14 17:11:03 Eastern Daylight Time 2022
    ;; MSG SIZE  rcvd: 87

      Options for the dig command include:

      • +trace, which queries DNS servers to the SOA.
      • ANY, which finds ALL records, not just the default A record.
      • +f <filename> which calls the hosts listed in the specified file.

      The SOA can be found, and the path to it queried, to see if records match. This allows DNS resolvers along the path to the SOA to be adjusted for longer/shorter TTL caching. This accommodates records that change frequently, such as DynamicDNS records in Active Directory environments.

      Domain Transfers

      When a domain transfer occurs between nameserver registrations, it takes time to propagate to the hundreds of thousands of resolvers that might be contacted. The dig command is the handiest tool to find outdated cache or incorrect entries.

      The Hosts File

      Windows, macOS, and Linux look to a hosts file before trying to resolve a DNS address. The hosts file pre-dates DNS in many ways, and takes precedence over DNS or attempts to use a resolver.

      When present and filled in, the hosts file is the first resolver in any host. In Windows, this file is located in the \system32\hosts entry. On macOS and Linux, it’s located in the /etc/host file.

      The hosts file is canonical, meaning that it overrides any resolver and cannot be violated. When tracing odd DNS access problems, look for the presence of this file, and use a text editor to examine its contents. Entries may be administratively placed to prevent access to specific sites. It is sometimes used as a “private DNS” to control system behavior and prevent typos from permitting access to typo-based malware sites. The hosts file must be altered to allow subsequent access through a resolver to such sites.

      Walled Gardens and Captive Portals

      Walled Gardens and Captive Ports are terms for the same environment. Essentially, barriers presented by network access providers, such as “Free WiFi” services deployed in public spaces, shops, schools, and government facilities. These offerings are controlled through an access control host/router to a network, whether wired or wireless. All DNS or IP address calls are intercepted, and focused to an authorization device.

      After supplying sufficient credentials, a user is provided either confined or open access. Within the Captive Portal or Walled Garden, DNS calls are often intercepted and routed through local or cloud-based DNS servers/resolvers. They resolve requests using their own entries, which may not be the public DNS entry for a user.

      The “wall” in the Walled Garden provides confined access, typically limiting access to social media, adult websites, or other sites chosen by the provider. Although browser DNS-over-HTTPS protocols can sometimes “leap” over, or bypass, these walls, some browsers do not support this protocol.

      To regain access, re-load the network stack and use a public resolver like Cloudflare’s 1.1.1.1 or Google’s 8.8.8.8.

      DNS Poisoning

      The answers provided by DNS servers are listed in the DNS server/resolver’s tables. Access to these tables is usually highly limited. When DNS is correctly configured for host security, it limits how DNS entries can be changed.

      It’s possible to poison DNS servers intentionally with spurious entries in an attempt to hijack browser activity. When performed by bad actors, these entries can focus browser requests to malware, crypto routines, or competitors.

      Administrators regularly use dig and a file of test hosts to compare changes in entries. The value of the test is to show when the list of hosts has changed, and for what reason. A changed address in a popular site may mean its entry has been hijacked upstream, locally, or even at a TLD server. It may also mean the IP address has simply been changed administratively. Poisoned entries must be deleted where possible.

      Hosting Provider Problems

      A hosting provider, or the domain registrar, can flush DNS cache, including informing upstream/downstream providers where they’re connected. Administrators making changes in DNS entries face a problem with the cache TTL/life in both up and downstream servers. Changes can be quick to propagate where CDN and other services, such as Akamai and Cloudflare, are the stored address for downstream servers.

      Records

      Each host provides a mandatory A record that points to the IP of the receiver of domain targets. The CNAME record provides an alias for queries, allowing aliases for “www” or other common domain prefixes.

      DNS MX records point to mail. Most hosting providers run mail through an application, such as cpanel. Email entries for a domain are rejected because of missing mail-focused domain keys used in:

      • Transport Layer Security (TLS)
      • DomainKeys Identified Mail (DKIM)
      • Sender Policy Framework (SPF)
      • Domain Message Authentication Reporting and Conformance (DMARC)

      These entries must be valid, and the mail engine used must comply with the DNS records for the domain.

      Host provider email records are entered in the provider’s DNS record for a domain, or maintained separately by a domain administrator.

      Alterations

      Some host providers and registrars lock DNS records so that they cannot be changed by fraudulent or unauthorized access. To prevent hijacking and fraud, the locks placed on records require obtaining a key, providing credentials, or other verification obstacles.

      The authentication credentials needed to change DNS records should be stored carefully. A re-authentication attempt usually requires time and multiple methods of authentication to obtain. Domain hijacks occur when credentials are guessed, spoofed, or heavily attacked.

      Conclusion

      Simple typos are a huge problem. So are network outages that initially appear to be DNS problems. Verifying accuracy and the network path fixes many DNS outages. User/host configuration problems, especially an incorrect default DNS/resolver, can also be quickly checked.

      When resolvers must be checked, the toolkit can be simple. Much information can be revealed about the listings inside resolvers using nslookup and dig. Data can be compared from period to period.

      Complying with a hosting provider’s documentation allows you to keep complete records that cooperate with the provider, their services, and email.

      DNS servers are not invulnerable. They can be poisoned. It’s good practice to check important records on a periodic basis to test listing integrity, especially before users fill the support email box.



      Source link

      Register Custom DNS Name Servers


      DNS name servers (also referenced as the single word nameservers) are the backbone of the Domain Name System. They are the servers that host a domain’s DNS records, which map human-readable domain names to IP addresses.

      When registering a new domain or configuring an existing domain, you must set the FQDN (fully qualified domain name) of each name server you intend to use. This is done through your domain’s registrar. You can typically chose to use your registrar’s name servers, a third party name server, or a self-hosted name server. If you decide to use your registrar’s DNS service or a third party DNS service, that service provides you with the FQDNs for its name servers. For example, the name servers for Linode’s
      DNS Manager are ns1.linode.com through ns5.linode.com.

      If you instead decide to use your own custom name servers, you first need to create glue records on your registrar for the FQDN you wish to use with each name server. In tandem with glue records, you must also set corresponding A records with your domain’s DNS records. The last step is to configure your domain to use your new custom name servers.

      1. Configure Glue Records
      2. Create A Records
      3. Change the Name Servers for Your Domains

      This guide covers how to register a custom name server and assumes you have already configured a self-hosted DNS software on each system you intend to use.

      Before You Begin

      • You must have at least one registered domain name and be able to access the domain’s registrar. Within this domain name, determine the FQDNs you’d like to use for your custom name servers. Many applications and registrars require at least two name servers and they are typically formatted as ns1.example.com, ns2.example.com, and so on, replacing example.com with the domain you’d like to use.

      • For each name server you wish to configure, deploy your preferred DNS software on a Compute Instance or any publicly accessible server. If you are using cPanel, Plesk, or other software that automatically configures your DNS software, make sure it is properly installed.

      Why Use Custom Name Servers?

      Third-party DNS services, like Linode’s DNS Manager, are very reliable, feature-rich, highly available, and protected against attacks. For most applications, these services are preferable to self-hosting custom name servers. As with many custom self-hosted solutions, the effort to build and maintain a custom DNS name server might not be worthwhile. That said, there are some compelling reasons to chose self-hosting your own custom name servers over utilizing an existing DNS service.

      • Software integration: Many popular self-hosted software solutions, including cPanel and Plesk, can deploy their own custom name servers to automatically manage DNS records. When a user makes a change in the software, the associated DNS records are automatically created or updated without a user needing to manually configure them.

      • Greater control: A primary reason for using any self-hosted solution is to gain more granular control over a system. In the case of name servers, you can use any
        name server software supported by your system and take advantage of all of its features.

      • Vanity/Branded domain: Some third-party DNS services allow you to use your own domain instead of their standard name server domains for branding purposes, but not all have this feature. When self-hosting your own name servers, you can use whichever domain name you wish.

      Configure Glue Records

      When a domain name is resolved, your system’s DNS resolvers first query the root name server. The root then provides the name servers for the domain’s top-level domain (TLD), such as .com or .net. Then, a query is sent to the TLD name servers, which returns the authoritative name servers for the domains. The DNS resolver can then finally query an authoritative name server for the DNS record it needs. This works fine for most domain queries, such as when the DNS records for example.com are hosted on the name server ns1.linode.com. But this breaks down for name server domain resolution, where the record for ns1.example.com is hosted on the ns1.example.com authoritative name server.

      To overcome this circular resolution, glue records are needed. Glue records are set within the domain’s registrar and can map the custom domain of a name server to the IP address of that name server. To configure glue records, follow the instructions below.

      1. Obtain the public IPv4 addresses for each of your custom name servers. If they are hosted on a Linode Compute Instance, see
        Managing IP Addresses on a Compute Instance.

      2. Log in to your domain’s registrar.

      3. Configure a glue record for each custom name server. This maps the full domain of a name server to the IPv4 address for that server. The name of this feature and the instructions for setting a glue record depend on the registrar you are using. Here are the instructions for a few popular registrars, though any registrar that supports glue records can be used:

        Some registrars may require you enter the entire FQDN of the custom name server (such as ns1.example.com), while others only need the subdomain (such as ns1). Additionally, registrars like Namecheap pre-populate a dropdown list with common name server hostnames. In this case, you can likely select from the predefined list or type your own.

      After this is complete, your registrar sends the glue records to the TLD name servers associated with your domain. This process can take up to 24 hours to complete, though it is generally finished within a few minutes to an hour. See
      Verify DNS Changes.

      Create A Records

      In tandem with setting up glue records at the registrar-level, you should also create A records within your custom name servers itself. Many self-hosted software applications that manage DNS records, such as cPanel and Plesk, do this automatically – provided they are configured to use a self-managed DNS service. If this is the case, you can skip this section – even if you have yet to install the software.

      1. Log in to the administration panel or terminal for your DNS software on your custom name server.

      2. Within the domain zone file, add an A record for each custom name server. This record should point the hostname of the custom name server (such as ns1.example.com) to the IPv4 address of the name server.

      Since these steps vary greatly depending on your DNS software, please reference the official documentation for that software. For instance, for users of BIND9 (the most popular DNS software), see
      Configurations and Zone Files.

      DNS records can take up to 24 hours to fully propagate, depending on several factors – including the TTL setting, the DNS service you are using, and the caching system on the DNS resolver. In general, you can expect to see the updates within 5 minutes to an hour. See
      Verify DNS Changes.

      Change the Name Servers for Your Domains

      Once the custom name servers have been successfully registered, you can begin using them to host DNS records for your domains. To do this, add the domain inside your custom name server and then update the domain’s registrar to reflect the new authoritative name servers.

      1. Log in to your domain’s registrar.

      2. Update the domain’s name servers to use your new custom name servers (such as ns1.example.com and ns2.example.com). The name for this setting various among registrars, but it is commonly called external or custom name servers.

      After configuring the new authoritative name servers for a domain, they are sent to the TLD name servers associated with that domain. This process can take up to 24 hours to complete, though it is generally finished within a few minutes to an hour. See
      Verify DNS Changes.

      Verify DNS Changes

      Once you’ve made the changes that are needed, you can verify that the records are correct and have propagated to the appropriate servers by following the instructions below.

      1. Obtain the TLD name servers by running the following dig command, replacing com with the TLD for your domain.

        dig +short com NS

        This returns a list of TLD name servers.

      2. View the DNS records a particular TLD name server has for your domain by using the command below. Be sure to replace a.gtld-servers.net. with whichever TLD name server you wish to query (leaving the @ and trailing .) and example.com with your domain.

        dig +norec @a.gtld-servers.net. example.com

      3. To verify the glue records, examine the output’s ADDITIONAL section. There should be an A record for each of the glue records you’ve configured, pointing your custom name server domain to your IP address.

        ;; ADDITIONAL SECTION:
ns2.example.com.	3600	IN	A	192.0.2.36
ns1.example.com.	3600	IN	A	192.0.2.37

        If you do not see a similar output, you can query other TLD name servers. It may be that the changes have not yet propagated to all of them.

      4. To verify your domain is using your new name servers, examine the AUTHORITY section of the output. This should be a list of all NS (name server) records, which map your domain to one or more name servers. All of the name servers configured for your domain should appear here, though they are typically displayed in a somewhat random order.

        ;; AUTHORITY SECTION:
example.com.		3600	IN	NS	ns2.example.com.
example.com.		3600	IN	NS	ns1.example.com.

      5. Both the glue records and name servers can also be verified by running a dig +trace command, as shown below. Replace example.com with your domain and ns1.example.com with your custom name server. Repeat this command as needed for each name server.

        dig example.com +trace +additional | grep ns1.example.com

        Within the output, you should see at least one NS record that defines your custom name sever and an A record for your name server that points to the correct IP address of your server.

      6. The A records for your custom name server’s domain can be verified by running the following dig command, which confirms the changes have propagated to the DNS resolver used by your system. Replace ns1.example.com with the domain of your name server.

        dig ns1.example.com A +short

        This should output the IP address configured within the A record for that domain.



      Source link

      Nameservers vs. DNS: A Complete Guide


      If you’re thinking about migrating your site to a new hosting provider, you may be wondering what it will mean for your domain registration. Perhaps you’re worried visitors will be unable to access your content if you switch web hosts.

      This is why it’s important to understand what nameservers and the Domain Name System (DNS) are and how they work. This understanding can help you manage your migration more efficiently.

      In this post, we’ll take a closer look at nameservers and DNS records. We’ll also show you how you can access these essential components of your site. Let’s get started!

      Nameservers vs. DNS Records: What They Are and How They Work

      A nameserver connects your domain name with the Internet Protocol (IP) address of the server that hosts your website. Thanks to nameservers, browsers like Google Chrome and Mozilla Firefox can direct users to the right page when they type in a site address.

      Typing a site address into Google.

      For example, if you type “myblog.com” into Google, the nameserver tells the browser where that domain is located (i.e., the address of your web host). Without this information, the browser wouldn’t be able to display the site.

      Nameservers form part of an online database known as the Domain Name System (DNS). This system is part of the  Transmission Control Protocol (TCP) and the Internet Protocol (IP), which defines how computers communicate via the internet and private networks.

      DNS plays an important role, as it aids the conversion of simple domain names (e.g., myblog.com) into an IP address (e.g., 12.34.56.78), which computers then use to identify one another on the network. Effectively, DNS functions like a phone directory. It contains records of web devices, such as computers and servers, and their associated IP addresses.

      Every domain has its own DNS records, which include the nameserver. These are generated when you register your domain name with a hosting provider or a domain registrar. Therefore, your nameserver points your domain name to the IP address of your host or registrar.

      Your Great Idea Starts with a Great Domain

      Don’t let someone else register your URL. Search DreamHost’s 400+ TLDs to find the perfect fit for your website.

      How the Browser Finds Your Website

      Everything that is connected to the internet has an IP address, including websites and servers. There are millions of IPs in use all over the world, and they are all unique. Your site will have its own IP address, which your host provides.

      However, your domain name needs to be able to connect with your site’s IP address. For example, when you enter a site’s URL into an address bar, your browser will try to access the corresponding page. To do this, it will go through some steps that the user doesn’t see.

      First, the browser connects to the target site’s domain registrar. Then the registrar points the browser to the target site’s hosting provider (e.g., dreamhost.com). Once the browser arrives at the web host, it will look for the correct nameserver (e.g., ns1.dreamhost.com).

      The process is practically instantaneous, so as users, we don’t fully appreciate the additional steps. However, should you decide to change your hosting provider, you’ll need to point your domain name to your new host. This is a vital step. Otherwise, users will not be able to find or access your site.

      Related: How Do Websites Work?

      How to Use Nameservers and DNS Records

      Knowing how to access your domain’s DNS records, including your nameservers, can help you arrange a smoother transition to your new host. Let’s take a look at the different ways you can locate and manage these important records.

      Locating and Managing Your Nameservers

      Your domain’s nameservers can be found in your web hosting account. These might also be available on the hosting company’s documentation page.

      The nameservers for domains managed by DreamHost are:

      • ns1.dreamhost.com
      • ns2.dreamhost.com
      • ns3.dreamhost.com

      If you’re a DreamHost client, you can also log in to your hosting account to view your nameservers. To start, navigate to Websites > Manage Websites in the side menu.

      Managing your websites in DreamHost.

      Next, find the domain you wish to edit and click on the DNS tab on the right side of the screen. This will bring up a page with your nameservers.

      Locating your nameservers in DreamHost.

      Note that if your domain is registered with a different company, you won’t be able to update your nameservers from your DreamHost account. To manage your nameservers, you’ll need to log in to your account with the company that manages your domain.

      If your domain is registered with DreamHost, you’ll be able to edit your nameservers. For instance, if you wish to replace your current nameservers, you can simply erase them from the box and type in your new ones.

      You can also manage your domain from the Registrations page in your account. For more information about this, you can read our complete instructions for editing your nameservers on DreamHost.

      Alternatively, you can find out what a website’s nameservers are by performing a WHOIS lookup. Nameservers are public records, so it is possible to find this information by using a third-party tool.

      Several sites offer this service, including lookup.icann.org.

      Running a WHOIS search.

      You can type the domain into the search bar, and a list of records will appear. For example, here are the nameservers for google.com:

      Viewing nameservers in a WHOIS search.

      Note that a WHOIS search can also show the personal details of the domain’s owner, including their name and email address. Some hosting providers and domain registrars offer WHOIS privacy, which protects the identity of the user.

      Related: What Is Domain Privacy Protection?

      Locating and Managing Your DNS Records

      Your DNS records are just as easy to locate and manage. You can log in to your hosting account to view your records and make changes to them. If your domain is managed by a third party, such as a domain name registrar, you’ll need to log in to your account with that company.

      If you have a DreamHost account, your DNS records can be found on the same page as your nameservers.

      Viewing your DNS records in DreamHost.

      You can add a new DNS record to your domain by clicking on the blue Add Record button. As you may notice, there are different types of records you can create. Let’s take a closer look at the most common ones.

      A Record

      The address record is the most basic type of DNS record. It is used to point a domain (or subdomain) to an IP address.

      CNAME Record

      The canonical name record points a domain to another domain, as opposed to an IP address. This is used when a site has subdomains, such as shop.myblog.com or donations.myblog.com.

      Adding a CNAME record in DreamHost.

      These are subdomains of myblog.com. Let’s say that each of these subdomains has a CNAME record containing the value “myblog.com.” Since the DNS is looking for an IP address, when the CNAME record is accessed, a further lookup is carried out at myblog.com (as this is the value contained in the CNAME file).

      It will then return the IP address stored in myblog.com’s “A” record. This means that these subdomains are aliases of the main domain, and the canonical name (or “true name”) of these subdomains is actually “myblog.com.”

      MX Record

      A mail exchange record is used to direct emails to an address registered on your domain (e.g., [email protected]) per the Simple Mail Transfer Protocol (SMTP), the standard protocol for email.

      It is important to ensure that your MX records point to the right mail server. If not, emails won’t be delivered to your account. We also recommend that you back up your emails before switching to a different host.

      Adding an MX record in DreamHost.

      NS Record

      As mentioned previously, this is the nameserver record. You can use this setting to change your nameservers so that they point to your new hosting provider.

      TXT (Text) Record

      This one allows you to insert text into your DNS records. Originally, the TXT record was designed for human notes, such as site descriptions or development details. However, it is possible to include machine-readable data.

      Adding a TXT record in DreamHost.

      This record can help you to protect your site against spam. It also enables you to verify your domain, such as by adding a Google Site Verification record. It is very common to have multiple TXT records for a single website.

      Related: Understanding the Different Kinds of Domains

      Monitoring Your DNS Records

      When updating your nameservers and other domain records, you’ll need to take DNS propagation into account. This is the time it takes for your DNS records to update across the internet. For example, when you modify your nameserver to point to your new hosting company, this change can take up to 72 hours to come into effect.

      At DreamHost, we offer a DNS propagation checker to help you monitor your records. To access this tool, simply click on DNS checker on your Records page.

      Accessing the DNS Checker in your DreamHost account.

      On the next page, you can check your website’s current IP address and DNS record information. Our interactive maps show you the status of your records across nameservers in different locations.

      Using the DNS checker to view the status of your records.

      The green checkmarks on the map indicate that your DNS is up-to-date in the specified locations. Meanwhile, a single red cross suggests there might be a problem with the DNS server in that location.

      If you see multiple red crosses, it may mean that you haven’t configured your DNS at the company where you registered your domain. However, this could also be a sign that your new DNS settings haven’t yet finished updating.

      DNS Management Made Easy

      Whether you need help identifying a domain’s nameservers, understanding a DNS query, or choosing a web host, we can help! Subscribe to our monthly newsletter so you never miss an article.

      Nameservers vs. DNS in a Nutshell

      Understanding how nameservers and DNS Records work can ensure a smooth transition when migrating your site to a new host. It is imperative that your domain name points to the correct nameserver. Otherwise, site visitors will be unable to access your pages.

      At DreamHost, we make your life easier by managing the entire transition process, including your domain transfers. We also enable you to manage your own domains and DNS from your hosting account, and our service comes with free privacy protection for your domain.



      Source link

      Forgot Your Password ?