Avatar of Matrix1000
Matrix1000
 asked on

Basic DNS Setup - Am I doing this right?

I've got a few domain names and I've got MS 2003 Server Web Edition
I want to make sure I'm setting up DNS the 'right' way.

I've gone into the server and...
1. Right clicked on the Server Name >New Zone>Next>Primary Zone>Forward Lookup Zone>Zone Name=mywebsite.com>Create a New file with this name=mywebsite.com.dns>Do not allow dynamic updates>Finish.

2. Right Click on the new zone> New Host (A)...>Name=ns1...IP_address=123.456.789.1 (leave 'Create associated pointer(PTR) record unchecked.)>Done

3. Double click on the '(same as parent folder) Start of Authority (SOA) > on the 'Start of Authority(SOA) tab click 'Browse' next to the 'Primary Server' box and browse to > Servername/Forward Lookup Zone/mywebsite.com/ns1 and click OK so 'Primary server = ns1.mywebsite.com

 4. Then click on the 'Name Servers' Tab>Remove the 'servername.' >Click Add and Browse to Servername/Forward Lookup Zone/mywebsite.com/ns1 and click OK.OK

5. In dnsmgmt right click on the zone mywebsite.com and select 'New Alias (CNAME)'. Alias name=www > Browse for Fully qualified domain name (FQDN) for target host and go to .... Servername/Forward Lookup Zone/mywebsite.com/ns1 ... then click OK...

5. Do the same process as step 4 for 'mail' and 'ftp' and ' ' . Everything is pointing to ns1.mywebsite.com. besides ns1 which is pointing to the servers IP address and the (SOA) which is pointed at 'ns1.mywebsite.com, hostmaster.'

Is that right? Should I be using CNAME's for all of those? Did I set everything correctly? Should anything be pointed to 'servername. '

I have to make my own ns1 because my domain registrar won't allow me to use their nameserver. I could only point mywebsite.com at my own nameserver.... ns1.mywebsite.com

Thanks for any corrections.
Windows Server 2003

Avatar of undefined
Last Comment
Chris Dent

8/22/2022 - Mon
Chris Dent


Hi,

Almost everything is perfect.

There's just a little for 5 and 5 again. www and ftp are fine as CNAME records - although personally I think making them an Alias for NS1 isn't so good as it clearly advertises that everything is on one server. However - it's not the end of the world and hardly a major problem.

For mail are you intending recieving mail on that domain? If so you're going to need an MX Record (and a mail server of course). For the MX record you will need the mail address, but it must be a Host Record and shouldn't be a CNAME (RFC complaince). That gives you:

mail Host(A) 123.456.789.1
(same as parent folder) Mail Exchanger (MX) mail

Which will sort out inbound mail.

Finally one bit of housekeeping. Are you using your DNS Server for internal Name Resolution? For the sake of Security you shouldn't be - Public Name Servers should just answer for the domains they host. If you want to stop it answering requests other than it's own domain open the properties for the Server, then Advanced and tick Disable Recursion.

HTH

Chris
Matrix1000

ASKER
Thanks for your reply Chris-Dent ... I know nothing about this kind of thing but I'm trying to learn.

I have a couple of quick questions.... what 'should' I be doing with www and ftp? What would be a better way to do it?

Also to add an MX Record to the Forward Lookup Zone, I right click on the Zone > New Mail Exchanger (MX) >  then what? :P

It says that the 'Host or child domain' ... "in most deployments, the above field is left blank." ?!?
Also It wants me to fill in the 'Fully qualified domain name (FQDN) of mail server'   ..... do I just browse to Server>Forward Lookup Zones> mywebsitezone.com > ns1 ?!?

Thanks! :)

Matrix1000

ASKER
forgot... As far as the MX Record...
I figured out what you were talking about with regards to the 'mail Alias (CNAME)'.... I changed that to 'mail Host(A)  123.456.789.xxx' but had an issue when trying to add the new MX Record.

I already have '(same as parent folder)  Alias (CNAME)  ns1.mywebsite.com' so when I try to add the MX record with no 'Host or child domain' entered it give me an error 'A new record cannot be created. Node is a CNAME DNS record.'
Your help has saved me hundreds of hours of internet surfing.
fblack61
ASKER CERTIFIED SOLUTION
Chris Dent

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Matrix1000

ASKER
Last question... If I delete

(same as parent folder)  Alias (CNAME)  ns1.mywebsite.com

how is "http://mywebsite.com" resolved.... do visitors always have to type in http://www.mywebsite.com"

Or I've heard about an "@" record that 'I think does this, is that correct?  Do I just add "@    Alias (CNAME)   ns1.mywebsite.com" ?
Chris Dent


@ is the same as (Same as Parent Folder). It's the correct notation for it, MS likes the friendly version instead for the GUI.

(same as parent folder) must be a Host(A) record with the IP Address if you want people to be able to get to mywebsite.com.

Chris
Matrix1000

ASKER
Thanks but I'm having a small issue....

Can you take a look at a continuation of this question please :)

https://www.experts-exchange.com/Operating_Systems/Windows_Server_2003/Q_21995520.html

Thanks!
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Chris Dent


The answer is most likely as you've been given now.

For any changes to DNS you either need to flush the DNS Cache on your local machine or wait for the TTL (Time To Live) to expire elsewhere (if you're using your ISPs DNS for example).

The TTL is set either on the record or as the default for the zone. The default is normally 1 day, so if you ask your ISPs DNS Server for the answer it will hold onto it and reply from memory for a day. After the day is up it will ask your DNS Server for the answer again - in the meantime if you change the record you'll get the wrong answer from your ISP.

Chris