DNS - Manual

In this article you will learn:

• What is and how DNS infrastructure works
  • DNS servers
  • NSSET
  • Primary, secondary, authoritative servers
  • DNSSEC
• What DNS records are and how they work
  • Names
  • Types
• Glossary of terms

---

DNS infrastructure

DNS stands for Domain Name System. It is a set of data that allows you to resolve various requests for a domain, such as what IP address a website or email server for a domain is located at.

DNS works on the principle of a tree structure: each domain request starts at the root, and the servers of the various services forward it on to the branches until it is resolved. The domain ending is evaluated first and processed by the registry servers. Then the evaluation of the domain itself continues with the DNS provider's servers for that domain.

When the query arrives at the branch, it evaluates the DNS records it finds on the corresponding server. These may point to a specific service server, or to other DNS servers.

DNS servers

DNS servers are powerful computers whose sole purpose is to store and provide DNS records. Each domain needs at least one DNS server to function properly, but typically uses 2 or more mutually synchronized DNS servers.

WEDOS uses 4 DNS servers located in different locations:

ns.wedos.net
ns.wedos.cz
ns.wedos.eu
ns.wedos.com

The single-operator system verifies data synchronization using serial numbers. These numbers vary across different sets of DNS servers, so it is possible to distinguish, for example, DNS server settings of multiple providers that are undesirable.

When you register a new domain, the registrar will usually provide you with their DNS servers. If you re-register the domain (transfer it from one registrar to another), the DNS servers remain set to the original provider, who may cancel them. 

To set up our or other DNS servers for a domain registered with WEDOS, follow the Domains - DNS Servers (NSSET) instructions.

To set up WEDOS DNS servers with another registrar, follow the instructions for that provider the above four DNS servers, or for CZ domains NSSET WEDOS.

The change of DNS servers is gradual, and the retention time for DNS server records is much longer than for DNS records. A large part of the changes usually take effect within a few hours. However, some services can still retrieve data from the original DNS servers up to 48 hours after the change is made.

NSSET

Because it is easy to make mistakes when naming specific DNS servers, some registries support NSSET, a set of name servers. Each NSSET has a unique name within the registry that you specify instead of listing individual DNS server addresses. 

Our NSSET is called WEDOS.

Primary, secondary and authoritative DNS servers

The primary DNS server contains a zone file that lists the DNS records for the domain. Secondary DNS servers download this information from the primary server to help spread the load (sometimes augmented by caching DNS servers). Data transfer is done via the AXFR protocol.

Authoritative DNS servers are a set of one primary and usually at least one other secondary DNS server. They contain authoritative data for the domain, which means that they do not query other servers for the value of DNS records.

You can configure WEDOS DNS servers as secondary servers, that is, you can allow them to download DNS records from other authoritative servers through AXFR. For more information, see DNS - Secondary Servers.

DNSSEC

DNSSEC is a technology that prevents foreign DNS spoofing during a query. For more information and setup instructions for domains registered with WEDOS, see the Domains - DNSSEC article.

---

DNS records

DNS records contain specific information for routing services through domains. They may also contain various settings or authentication codes.

You can have DNS records set up on DNS servers from different providers, but only those on authoritative DNS servers, that is, those set up for the domain, work.

VEDOS automatically creates DNS records for domains that the customer registers with us or for which he/she establishes services with the corresponding domain name. You can also create DNS manually by following the instructions in DNS - Adding a Domain.

You usually change DNS records manually. If your domain uses WEDOS DNS servers, you follow the DNS - Domain Records instructions. In some cases, however, you can have DNS set up automatically, for example when you check an option in the service order, rename or set a Webhost alias, or point the domain to an existing WEDOS service.

The system stores all changes made to DNS records in a history accessible according to the DNS - History of record changes instructions.

DNS record names

When entering DNS records, follow these rules for names:

• If the DNS record is for the main domain (for example, domain.tld), leave the name field blank.

• For subdomains (e.g., eshop.domena.tld), specify only the subdomain name (e.g., eshop; if you specify eshop.domena.tld, it will apply to the subdomain eshop.domena.tld.domena.tld).

• The name * indicates all subdomains that have no record of their own. If you assign any record to a particular subdomain, records with the * name will no longer apply to that subdomain, including those of any other type.

Types of DNS records

There are a large number of types of DNS records that the system uses to determine what to do with a given record. WEDOS supports the following record types:

• A and AAAA: They point to the IPv4/IPv6 address of the server. This is usually the web server address.
• ALIAS: Replaces A and AAAA records with the domain name. It is used for the main domain, for subdomains it performs a similar function to CNAME.
• CAA: Allows the issuance of an SSL certificate.
• CNAME: Directs the subdomain to an existing domain. It is mutually exclusive with other records on that subdomain.
• MX: He directs emails.
• NS: Delegates DNS subdomains.
• SRV and NAPTR: Specify information about the host's available services, usually in Internet telephony.
• SSHFP and TLSA: Extend domain security options.
• TXT: Allows you to enter arbitrary text to serve as settings (for example, an SPF record to increase email security), or various authentications.

WEDOS DNS does not support SOA-type records, but replaces them with separate management of domain DNS servers (NSSET).

---

Glossary of terms

• Authoritative DNS servers: DNS servers that carry binding information about a domain that all devices on the Internet should follow.
• AXFR: Protocol for transferring DNS information.
• Caching DNS server: an auxiliary DNS server that facilitates the availability of DNS records and lightens the load on the main DNS server.
• Data (of the DNS record): the value of the DNS record.
• DNS server: a server dedicated to storing and providing DNS records.
• DNS record: data about the routing or configuration of a domain or subdomain.
• DNSSEC: A technology that prevents domain abuse by spoofing foreign DNS.
• FQDN: Fully Qualified Domain Name, i.e. the complete domain name (e.g. wedos.com).
• Glue record: a special record for dealing with cases where the DNS server contains in its name a domain for which it is authoritative.
• IPv4: The numeric address of the device on the Internet, e.g. 46.28.105.2.
• IPv6: The newer numeric address of a device on the Internet, e.g. 2a02:2b88:1:4::16.
• Root DNS server: one of the 13 primary DNS servers managed by ICANN.
• Name (of the DNS record): the name of the subdomain to which the record applies.
• NSSET: A single unique name for the entire set of DNS servers.
• Primary DNS server: the primary carrier of the domain's DNS records.
• Reverse record: a special record that allows you to derive a domain name from an IP address. It is commonly set up on servers and the Cloud.
• Secondary DNS server: a DNS server that retrieves DNS records from elsewhere through AXFR.
• TTL (DNS of record): Time To Live. The time in seconds to update the DNS record value on the server.
• Type (DNS record): Specifies the purpose and procedure for evaluating a DNS record.