LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-04-2012, 10:00 AM   #1
MasterRoot24
LQ Newbie
 
Registered: Mar 2012
Distribution: Ubuntu, Gentoo
Posts: 2

Rep: Reputation: Disabled
Question Questions about public DNS


Hello there,

I'm a long time reader of these forums, but I now have a question which I have been struggling to find the answer to for myself, which I hope someone can help me with!

I am currently in the process of building a web site, which I would like to run from my home server. I have the site running internally, and I am using my firewall to route inbound traffic to my server from the internet.

As I am behind a home broadband service, my IP address is assigned via DHCP and therefore my public address changes from time to time [although this is very rare, as the DHCP leases from my ISP seem to last a while].

To work around this, I have been using DynDNS for many years now, and have a public A record on the internet, which is dynamically updated by DynDNS, if my public IP ever changes - this has been working perfectly from day one for inbound admin connections such as SSH, Webmin, etc. For the purposes of this thread, I'll refer to my public DynDNS A record as 'mydynamicip.homeip.net'.

I have purchased a domain name for my new site, from 123-Reg, who I have purchased domain names from before. I'll refer to this domain as 'mypublicdomain.co.uk'. I currently have the following DNS records setup for my domain at 123-Reg:
Code:
@       MX    5   mydynamicip.homeip.net
@       A         94.136.40.82
www   CNAME       mydynamicip.homeip.net
Note: The address: 94.136.40.82 is the address for 123-Reg's web forwarding service. I have been instructed by 123-Reg to add this record.

The purpose of this record is to forward requests such as http://mypublicdomain.co.uk/ are forwarded on to http://www.mypublicdomain.co.uk/. This was their proposed workaround to the fact that I was unable to add a DNS record like '@ CNAME mydynamicip.homeip.net' to my public domain, without overriding my MX records - they said if I did add such a record, that my incoming mail would be affected.

Unfortunately, this does not meet my requirements, as it means that only HTTP requests to mypublicdomain.co.uk are forwarded to mydynamicip.homeip.net and thus my home public IP. For example if a HTTPS request is sent - 'https://mypublicdomain.co.uk/' - this request would fail, as the web forwarding service only responds to HTTP requests and only forwards to HTTP OR HTTPS. I could set the destination to https://www.mypublicdomain.co.uk/, but this would mean that all web requests are forwarded to HTTPS, no matter what the user has specified. Furthermore, I would loose the ability to refer to my public domain name as mypublicdomain.co.uk for purposes such as SSH and Webmin, etc. - these would all be sent to 94.136.40.82 as per the A record on the domain, and then fail as the A record would resolve to the web forwarding server and not my public IP.

My question is: How would one go about setting up DNS, to allow all requests for mypublicdomain.co.uk to be resolved via CNAME to mydynamicip.homeip.net.

I hope I've provided enough info - if I can provide any more helpful info, please let me know.

Many thanks,

Joe
 
Old 03-06-2012, 04:11 AM   #2
Skaperen
Senior Member
 
Registered: May 2009
Location: WV, USA
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,406
Blog Entries: 30

Rep: Reputation: 164Reputation: 164
In order for "mypublicdomain.co.uk" and "www.mypublicdomain.co.uk" to both work, they both need to have A records that reach a valid web server. Technically, you are not supposed to CNAME a directly delegated domain. But it has worked. But that certainly does mean everything would follow, all record types and all hostnames. I always recommend to not use CNAME at all, and just delegate your domain directly to where it can be served. A dynamic DNS provider should be able to support your domain as a delegated name service. They would give you hostnames to provide to your registrar for delegation (usually you put then in as "customer provided name servers" in some panel). Then they would host your domain, and update the A records dynamically based on the communications from you.

I once hosted the DNS for a friend's business connected by dynamic IP. I just rigged up a scheme where his server would make an ssh connection to my statically addressed servers every hour, and run a command to write the value of an environment variable (set by SSH with the IP address he came from) to a file. A cron job set to run a few minutes after that would check if the address changed. If it changed that job would rebuild the zone file with it and reload the name server.

I got into the dynamic DNS business for a short while. I'm out of it, now. There's no money in it to even justify renting the servers for it.

An alternative is to rent virtual hosting somewhere and either run DNS there or some or all of your website there.
 
1 members found this post helpful.
Old 03-06-2012, 08:21 AM   #3
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984
What's the deal with not CNAMEing then? I've not heard that before.
 
Old 03-06-2012, 10:28 AM   #4
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125

Rep: Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781
Quote:
Originally Posted by acid_kewpie View Post
What's the deal with not CNAMEing then? I've not heard that before.
The CNAME, or canonical name is just an alias for another A record.

@MasterRoot24, if you really want to use dynamic DNS and host the server on it, you might want to consider transferring the domain registration to DynDNS instead of 123-Reg. It will cost you a bit extra per year, but their Custom DNS service should provide the functions you are looking for. I believe that these options are available if they are the registrar for the domain.
 
1 members found this post helpful.
Old 03-06-2012, 10:31 AM   #5
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984
Quote:
Originally Posted by Noway2 View Post
The CNAME, or canonical name is just an alias for another A record.
Erm... yeah I know what a CNAME *IS*.
 
Old 03-06-2012, 11:13 AM   #6
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125

Rep: Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781
Quote:
Originally Posted by acid_kewpie View Post
Erm... yeah I know what a CNAME *IS*.
Never mind, I misread your question ....
 
Old 03-06-2012, 01:50 PM   #7
Skaperen
Senior Member
 
Registered: May 2009
Location: WV, USA
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,406
Blog Entries: 30

Rep: Reputation: 164Reputation: 164
Quote:
Originally Posted by acid_kewpie View Post
What's the deal with not CNAMEing then? I've not heard that before.
I don't know if your question means:

1. why (to me) the advice to not use CNAME?

2. why (to OP) to avoid not using CNAME?

CNAME has a purpose. It very often gets used for things other than its intended purpose. I generally advise not using CNAME anywhere possible to avoid it, even for the intended purpose (which is not always possible to avoid, but sometimes is). The reasons for the advice include reducing the number of DNS lookups needed to find a host, and avoiding complications, such as what the OP has run into. I never use CNAME when a regular RR will do.
 
Old 03-06-2012, 05:37 PM   #8
MasterRoot24
LQ Newbie
 
Registered: Mar 2012
Distribution: Ubuntu, Gentoo
Posts: 2

Original Poster
Rep: Reputation: Disabled
Hello everyone.

Thank you for your replies.

@Skaperen: following from your reply, I'm now currently trialling the DynDNS Standard service - this appears to be just what I was after - it allows my to have my public IP as the domain root A record (so traffic to <whateverprotocol>://mypublicdomain.co.uk/ is catered for. This then allows me to set my MX records, as I've removed the need to CNAME to mydynamicip.homeip.net. It naturally allows integration with their DynDNS client, so should my public IP change, my site's A record will be changed accordingly.

You're right, it is a bit more expensive per year, but it's not astronomical and it's a service I've already been using for years - just the free version, so I know it's reliable enough for my current needs.

Thanks again for your input.

Cheers,

Joe

EDIT: I forgot to give credit to Noway2!

Quote:
Originally Posted by Noway2 View Post
The CNAME, or canonical name is just an alias for another A record.

@MasterRoot24, if you really want to use dynamic DNS and host the server on it, you might want to consider transferring the domain registration to DynDNS instead of 123-Reg. It will cost you a bit extra per year, but their Custom DNS service should provide the functions you are looking for. I believe that these options are available if they are the registrar for the domain.
@Noway2 - Thank you for this suggestion. This is what I think will ultimately be the solution to my problem.

Last edited by MasterRoot24; 03-06-2012 at 05:45 PM.
 
Old 03-06-2012, 06:00 PM   #9
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984
Quote:
Originally Posted by Skaperen View Post
I don't know if your question means:

1. why (to me) the advice to not use CNAME?

2. why (to OP) to avoid not using CNAME?

CNAME has a purpose. It very often gets used for things other than its intended purpose. I generally advise not using CNAME anywhere possible to avoid it, even for the intended purpose (which is not always possible to avoid, but sometimes is). The reasons for the advice include reducing the number of DNS lookups needed to find a host, and avoiding complications, such as what the OP has run into. I never use CNAME when a regular RR will do.
I meant your comment about best practises. To me it always seemed a good idea to use A records to refer to machines and static addresses, and then CNAMEs to relate to services running upon those machines. An arbitrary layer of abstraction I guess. Does add the extra lookup, but it's a nicer visio diagram!
 
Old 03-06-2012, 09:06 PM   #10
Skaperen
Senior Member
 
Registered: May 2009
Location: WV, USA
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,406
Blog Entries: 30

Rep: Reputation: 164Reputation: 164
Quote:
Originally Posted by acid_kewpie View Post
I meant your comment about best practises. To me it always seemed a good idea to use A records to refer to machines and static addresses, and then CNAMEs to relate to services running upon those machines. An arbitrary layer of abstraction I guess. Does add the extra lookup, but it's a nicer visio diagram!
I agree that makes logical sense. It's a good way to think about what you are doing. Where I disagree is how that comes to be what the DNS server actually serves. If a DNS server would "resolve" automatically, then it would be a good way to express it. But I don't want DNS answers to be revealing this (or require the extra query). If my web server is named "fred" at 44.1.2.3, I don't want "www CNAME fred" as part of the DNS answer. I want "www A?" to just get "www A 44.1.2.3".

If there was a means to write expressions that mean "www -> fred" and "fred A 44.1.2.3" and the server would answer "www A?" with "www A 44.1.2.3" from that, that would be great.

I guess you and I come down on different sides of the dilemma. You favor having the conceptual or abstract expression and I favor having the name server give explicit answers. Now if only there was a tool that allowed both.
 
Old 03-07-2012, 08:13 PM   #11
Skaperen
Senior Member
 
Registered: May 2009
Location: WV, USA
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,406
Blog Entries: 30

Rep: Reputation: 164Reputation: 164
Quote:
Originally Posted by acid_kewpie View Post
I meant your comment about best practises. To me it always seemed a good idea to use A records to refer to machines and static addresses, and then CNAMEs to relate to services running upon those machines. An arbitrary layer of abstraction I guess. Does add the extra lookup, but it's a nicer visio diagram!
I recalled another reason to avoid CNAMEs as much as possible (because I just ran into it, again): IPv6

When there is a CNAME and the referenced name does not have an AAAA record, but an AAAA record was being asked for, things get even slower, and sometimes fail to even look for the A record (because the first look failed). That should not prevent falling back to an A record, but sometimes it does (I'll have to investigate that when I get some time).

I just avoid CNAME as much as possible on my domains. I put the actual A or AAAA or MX or SPF or whatever appropriate records apply. I don't consider "administrator convenience" as an acceptable excuse for point a CNAME record in the zone. If "administrator convenience" is needed write a script (I have written some minimal ones, already).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Need New Public DNS Host tonyfreeman Linux - Networking 5 12-15-2010 10:04 AM
Public DNS Server Questions ZenNetwork Linux - Server 1 11-12-2009 02:01 AM
apache config vs public dns syok Linux - Enterprise 1 02-07-2009 08:44 AM
Registered DNS translate to public IP??? Why?? keiai03 Linux - Networking 2 03-29-2007 06:03 PM
DNS public host marius_vl Linux - Networking 5 06-01-2006 08:35 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 12:33 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration