DnsHosting

From HerzbubeWiki
Jump to navigation Jump to search

This page contains information about how I organize and configure the DNS hosting for the domains owned by the household.

The current DNS hosting provider is CloudFlare and the registrar is hosttech.


Domains

Domains owned by the household:

  • herzbube.ch: Patrick's personal domain.
  • francescamoser.ch: Francesca's personal domain.
  • moser-naef.ch: Our shared domain.
  • grunzwanzling.ch: A domain I registered for fun some time in the 2000's and haven't managed to let go.


dig

The command line tool dig is used to query DNS servers. See the Dig wiki page for details on its usage. This section only contains a few snippets.

To quickly get an overview of all records for my second-level domains: 

for domain in herzbube.ch francescamoser.ch moser-naef.ch grunzwanzling.ch; do
  for type in A MX TXT; do      
    dig @anna.ns.cloudflare.com $domain $type +noall +answer +multiline
  done
done


DNS records common to all domains

Records for web hosting

The following CNAME record for the "www" subdomain points to the server of the web hosting provider. 

www.<domain-name>.ch.   60 IN CNAME php81.solnet.ch.


The following A records for the second-level domain point to the same IP addresses that the web hosting provider's server points to. This allows a user to enter the domain name without "www" prefix and still see the website. 

<domain-name>.   60 IN A 212.101.13.181
<domain-name>.   60 IN A 212.101.13.81


To find out which IP addresses to use, check the web server's A records with 

dig +noall +answer php81.solnet.ch


Records for mail hosting

The MX records look like this: 

<domain-name>.   60 IN MX 10 mxext1.mailbox.org.
<domain-name>.   60 IN MX 10 mxext2.mailbox.org.
<domain-name>.   60 IN MX 20 mxext3.mailbox.org.


The TXT record with the SPF definition is this: 

<domain-name>.   60 IN TXT "v=spf1 include:mailbox.org -all"


For DKIM support the following four CNAME records exist: 

mbo0001._domainkey.<domain-name>.   60 IN CNAME mbo0002._domainkey.mailbox.org.
mbo0002._domainkey.<domain-name>.   60 IN CNAME mbo0002._domainkey.mailbox.org.
mbo0003._domainkey.<domain-name>.   60 IN CNAME mbo0002._domainkey.mailbox.org.
mbo0004._domainkey.<domain-name>.   60 IN CNAME mbo0002._domainkey.mailbox.org.


For DMARC support the following TXT record exists: 

_dmarc.<domain-name>.   60 IN TXT "v=DMARC1;p=reject;rua=mailto:postmaster@<domain-name>"


Finally, a TXT record such as the following must exist. The hex strings are 40 characters long and randomly generated by mailbox.org for each domain. The purpose of this TXT record is to prove to mailbox.org that I am in control of the domain. Only with this proof does mailbox.org allow me to receive mail for the domain. 

eaf6adb4ebc441bc416478dcccca9fe7bedfb40d.<domain-name>.   60 IN TXT "8e03cfbceef44698dbe2f8964ab32a94c092b31f"


Unclear purpose

Currently I have a CNAME record for all domains that defines the "direct" subdomain to be an alias for the second-level domain. I no longer recall the purpose of this CNAME record. 

direct.<domain-name>.   300 IN CNAME <domain-name>.


Domain-specific DNS records

herzbube.ch

The following CNAME records exist for the subdomains "acexpander", "kino" and "wiki". These are static websites. 

acexpander.herzbube.ch.   35 IN CNAME php81.solnet.ch.
kino.herzbube.ch.         35 IN CNAME php81.solnet.ch.
wiki.herzbube.ch.         35 IN CNAME php81.solnet.ch.

The following CNAME records exist for the subdomains "lg4w", "littlego" and "littlego-usermanual". These are project-specific websites that are hosted on various platforms. 

lg4w.herzbube.ch.                  300 IN CNAME ec2-18-217-223-162.us-east-2.compute.amazonaws.com.
littlego.herzbube.ch.              300 IN CNAME herzbube.github.io.
littlego-usermanual.herzbube.ch.   300 IN CNAME herzbube.github.io.

The following TXT records must exist to prove to GitHub that I am control of the respective subdomains. This allows me to verify the subdomains so that no one else can occupy them for whatever reasons. The record names and values are generated by GitHub. Domain verification is done in the GitHub user settings. 

_github-pages-challenge-herzbube.littlego.herzbube.ch. 300 IN TXT "e2b460987c69df1e8533199a3c617c"
_github-pages-challenge-herzbube.littlego-usermanual.herzbube.ch. 60 IN	TXT "ac180f625fd62d7fc24be202882034"

The following CNAME records exist for the subdomains "old-site", "old-site.kino", "new-site" and "new-site.kino". The purpose is to facilitate testing when a new build of the corresponding website is pushed to the web server. 

old-site.herzbube.ch.   300 IN CNAME herzbube.ch.
new-site.herzbube.ch.   300 IN CNAME herzbube.ch.


francescamoser.ch

This domain has no special DNS records.


moser-naef.ch

This domain has no special DNS records.


grunzwanzling.ch

The following CNAME records exist for the subdomains "old-site" and "new-site". The purpose is to facilitate testing when a new build of the website is pushed to the web server. 

old-site.grunzwanzling.ch.   300 IN CNAME grunzwanzling.ch.
new-site.grunzwanzling.ch.   300 IN CNAME grunzwanzling.ch.
Retrieved from "https://wiki.herzbube.ch/index.php?title=DnsHosting&oldid=7128"