0

I'd like to set up a DNS service on the same server that I use to host a domain's websites. I understand that this is not recommended, but there are a number of external factors prompting me to do this.

With a web server running on Port 80 & 443, I could easily run a DNS Service on port 53.

My question is the following: to point a registrar to a nameserver, you can't use an IP, so something like ns1.example.com would be required. Where and how would you be able to point ns1.example.com to the webserver, if you're not using the registrar's nameservers?

Patrick Mevzek
  • 9,273
  • 7
  • 29
  • 42
Thomas Gouder
  • 11
  • 2

2 Answers2

3

Your registrar should also offer somewhere in the control panel the ability to create "glue records". Glue records are records that are submitted to the TLD's registry. The question Mr Shunz linked to in the comments has a great answer on explaining exactly how DNS works and why this is required, so I won't go into any detail here, but it boils down to the following:

  • Create an A record for ns1.example.com pointing at the IP address you need it to. You'll need to do the same for ns2.example.com as there's a minimum requirement of 2 nameservers per domain name.*
  • Create the same glue records using your registrar's tools

Obviously I can't tell you how you might go about that as you've not told us what registrar you're using, but a simple Google search for " glue records" should start to point you in the right direction. Or ask your registrar's customer support team if you still can't find it.

Now to my asterisk...

You don't have to point your 2 ns records at different servers, but be aware that if you do point them at the same server and that server goes offline, your entire domain goes offline with it. And as NXDOMAIN responses can get cached at upstream providers, it might take a while to show up again when the DNS service on your server comes back online. This is why there's a minimum requirement of 2, to provide a "backup", in case one of the nameservers goes offline, you don't run the risk of having "no idea what domain name you're talking about" responses being sent to your users.

Patrick Mevzek
  • 9,273
  • 7
  • 29
  • 42
dannosaur
  • 953
  • 5
  • 15
  • Is it actually necessary to have two `ns` records if there is only one server? The [IANA standard](https://www.iana.org/help/nameserver-requirements) requires that there be two, but it also requires that they not resolve to the same IP address, so you're breaking those rules either way. Do some resolvers refuse to cooperate if there's only one? – Harry Johnston Sep 07 '18 at 23:33
  • glue records are only needed for the specific case of in-bailiwick servers (domain using namseservers being in the same domain), this is certainly not recommend to use for beginners in DNS – Patrick Mevzek Sep 08 '18 at 22:24
  • 2 nameservers is often required by registries, but this is policy not technical. Nowadays; specially with DNS anycast; a single nameserver record would work as well. Also 2 nameservers are not a backup: each one will be used for half the requests, statically. It is not one and then only the second if first fails. That happens for recursive nameservers, not authoritative ones. – Patrick Mevzek Sep 08 '18 at 22:26
  • @HarryJohnston back when the smallest linode was $20/mo I could add a second IP for $1/mo, giving me two different IPs on (usually) 2 different subnets on one machine. Add glue records for both and ns1.example.com and ns2.example.com become OK for using to register example.com with. Now that I can use a $5 machine, I have a second NS in a different data center (and backup MX too...) – ivanivan Sep 09 '18 at 00:19
0

Your A and NS records will look like this:

example.com.       NS  ns1.example.com.
example.com.       NS  ns1.example.org.
example.com.       A   203.0.113.7
www.example.com.   A   203.0.113.7
ns1.example.com.   A   203.0.113.7

Note that you need two name servers so you have to find a second server that can host your domain. I have added that in here as well.

Next you tell your registrar to use those two name servers for your domain. They will enter that information in their name servers. You will have to configure your instance of BIND with the above records.

Tommiie
  • 5,547
  • 2
  • 11
  • 45