Creative External DNS

 /etc/init.d/named restart

Which will perform the following functions automatically: 

 /etc/init.d/named-vpn stop
 /etc/init.d/named-internal stop
 /etc/init.d/named-external restart
 /etc/init.d/named-internal start
 /etc/init.d/named-vpn start

Changing nameserver IP

Since we are not using portable IP addresses, the IP's we use will change when we switch to a different internet service provider (ISP). The old ISP will take back their IP, which our NS is pointing to, and we will get a new set of IP's. Before this change happens, it is good practice to lower the Time to live (TTL) of all our zones to a really low value (5 minutes is a good rule of thumb) and then wait for your old TTL to expire. In this example, the 2 86400 (in seconds = 1 day) lines should be changed to 300 (5 minutes). 

@       86400   IN      SOA     muppets.crecom.com.au.  hostmaster.crecom.com.au. (
                        2007021311 ; serial (Year,Month,Day,Hour/increment)
                        28800 ; refresh
                        14400 ; retry
                        360000 ; expire
                        86400) ; default_ttl

And like with any other DNS changes, do not forget to update the serial number. Once this is done. Log into our registrar www.crazydomains.com.au. Our login is "crecom" password is funky. Load the "Manage Domain Names" screen. Click on the domain you want to edit (one at a time) and click on "Update Name Servers". You can delete some or all of the NS records and add your new ones. You would have to delete and add the IP address of your NS records if changing ISP(as of this writing, we only have muppets.crecom.com.au for all our domains). Unlike other registrars, my experience shows that updates happen almost instantly. Use whois/dig to verify that the change is done: 

$ whois creativecomputing.com.au
  ...... snipped .......
Name Server:                     ns2.afraid.org
Name Server:                     muppets.crecom.com.au
Name Server IP:                  220.233.135.250

In this query the whois database creativecomputing.com.au, which reads 220.233.135.250. If this is the new IP, it means the change is successful. If this is the old IP, continue waiting. If it does not change (after 48 hours), and you don't get any emails, it means that something has stuffed up (note, when I did this multiple times, it happened almost instantly, within a minute of pressing OK). Once this is complete, modify the A record (of muppets.crecom.com.au) to read the new IP once the change has taken place. This will be a good time to update all the other records as well. Let a few days pass and verify that everything is working as expected and change the TTL back to 86400.

FreeDNS

We have set up an external DNS hosting service called FreeDNS. Under normal circumstances there would be no need to change this. But if we are changing IPs or adding a domain, you have to log in and use the web front end to change things accordingly. Open up their website at http://freedns.afraid.org. Our login name is CComputing2. Password is funky. After logging in and going into "Backup DNS", you will see a list of domains that we have set up. To add a new domain, click the Add button and enter muppets' IP adddress as the master. You can also change this IP by clicking on it on the list (When changing ISPs). In a few minutes (usually around 5-10), FreeDNS's servers will transfer records from our master DNS (muppets) and serve them.

Creative Internal DNS

 /etc/init.d/named restart

Which will perform the following functions automatically: 

 /etc/init.d/named-vpn stop
 /etc/init.d/named-internal stop
 /etc/init.d/named-external restart
 /etc/init.d/named-internal start
 /etc/init.d/named-vpn start

Externally hosted DNS

There are times when our internet connection (Exetel) goes down. We have moved our editing machine outside of the network so that we can change DNS records during these outages. The main NS records still point to our FreeDNS host and to muppets. These 2 machines then pull the records out of the editing machine.

If the Linode Centos 7 instance has not been reinitiated, the ip should stay the same. First try using controldns.crecom.com.au (go down to put this in your browser section). If it doesn't work, then you have to use the following procedure:

To get the IP of the editing machine log into our Linode Centos 7 console: https://www.linode.com/ and then click on "sign in"

Login is creativecomputing . Password is funky.

Click on "Linodes" tab. locate the public IP for crecomdns. put this in your browser:

https://<public_ip_address_of_crecomdns>:10000/

Log into webmin as root. the password for root is the same.

Go to Servers->Bind DNS Server. Find the domain you want to edit, example "crecom.com.au". Click on "Addresses". You can change the address records here (such as asp.crecom.com.au). When done with your changes click on "apply zone" on the upper right corner.

If abe needs to be moved offsite:

Follow above procedure for Externally Hosted DNS. When you get to the Bind DNS Server section, click on "crecom.com.au". Then "Addresses". Change the entry for "aspbak.crecom.com.au", it should have the IP we last used for our backup internet connection (Bernie's home IP). Leave the TTL to at 300. Click on "save" and then "return to record types". Click on "Name Alias". Click on "asp.crecom.com.au". Change real name to aspbak. Click on "save" then "apply zone". This should update the dns record.

Setting up SPF records:

Follow above procedure for Externally Hosted DNS. When you get to the Bind DNS Server section, click on the domain you want to set up SPF for, example "crecom.com.au". Then "Sender Permitted Form".

Fill in the following fields:

Name: @ Allow sending from domain's IP: Yes Allow sending from domain's MX host: Yes Additional allowed sender IP addresses/networks: IP address of computer to send, for example 220.233.88.72 Action for other senders: Discourage (~all)

Everything else, leave it the default value (no or blank).

Click on "save" then "apply zone". This should update the dns record.

DNS (last edited 2022-08-29 06:33:21 by 110-174-147-10)