ClouDNS Blog - DNS and Cloud Technologies

How to set up a new DNS zone for your WordPress site

Martin Pramatarov / September 16, 2019September 17, 2019 / DNS

We will show you two different ways to set up a new DNS zone for WordPress, depending on if your site was created and hosted through WordPress.com or you have a hosting with a cPanel. We will show you a step-by-step guide for the two options.

In this example, we assume you bought a domain from Cloudns.net, and you are having one of our DNS plans. If that is not the case, the steps will be similar, but not the same.

Set up a DNS zone for sites hosted on WordPress.com

1. Go to https://wordpress.com/ and follow the process to create a web site. Register and log in.

2. Then choose the type of website, from the options, you would like to have.

3. Depending on the purpose of it, type a corresponding keyword, or a name you like.

4. Go for the free domain. You will be using the other domain name that you have already bought from us. In this example, the domain we will use is ricki.sx

5. Go to Cloudns.net and log in to your profile. Create a Master DNS Zone file. The Master Zone will let you write and read onto the DNS database.

To create it you must click on DNS zones and then select Master Zone option. Put just the domain name that you bought (without www. Or http://).

Now you have created the DNS zone for WordPress, and it is time to put DNS records.

6. We will add a CNAME record that will redirect to where your site is hosted. The CNAME is a canonical record. It serves to show that one domain is an alias for another one.

We will point the blog (blog.ricki.sx) to the domain (myburst.photo.blog) that was given from WordPress.com.

7. Then we will create a permanent redirect (301 redirect) that will map the ricki.sx to http://blog.ricki.sx and another for the www subdomain (www.ricki.sx) to the same.

Create a 301 redirect for www. subdomain

8. The final action, we want to do, is to edit the redirects and add “Redirect with frame.” This will make your visitors see just the redirected domain and not the original.

Ready.

Check our Premium DNS plans here!

Set up a DNS zone for WordPress site on hosting with cPanel.

1. Go to your hosting account and log in. Write down the IP address. You will need it in step 6.

2. Enter the cPanel and click on the Addon Domains. Addon Domains let you control more than 1 domain for your hosting.

3. Now create an Addon Domain with the new domain name rick.sx and subdomain www.

4. Go to your Cloudns.net and log in.

5. Create a Master Zone, so later you can add DNS records.

6. Create two A records. The first to direct from ricki.sx to the IP of the hosting (that one you wrote down back in step 1), and the second to direct from the www.ricki.sx to the same IP.

Ready!

You can find more interesting articles on our blog.

DNS Troubleshooting – tools and commands

Enjoy this article? Don't forget to share.

What is FQDN? What does FQDN do?

Martin Pramatarov / August 6, 2019August 6, 2019 / Domain names

FQDN, another hard-to-pronounce abbreviation. You don’t really need to know it to get a domain and set it up, but for the more curious of you, here it is.

FQDN

FQDN means Fully Qualified Domain Name. It is the fullest possible domain name of a host or a computer, on the internet. Here you can see the syntax of it:

[hostname].[domain].[tld]

It can also include a subdomain. The subdomain is not the hostname. It is just a part of the domain.

Let’s see an example with Cloudns.net. We read it from right to left.

www.cloudns.net

First is “.net”, which is the top-level domain. Then it follows the domain name “cloudns”, and the last is the hostname “www.”.

The hostname can show a specific service or protocol for the domain like “mail” or “ftp”.

The FQDN serves to show the exact location of an object inside the DNS hierarchy.

PQDN

PQDN is Partially Qualified Domain Name. It is just a part of the complete domain name. Let’s use our domain name again. The PQDN is, for example, “cloudns.net”. In this one, we don’t have the host “www.”.

How to make a FQDN lookup?

You can perform a FQDN lookup on your computer with any of the popular OS.

Windows 10. Go to “control panel” and click “system.” You will see it next to the “Full Computer Name.”

MacOS – Open the terminal, type “hostname –f”, and then press the enter button. You will see the FQDN.

Linux – similar to the MacOS, open the terminal, but this time type “hostname –A”.

Why do you need FQDN?

You will need FQDN to make a device accessible on the internet. You will use it to configure your DNS and get an IP address.

Another use case is when you want to get an SSL certificate. Today, almost every site has one, and you need to provide the FQDN to obtain it.

Remote Access. The DNS server will perform a lookup in its registers and resolve the FQDN to the correspondent IP address.

Access a protocol or a service. If you want to use a FTP for example, you will need the Fully Qualified Domain Name or IP. Also, for setting up email for specific applications, you will need it.

Conclusion

Fully Qualified Domain Name is used all the time, even if you don’t see it directly. It is the full identifier of the domain names.

Enjoy this article? Don't forget to share.

What is IPAM? Can you work without it?

Martin Pramatarov / August 1, 2019October 21, 2019 / Internet

In the modern tech world, we are surrounded by connected devices. Everybody wants to connect to the internet from their smartphone, tablet, computer, and sometimes, even with a few gadgets at the same time. For each of these devices, we need IPs, which identify them on the network. The IPs can be given manually or by software. IPAM is such software for IP management.

What is IPAM?

IPAM – IP Address Management. It is a method of planning, tracking, and administrating the information related to IP address space. With IPAM software, a network administrator can manage the available IPs. This type of software can automate IP management, DNS, and DHCP configurations.

A typical IPAM software can:

Show you the available IPs at the moment.
The status of the IPs – permanent or temporary.
The hostname related to each IP address.
Routers in use by each device.
Show the subnets, who is using them and how large they are.

Working without IPAM

Yes, it is possible to live without IPAM, but it is harder. The IT staff can manage a small network with a spreadsheet. In it, there can be a table of IPs, connected devices, routers, and port numbers. The problem starts when the network gets bigger. The admin will have to check far many IPs and continuously update the spreadsheet.

Several obvious problems could arise:

IP address conflict. If there is no DHCP well-configured, and the admin is doing it manually, IP conflict could happen. If two devices get the same IP, none will be able to connect. This could be particularly annoying if one of the devices is a server, and it can lead to a massive outage.
Security problems. There is a high-probability of security breaches. The accountability is weak, and a new device could connect to the network.
Compliant issues. Depending on which country you are in, having logs and reports for your IP address space might be required. You will need to provide a proper report.
Troubleshooting problems. Manually, everything is harder. Finding the exact network problem might be a nightmare. Is it the port, IP conflict, or something else? It can take ages.

Open-source IPAM Software

There are plenty of IPAM software out there, but if you have a small or medium-size business a free open-sourced IPAM can be the right choice. All of these options support IPv6 and VRF (virtual routing and forwarding).

NetBox – It works with PostgreSQL database, under Apache license.

GestióIP – It has a web-based interface, advanced search options and uses MySQL under GPLv3 license.

phpIPAM – Another good free option with many features. phpIPAM uses MySQL and MariaDB under GPLv3 license.

These 3 options will get you started with IPAM. Later, if they don’t all of your needs, you can check paid software too.

Conclusion

IPAM is an excellent way of removing network burden from your IT staff. It will make the network administration far easier and organized. Applying IPAM in your company can improve productivity and reduce network problems.

Enjoy this article? Don't forget to share.

What is PowerDNS? Open-source BIND alternative

Martin Pramatarov / July 30, 2019July 30, 2019 / DNS

Have you ever heard about PowerDNS? It is a complete software platform that you can use instead of BIND. It provides excellent performance and doesn’t use a lot of resources.

The history of PowerDNS

The company started in 1999 with the task to write load balancing software for V3 Redirection Services for “come.to”, “browse.to“, and “go.to”. Back then, it was still a close-source. After the Dot Com Bubble, the company needed to re-think their future and released the software as an open-source. It started to provide commercial services from 2005 and in 2015 became a part of Open-Xchange.

PowerDNS platform

PowerDNS or pdns is an open-source (GPL) software. It provides software to create authoritative DNS, Recursive DNS, DNS loading balancer, Debugging tools, and APIs to provision zones and records. A complete suite of DNS-related software that you can use for your company.

Authoritative Server

It enables the authoritative DNS service from all popular databases like MySql, Oracle, PostgreSQL, SQLite3, Microsoft SQL Server, LDAP, and text files.

Authoritative Server works with many different scripts like Java, Python, C, C++, Perl, Lua. You can use it for dynamic redirection, spam filter, or real-time intervention.

Authoritative Server supports DNSSEC. It hosts 30% of all domain names in Europe and close to 90% of all DNSSEC domain in the same area.

Recursor (recursive DNS)

It provides a high-performance recursive DNS server. PowerDNS Recursor can use multiple processors. Just like the Authoritative Server, it supports various scripts. A good advantage is that it can be reconfigured without downtime.

Dnsdist (load balancer)

Dnsdist is a powerful load balancer. It can route the traffic to the optimal servers delivering excellent performance. It also can block abusive traffic and provide DoS protection.

Benefits of PowerDNS

Instant startup when hosting many domains
Use of multi-core (32+ cores) processors
Low memory requirement
DNSSEC
High performance
Support different scripts
Support different types of databases
IPv6 support

Conclusion

PowerDNS is a great alternative to BIND. It is full of features, and it can provide a quality and secure service.

Enjoy this article? Don't forget to share.

DNS Troubleshooting – tools and commands

Martin Pramatarov / June 9, 2019June 10, 2019 / Tools

Your DNS is not working well, and you have no idea what is happening. It is time for DNS troubleshooting. There are plenty of options that could help you discover the DNS problem. We will show you the most popular and practical for your needs.

DNS basic knowledge

If you searched “DNS troubleshooting” you probably know what DNS is, so we will go directly to the business. You can check the types of DNS records. You can troubleshoot specific DNS record to see if there are problems with them. It is possible that the DNS records were not configured correctly.

DNS Troubleshooting Tools

There are plenty of tools that you can use. The tools can be specific for Linux, Windows, or Mac OS, or they can be browser-based. Most of the tools that we will show you overlaps in functionality, and it will be your decision which one you would use in the future.

Check if the problem is not just in your device

Before you start with the DNS troubleshooting, check if the problem is only local. If you are trying to access your website, but you are getting this message “DNS_PROBE_FINISHED_NXDOMAIN” the problem might be in your device. We recently wrote a way to fix it. Go and read the article.

Dig command

Linux dig command, how to install it and use it

Good tool for DNS troubleshooting. You can see all the DNS records. You can use it on Linux and Mac OS, but you can search for a port for Windows too. A typical dig command will show you an Authority Section. You can see if the DNS is pointing correctly.

Use it with +trace in dig +trace combination “dig +trace YOURDOMAIN” to see the whole route of your query. This way you can locate the exact problem.

Dns.computer

https://www.dns.computer

This one is simple and easy to use browser-based lookup tool. You can perform DNS troubleshooting with it even from your cell phone. Check a domain and get a fast result about the name servers, response time, SOA records, and A records. You can see if a server is not responding or if it is responding too slow. It is missing different DNS records, but it is convenient for a quick check.

Traceroute

Traceroute command and its options

As the name suggests, this will be ideal for checking the entire route of a DNS query. You can use it on Windows as Tracert, Linux and Mac OS as traceroute. You can try it with a domain or IP address, and you will see a result with all the hops and response time.

NSLookup

10 most used Nslookup commands

NSLookup lets you check any type of DNS record. You can use it to see all the available DNS records, or you can look for a specific type like – A, AAAA, SOA, MX, NS. You can use it to troubleshoot a domain using a particular port too.

Host command

Linux host command, troubleshot your DNS

Host command is very similar to the NSLookup but available only on Linux. You have to write the commands in the Terminal, and you can see the different types of DNS records.

One thing that you can troubleshoot if you have problem with your emails are the TXT records. You can see if there is a SPF record. It is a TXT record that prevents spoofing and stops your outgoing emails from going directly into the spam folder.

Ping command

What is Ping? How to use Ping?

You can use Ping command on Windows, Mac OS, and Linux. By using ping, you can see if the name server you want to reach, responds. You can also check the time of the response and the TTL.

If the domain that you are troubleshooting doesn’t respond, but the IP gives results, that there is a problem in the hostname resolution. Check if the DNS servers are pointing to the right direction.

DNS Troubleshooting Conclusion

There are plenty of useful tools that you can use for DNS troubleshooting. Try all of these and find the right one for you and your problem. Many overlaps in functionality, but have some small differences that can help you in a specific case.

As you saw, there are utilities for every operating system so that you can find the problem easily. After you see where the problem is, it is easy to fix it.

Enjoy this article? Don't forget to share.

Linux host command, troubleshot your DNS

Martin Pramatarov / June 6, 2019October 21, 2019 / Tools

Today we will add one more handy DNS tool – host command on Linux. For the purpose, we will use the latest Linux Mint 19.1 (based on Ubuntu Linux). For those of you who are used to Windows, Linux host command is very similar to nslookup, but a bit more advanced. Host command replaced the nslookup on Linux-based operating systems. You can use it to check different types of DNS records.

Host command syntax

If you want to see the syntax of the host command and the options that it has, you can simply write “host” and press “Enter.”

host [-aCdlnrsTwv] [-c class] [-N ndots] [-R number] [-t type] [-W time] [-m flag] [-4] [-6] hostname [server]

Host command Options

Here you can see all the available options. Whenever you forgot them, just write “host” in the Terminal.

Host command examples

For all the cases we will use Google.com. You can change Google.com with your domain or whichever else domain that you are interested in. We will give you several examples that can be useful for your work.

Search for the IP address of the domain.

host google.com

You will get IPv4 and IPv6 results for the domain.

SOA Record

See the Start of Authority records with this command.

host –C google.com

Check the name servers of the domain

host –t ns google.com

It will display the name servers of the host. The –t, we use to specify the type of query.

Check a particular name server

You want, for example, to review the ns1, so you type:

host google.com ns1.google.com

CNAME record

host –t cname mail.google.com

You can use it to find CNAME record

MX record

Check the incoming mail server with this query

host –n –t mx google.com

TXT Record

You can also check TXT records

host –t txt google.com

Decide the Waiting time for a query

You can use –w to wait forever or –W and time in seconds to decide how long to wait for a reply.

host –T –W 10 google.com

Reverse lookup

You can also check the IP and see the host

host 216.58.194.142

Host command to see all of the DNS records for a domain

host –a google.com

You will get information about various types of records – NS, AAAA, MX, etc.

Conclusion:

This was the host command. Now you have one more way to troubleshoot your DNS. If you are interested in DNS diagnostic we recommend you the following articles too: Dig command, Nslookup, Traceroute and Ping. They will expand your knowledge in DNS diagnostic.

Enjoy this article? Don't forget to share.

DNS_PROBE_FINISHED_NXDOMAIN, now what to do?

Martin Pramatarov / May 29, 2019October 21, 2019 / DNS

Imagine the situation, you are browsing the internet, minding your own business and suddenly you see DNS_PROBE_FINISHED_NXDOMAIN in your Chrome browser! You didn’t enter the page you wanted, you hit refresh and still nothing! Now, what to do?

What is DNS_PROBE_FINISHED_NXDOMAIN?

It is a DNS-related error that shows that the domain that you are trying to reach does not exist (NX means non-existing). The DNS can’t find the corresponding IP address to the domain you just entered.
Most of the times this is a DNS configuration problem, and the problem is in your device, not in the domain itself.

Ok, we said Chrome, but does this happen when you are using other browsers?

We mention Google Chrome, where you get “This site can’t be reached,” but you can get a similar message in any other browser. Mozilla’s Firefox will show you “Hmm. We’re having trouble finding that site”, Microsoft Edge “Hmmm… can’t reach this page”, and almost identical messages on the rest of the browsers.

Ok, so what to do when we see the DNS_PROBE_FINISHED_NXDOMAIN?

There are several ways that you can fix your problem. Let’s explore the possibilities:

1. Flush the DNS cache

If it is bad-configured DNS, the easiest is to start from zero. Flush the current DNS cache and renew the IP address.

For Windows users, follow these steps:
Open the Command Prompt as an administrator. Click the start menu icon and write “Command Prompt,” then run as administrator. Then type “ipconfig /release” and press Enter on your keyboard. Now you can see your current IP address. After that, write “ipconfig /flushdns” and press Enter. You flushed the cache, “Successfully flushed the DNS Resolver Cache.” Next thing to type in “ipconfig /renew”. And now your IP address has been renewed.

Flush DNS to fix DNS_PROBE_FINISHED_NXDOMAIN

For Mac OS users:
Go to “System Preferences…”, then “Network” and later “Advanced.” When you are there, go to TCP/IP and click the “Renew DHCP.”
You can also delete the DNS cache. First, open the “Utilities” and then the “Terminal.” The command you need to write is “dscacheutil –flushcache” and press Enter. It is ready. There is no confirmation message here.

For Linux (Linux Mint, Ubuntu):
If you are using Linux Mint or Ubuntu, by default, the DNS cache is disabled. You can check if it is enabled with the following command “ps ax | grep dnsmasq”. In the message that you’ll get check if “cache-size=0”, then it is disabled. If it is enabled, write the following command “udo /etc/init.d/dns-clean restart”. Then type “sudo /etc/init.d/networking force-reload”. Done!

Linux Mint fix DNS_PROBE_FINISHED_NXDOMAIN

2. Reinitiate the DNS Client Server.

For Windows users, we will use the “Run” to open “services.msc.” Now you will see all the services that run on your computer. Go to DNS Client, stop it and start it again.

Restart DNS client to fix DNS_PROBE_FINISHED_NXDOMAIN

3. Change the DNS servers

Your internet provider automatically set your IP address, using their DNS servers. But you have the chance to change to another DNS server like Google’s public DNS.

Windows:
Go first to “Control Panel,” then “Network and Internet” and later “Network and Sharing Center.” There click the “Change adapter settings” and select the network that you are using. Go to properties, search for the “Internet Protocol Version 4” and click on the properties. Set the following DNS servers 8.8.8.8 and 8.8.4.4

Mac OS:
“System Preferences,” Network,” and then “Advanced.” Click on DNS and add the same 8.8.8.8 and 8.8.4.4.

Linux (Linux Mint, Ubuntu):
Open “System Settings,” “Network.” Then select the network that you are using and choose “Settings.” Go to the “IPv4 Settings,” and there you will see “Additional DNS servers.” add “8.8.8.8, 8.8.4.4”.

4. Chrome Flags Reset.

Maybe the problem comes from your Chrome browser. Go to your Chrome browser and type “chrome://settings/clearBrowserData” in the address bar. Delete the “Cached images and files,” “Cookie and other site and plugin data” and “Browsing history” from “the beginning of time.”
After that type “chrome://flags/” and a menu will open. Click on the “Reset all to default.” Now restart the browser, and you are ready.

Conclusion

Next time when you see the DNS_PROBE_FINISHED_NXDOMAIN don’t panic. There are easy solutions to this problem. Just try one of those, and you will be ready is a few minutes.
If the site that shows the error is yours, and after trying nothing is happening, go and check if the domain is correctly redirected. If no, do fix it.

Don’t stop following our blog, which is full of exciting and useful articles!

Enjoy this article? Don't forget to share.

Linux dig command, how to install it and use it

Martin Pramatarov / May 22, 2019October 21, 2019 / Tools

Dig command (Domain Information Groper) is one of the most popular DNS testing tools. You can use it to troubleshoot your DNS and make sure everything works fine. You can try it on Linux, Mac OS, and Windows. For this demonstration, we will use a random old laptop with the latest version of Linux Mint (19.1). Linux Mint is based on Ubuntu Linux. Many old laptops can get a new life as a diagnostic tool.

How to install the dig command on Linux?

First, let’s check if you already have the dig command installed. You can do that by opening the terminal and writing dig -v. If you have it, your computer will show a message similar to this one:

DiG 9.11.3-1ubuntu1.7-Ubuntu.

Many new Linux distros have it pre-installed. In case you don’t have it, you will get the following message:

dig command not found

For Linux Mint, Ubuntu and other Ubuntu-based Linux distributions you can use the following command:

sudo apt install dnsutils

If you are using Fedora or CentOS you should use:

sudo yum install bind-utils

And for Arch Linux users:

sudo pacman -S bind-tools

Understanding the dig command

Let’s start with a simple example to understand it. We will use google.com for the testing. You can try it directly with your domain, by simply replacing google.com with your domain.

dig google.com

The first line will inform you about the version of the dig command and the second about the global option.

After that, you will get technical information provided by the DNS nameserver. The header shows you what did you do and was it successful. If there is “NOERROR” that there was no problem.
You will see the answer for the EDNS.
Following line shows that by default you are requesting the A record.
You will get the answer for the A record – the correspondent IP address and you will get statistic about the query.

More dig command examples:

dig google.com +short

This will show you just the IP address without any additional information.

dig google.com MX

You can query different types of records like the mail exchanger ones. MX records show the responsible mail server for accepting emails.

dig google.com SOA

SOA – the start of authority, shows the authoritative DNS server.

dig google.com TTL

TTL – time to live. It shows how long the data should be kept. You can read more about TTL HERE.

dig google.com +nocomments +noquestion +noauthority +noadditional +nostats

Only answer query. Use it if you don’t want to receive extra information.

dig google.com ANY +noall +answer

Query all types of DNS records. It will show all the different types of DNS records.

dig -x 172.217.1.142

Reverse DNS lookup. You can also do the opposite and check the IP address. The rDNS is used for verification. The result will be a PTR record that verifies the nameserver.

dig @8.8.8.8 +trace google.com

Trace DNS Path. It will show the whole route that a DNS query takes. Every hop from a server to server. It can show you where exactly server is not working.

11 dig -p 5300 google.com

Specify Port Number. If you have changed the standard port 53 to another for increased security, you can make a dig command to check if it is working correctly.

Now you know the basics of the dig command on Linux. You can start experimenting by yourself.
You can get some additional information about the dig command and a few more options to try in our Wiki.

We can recommend you a few more tools that can be useful for your DNS diagnostic Nslookup, Traceroute and Ping.

Sources used:
Linuxize.com
Tecmint.com

Enjoy this article? Don't forget to share.

DMARC, the solution for your phishing problems

Martin Pramatarov / January 2, 2019January 2, 2019 / Protection

Phishing attacks are a real danger for every business. It can severely damage the brand name, and it can lead to less trust and leaving of clients. The attackers can spam or phish with emails that use your brand logo and looks just like your emails. Even you won’t see a difference between one of these fake emails and the original emails sent from your servers. We have already talked about SPF and how it verifies the outgoing mail server. There is also another DKIM technology for signing emails. Domain-based Message Authentication (DMARC) uses both of them to take pre-defined actions. Double protection for lowering the chances of phishing and report system for better management.

DMARC

Continue reading “DMARC, the solution for your phishing problems”

Enjoy this article? Don't forget to share.

DNS history. When and why was DNS created?

Martin Pramatarov / December 27, 2018October 21, 2019 / DNS

We have talked a lot about DNS. How does it work, and all the related topic around it. But we have never spent some time about the DNS history. What led to the need for DNS? Who was the great person who invented it?

Continue reading “DNS history. When and why was DNS created?”

Enjoy this article? Don't forget to share.