Learn about Centmin Mod LEMP Stack today
Register Now

CDN DNS DNS Expert Advice please :-)

Discussion in 'Domains, DNS, Email & SSL Certificates' started by Curious#92761, May 31, 2017.

  1. Curious#92761

    Curious#92761 New Member

    22
    4
    3
    May 29, 2017
    Ratings:
    +8
    Local Time:
    9:47 AM
    Hi there

    I am moderatley comfortable with DNS - however, I am setting up a new server on vultr and would appreciate some expert help with deciding the best way to configure Primary / Secondary DNS delegation.

    The end result: I am wanting to achieve is the following:

    A primary domain (myhostingco.com) that points to my server instance. Then, point all customer domains to my primary domain nameservers (vanity nameserver) e.g. ns1.myhostingco.com - that in turn then resolve to the server.

    In other words - how best to achieve this scenario:

    1) myhostingco.com points to my server
    2) a new customer wants hosting and when I update their domain DNS to point to myhostingco.com - the changes take place globally in less than 15 minutes.


    This setup I hope, will make it easier to manage any future server or IP change, because I can simply update the Primary domain to point to the new server - and all of the client domains will simply follow.

    So - how to best utilise some kind of CDN / AnyCast system, so that whenever I change a customer domain DNS - it will very quickly propagate the change for that domain to the Primary domain nameserver.

    I am aware of CloudFlare, DNSME, BUDDYNS, Hurricane Electric etc.... but I'm not exactly sure which route to take / steps to take to achieve this, and would be grateful to receive your advice.

    Fortunately, this is a dev server (at the moment) and I have several test domains, so I can practice and nail this without affecting RW sites.

    Thank you
     
  2. eva2000

    eva2000 Administrator Staff Member

    29,031
    6,588
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,780
    Local Time:
    7:47 AM
    Nginx 1.13.x
    MariaDB 5.5
    cloudflare is cheapest but no vanity nameservers unless on enterprise plans

    i wouldn't bother with vanity nameservers anyway - clients knowing you use cloudflare is a positive for you as it means high uptime and reliability and speed associated with cloudflare for their domain DNS hosting
     
  3. Curious#92761

    Curious#92761 New Member

    22
    4
    3
    May 29, 2017
    Ratings:
    +8
    Local Time:
    9:47 AM
    thanks @eva2000

    How do you propose I achieve the desired set up when using Cloudflare?

    Like this?

    1) point myhostingco.com to Cloudflare
    2) set up cloudflare to point to my server IP
    3) where to point client domain e.g. myclient.com.au ? Do I just point to ns1.myhostingco.com
    Or do I have to set up each client domain to point to cloudflare?

    I'm new to cloudflare / anycast so I am not entirely sure what's the best way to achieve this.
     
  4. eva2000

    eva2000 Administrator Staff Member

    29,031
    6,588
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,780
    Local Time:
    7:47 AM
    Nginx 1.13.x
    MariaDB 5.5
    each client will need cloudflare account of their own to add their domains or you could have a separate cloudflare account used for clients and you can add their domains to that separate cloudflare account
     
  5. Curious#92761

    Curious#92761 New Member

    22
    4
    3
    May 29, 2017
    Ratings:
    +8
    Local Time:
    9:47 AM
    Thanks for your comment.

    Disappointing though! I don't think that will work if there are dozens of client domains.

    That's why I prefer a single primary domain change that I can then change that "master" dns and have all the client domains updated in one go.

    I thought that was really the point of a custom / vanity nameserver when used with an AnyCast type setup.

    Thoughts?
     
  6. eva2000

    eva2000 Administrator Staff Member

    29,031
    6,588
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,780
    Local Time:
    7:47 AM
    Nginx 1.13.x
    MariaDB 5.5
    probably need cloudflare enterprise plan for that - ask at Cloudflare Community

    but vanity doesn't allow you to update all clients at same time, you would still need to update their individual dns records for their domain. So if client1.com DNS A record needs changing etc you'd have to change that specifically and client2.com DNS A record would need changing too even if both client1.com and client2.com DNS A record point to same IP.

    If client1.com and client2.com both used vanity ns1.yourdomain.com nameservers, each client1.com and client2.com will still need to update their NS records if you change vanity nameservers i.e. dns1.yourdomain.com
     
    • Like Like x 1
  7. eva2000

    eva2000 Administrator Staff Member

    29,031
    6,588
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,780
    Local Time:
    7:47 AM
    Nginx 1.13.x
    MariaDB 5.5
    • Like Like x 1
  8. Curious#92761

    Curious#92761 New Member

    22
    4
    3
    May 29, 2017
    Ratings:
    +8
    Local Time:
    9:47 AM
    Yes I realise that every domain that uses my server needs a DNS update of course - at least initially to e.g. to CloudFlare.

    Whilst your point is correct, I was not thinking to change the vanity nameserver - but the IP address of the host server might change.... therefore, if I want to move Datacentres / host providers, or change server from serverA to serverB - it would simply be a matter of updating the IP address of where my vanity nameserver points to - rather than having to mass update all client domain DNS (since they would still use my vanity nameservers.

    The genesis of my thinking is due to a recent DNS failure (2 in one month) at current host which resulted in some hours downtime. I was wondering how best to handle a host DNS outage (they use AnyCast which is fantastic --- when it works :mad:)

    I have sent you a conversation request with some further thoughts...

    Thank you for all your thoughts and knowledge thus far! I appreciate your time :-0
     
  9. eva2000

    eva2000 Administrator Staff Member

    29,031
    6,588
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,780
    Local Time:
    7:47 AM
    Nginx 1.13.x
    MariaDB 5.5
    The vanity nameservers point to cloudflare or 3rd party dns provider i.e. dnsmadeeasy's nameservers so you wouldn't need to change the ip associated with your vanity nameservers when you move servers. Think of vanity nameservers as CNAME/alias to cloudflare or 3rd party dns provider's nameservers
     
  10. eva2000

    eva2000 Administrator Staff Member

    29,031
    6,588
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,780
    Local Time:
    7:47 AM
    Nginx 1.13.x
    MariaDB 5.5
    example How to Setup Vanity DNS for your Managed DNS Domain | Welcome to DNS Made Easy Tutorials
    but as I said before just use DNS provider's provided nameservers for easiest setup
     
    Last edited: May 31, 2017
  11. Curious#92761

    Curious#92761 New Member

    22
    4
    3
    May 29, 2017
    Ratings:
    +8
    Local Time:
    9:47 AM
    Yes, it looks like to use a vanity nameserver in CF it requires the business plan.

    So I guess the only answer is to import each client domain into CF separately!

    Then point each domain to my vps.

    Going to be a long week!
     
    • Agree Agree x 1
  12. Curious#92761

    Curious#92761 New Member

    22
    4
    3
    May 29, 2017
    Ratings:
    +8
    Local Time:
    9:47 AM
    Actually - I've just discovered something very interesting..... this post is as much for my record - as for your interest!

    I set up a test server with primary name mydomain123.com on 123.456.789 server IP, and set ns1.mydomain123.com and ns2.mydomain123.com nameservers

    Then I set up CF for the primary server domain: mydomain123.com

    In domain registrar for mydomain123.com I pointed to the dns nameservers that CF gave me. I also added my child nameservers: ns1.mydomain123.com > 123.456.789 and ns2.mydomain123.com > 123.456.999

    Then in CF I paused everything to just use their DNS - checked the DNS / A records etc all pointing to server.

    Tested mydomain123.com and it resolved fine - part 1 complete!!

    Here's the magic:

    Then in CF I added a NS record in the DNS setting page for the primary server domain and got this result;

    NS | mydomain123.com | managed by ns1.mydomain123.com
    NS | mydomain123.com | managed by ns2.mydomain123.com


    Then I went to a completely different domain myxyz.com - in another registrar and pointed its nameservers to ns1.mydomain123.com (also set up an account for myxyz.com on my server)

    guess what! It worked...:D

    myxyz.com adopted the nameservers from my CF primary domain!

    I have yet to test all functions... but an intodns report looks totally fine - all records appear to be correct (y)

    So now, if I have got this right - I can simply point any client domains using the same as above and once they propagate to my server domain child nameservers - I'm all set.

    Can you see any flaw in this method - other than of course the initial delay in getting the client domain to point to my child nameservers?
     
    Last edited: Jun 1, 2017
  13. eva2000

    eva2000 Administrator Staff Member

    29,031
    6,588
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,780
    Local Time:
    7:47 AM
    Nginx 1.13.x
    MariaDB 5.5
    if those ips are belonging to your servers and not cloudflare's ips, then ns1/ns2 are using your nameservers and not cloudflare's if i understand what you did

    use https://www.whatsmydns.net/ to confirm for NS record lookup

    only when your domain is using cloudflare's nameservers are you actually using cloudflare dns otherwise just adding domain to cloudflare isn't enough - as the domain's NS lookup needs to point to cloudflare's nameservers

    example centmin.sh domain uses cloudflare nameservers

    upload_2017-6-1_23-15-27.png
     
  14. Curious#92761

    Curious#92761 New Member

    22
    4
    3
    May 29, 2017
    Ratings:
    +8
    Local Time:
    9:47 AM
    whatsmydns shows the client domain as using my primary domain child nameservers (which are at the registrar and also added to CF)

    So is the client domain simply bypassing CF ? Presumably this is not an issue so long as the nameserver on the server does not change - and so long as I don't want any other features from CF for the client domain.

    When I tried this - the client domain that's pointing to the master domain's child nameservers - resolved in under 1 minute - so I'm not entirely sure how that can be a negative. It must still be utilising CF's DNS fast propagation.

    Anyway, for now it looks like I have an initial solution to enable me to move server IPs without having to update dozens of client domains. I can then slowly migrate each domain to CF as time permits.

    If you can think of any downsides - please let me know!
     
    Last edited: Jun 1, 2017
  15. eva2000

    eva2000 Administrator Staff Member

    29,031
    6,588
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,780
    Local Time:
    7:47 AM
    Nginx 1.13.x
    MariaDB 5.5
    whatever NS record is returned from whatsmydns is the nameserver being used so your client domain is using your nameserver via your domain registrar and not cloudflare's nameservers.
     
  16. Curious#92761

    Curious#92761 New Member

    22
    4
    3
    May 29, 2017
    Ratings:
    +8
    Local Time:
    9:47 AM
    Yes I got that - not really any benefit to the client domain.... will retest this through tomorrow !

    Cheers