External DNS step by step


#1

Hi – I just need a whole foreign domain (not just subdomain) to point to my DH account. I added the new domain as “fully hosted” in the Panel. At the registrar’s side, they ask that port 53 be open at DH’s end, which I’ve read they won’t.

I’ve read this, but I’m not sure what to do exactly. Should I note the IP address on the A record in Manage Domains > DNS, and use it on the registrar’s site? If yes, where should I put it exactly there? Can I create an A record at the registrar’s end? Should I leave the default registrar’s NS settings (or revert back to it, since I already changed these)?

Could a kind soul provide step by step (noob mode) instruction for this?

Also, I found this which seems to be a workaround for the fact the the DH IP will change. Will this work for a whole domain (vs. subdomain)?

Sorry to be dense, and TIA.


#2

Hang on – your use of the word “registrar” and “port 53” makes me think that maybe your problem is simpler than you think?

Let’s say the domain you have is example.com. Is example.com registered with a registrar, and you have control over which nameservers it points to?

If so, then it’s really easy; just ask your registrar to use ns1.dreamhost.com and ns2.dreamhost.com as your domain’s nameservers. (and ns3.dreamhost.com if there’s room for a third). All of those three machines will answer queries on port 53, yes.

If your situation is more complicated than that, then can you lay out exactly what you have in as much detail as you can stand to type out? :-)[hr]

[quote="tamino, "]Let’s say the domain you have is example.com. Is example.com registered with a registrar, and you have control over which nameservers it points to?

If so, then it’s really easy; just ask your registrar to use ns1.dreamhost.com and ns2.dreamhost.com as your domain’s nameservers. (and ns3.dreamhost.com if there’s room for a third).[/quote]

Here’s a screenshot of how I have one of my domains configured in my registrar, if this helps: http://www.wolfhut.org/~tamino/misc/dreamhost-nameservers.jpg

It’s possible that I’ve totally missed the point and your situation is something completely different, too :slight_smile: Let me know.


#3

Many thanks for your quick reply.

Unfortunately, no. It’s a foreign domain. I did set DH name servers in the registrar’s setup, and in the confirmation screen, they clearly mention that “port 53 must be open on the servers firewall”. Is this the case with DH? I read somewhere it wasn’t (but the post may have been outdated.

Right now, I did set DH three name servers at the registrar’s end, and after more than 12 hrs, a dig still indicates it resolved to the registrar’s servers.

Basically, I thought it would take more than just setup DH name servers at the registrar for foreign domains to work on DH. A “.co.il” domain in that case.

Thank you again!


#4

[quote=“ADB2, post:3, topic:54540”]
Unfortunately, no. It’s a foreign domain. I did set DH name servers in the registrar’s setup, and in the confirmation screen, they clearly mention that “port 53 must be open on the servers firewall”. Is this the case with DH? I read somewhere it wasn’t (but the post may have been outdated.[/quote]

Port 53 just means DNS, and yes, ns1.dreamhost.com (and ns2 and ns3) are DNS servers. Dreamhost’s web servers are not going to be listening on port 53, but Dreamhost’s name servers definitely are (it’s their job).

I’m curious what whois says. For instance, if I type “whois sarastro.org” at my shell, then I get a bunch of stuff that’s too long to copy and paste, but part of it is:

Name Server:NS1.DREAMHOST.COM
Name Server:NS2.DREAMHOST.COM
Name Server:NS3.DREAMHOST.COM

The text is formatted differently from registrar to registrar, but it always has the same basic stuff in it.

First your nameservers have to make it into whois (which is more or less bookkeeping data, and doesn’t affect DNS resolution). Then they have to make it into the root DNS servers for your TLD… it looks like .il is being served by:

il. 172800 IN NS sns-pb.isc.org.
il. 172800 IN NS ns-il.ripe.net.
il. 172800 IN NS nse.ns.il.
il. 172800 IN NS dns8.denic.de.
il. 172800 IN NS ildns.huji.ac.il.
il. 172800 IN NS nsd.ns.il.
il. 172800 IN NS nsb.ns.il.
il. 172800 IN NS lookup.iucc.ac.il.

Then finally, those servers are going to be handing out responses with a certain TTL, and so you have to wait for that length of time (whatever the TTL is) to be sure that people on the internet who had a cached copy of your NS records no longer have the old ones.

The bad news is, the .il nameservers seem to be handing out a TTL of 86400 seconds (1 day). That TTL is unlikely to be different between different registrars, so I just picked a .co.il domain at random to try this on:

dig +norec @nsd.ns.il -t NS petri.co.il
;; AUTHORITY SECTION:
petri.co.il. 86400 IN NS ns2.easydns.com.
petri.co.il. 86400 IN NS ns1.easydns.com.

So “it may take a while”. :slight_smile: But do check whois… if Dreamhost’s nameservers are listed in whois, then you’re well on your way and the rest is probably just waiting.

To my knowledge, there’s nothing special about “foreign” domains… or if there used to be, then that’s all gone in this age where European folks all have .com domains and americans are snapping up .tv and .fm like there was a reward. :slight_smile:


#5

Many thanks for your input.

In fact, it was just propagation time…

After waiting a bit more, it now seems to work great. I was able to do a Wordpress install, as with any other .com domain.

If someone runs across this thread later, all you have to do is enter DH’s name servers at your registrar, and that seems to be it!

Maybe the Wiki could be updated, because right now, it really makes you (well, me at least) feel like there are several extra technical steps needed. Maybe I’ll just add a few words along that (noob) line.

EDIT : I did add a few lines to the article

Thank you again, Tamino!-)