Create and configure DNS records for a domain

Each domain name is managed by a Domain Name Server (DNS) that contains the necessary DNS records for its proper functioning.

This post describes how to create and configure the main DNS records for a domain.

Address Mapping records (A)

The A DNS record is used to associate an IPv4 address to a domain.

mydomain.com A xxx.xxx.xxx.xxx

ping -n mydomain.com

PING mydomain.com (xxx.xxx.xxx.xxx) 56(84) bytes of data.
64 bytes from xxx.xxx.xxx.xxx: icmp_req=1 ttl=53 time=18.7 ms

IPv6 Address records (AAAA)

The AAAA DNS record is used to associate an IPv6 address to a domain.

mydomain.com AAAA xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx

ping6 -n mydomain.com

PING mydomain.com(xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx) 56 data bytes
64 bytes from xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx: icmp_seq=1 ttl=56 time=23.5 ms

Canonical Name records (CNAME)

The CNAME DNS record is used to associate all records from one domain to another domain.

mydomain.com CNAME domain.com

Text records (TXT)

The TXT DNS record is used to associate a string to a domain. For example it is used to validate the ownership of a domain or authenticate email senders with DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework) standards detailled below:

mydomain.com TXT "abCdefGhijKLmnoPQRsTuvWxyZ"

DomainKeys Identified Mail (DKIM)

The DKIM DNS is a TXT record used to authenticate email senders (see Authenticate emails with DKIM on Debian or Ubuntu Linux).

dkim._domainkey.mydomain.com TXT "k=rsa; p=abCdefGhijKLmnoPQRsTuvWxyZ"

Sender Policy Framework (SPF)

The SPF DNS is a TXT record used to validate servers allowed to send emails on behalf of a domain name.

The a rule allows servers whose IP address matches one A or AAAA record of mydomain.com to send emails from @mydomain.com addresses.

mydomain.com TXT "v=spf1 a ~all"

The a:domain.com rule allows servers whose IP address matches one A or AAAA record of domain.com to send emails from @mydomain.com addresses.

mydomain.com TXT "v=spf1 a:domain.com ~all"

The include:domain.com rule allows servers whose IP address valids SPF record of domain.com to send emails from @mydomain.com addresses.

mydomain.com TXT "v=spf1 include:domain.com ~all"

These rules are cumulative and can be used with domains as with subdomains. More specific rules exist and are described on the SPF Record Syntax website.

Example summary

mydomain.com has IPv4 xxx.xxx.xxx.xxx and IPv6 xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx.

www.mydomain.com behaves like mydomain.com.

dev.mydomain.com hosts dev.mydomain.com website. It has IPv4 yyy.yyy.yyy.yyy and IPv6 yyyy:yyyy:yyyy:yyyy:yyyy:yyyy:yyyy:yyyy. It is allowed to send emails from @mydomain.com addresses.

prod-1.mydomain.com hosts mydomain.com website. It has IPv4 xxx.xxx.xxx.xxx and IPv6 xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx. It is allowed to send emails from @mydomain.com addresses.

Google Apps servers are allowed to send emails from @mydomain.com addresses.

mydomain.com A xxx.xxx.xxx.xxx
mydomain.com AAAA xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
www.mydomain.com CNAME mydomain.com
dev.mydomain.com A yyy.yyy.yyy.yyy
dev.mydomain.com AAAA yyyy:yyyy:yyyy:yyyy:yyyy:yyyy:yyyy:yyyy
prod-1.mydomain.com A xxx.xxx.xxx.xxx
prod-1.mydomain.com AAAA xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
mydomain.com TXT "v=spf1 a:dev.mydomain.com a:prod-1.mydomain.com include:_spf.google.com ~all"

» Install and set up Linux Debian 7
» Install and set up a web server on Debian or Ubuntu Linux

Leave a Reply

Your email address will not be published. Required fields are marked *

*