Developers Docs

DNS

# DNS

Everything you need to know about DNS

# speeding up DNS changes

Go to https://dns.google/cache, select the type of record and the url you would like to flush and press "flush". You can test your changes by looking them up via https://www.digwebinterface.com/.

# Setting up DNSSEC

The domain has to be with our registrar Openprovider to be able to activate DNSSEC (access to the external registrar is also fine).

  1. Lookup the domain via in the plesk searchbar, open the "Hosting & DNS" tab and select DNSSEC.
  2. Click "Sign the DNS zone" and press OK when presented with the key settings.
    1. When the DNS is managed outside our servers you have to add the DS Records presented after step two to the external DNS records.
  3. Click "View DNSKEY Records" and copy the key below "yourdomain.tld. IN DNSKEY 257 3 8", this screen contains two keys which are needed in step 6.
  4. Open the Openprovider controlpanel (https://cp.openprovider.eu/web/action/index#/domain/overview) and find the domain. Click the domain name to open the page and click the pencil icon on the right to edit the domain.
  5. Scroll down to the DNSSEC settings section and select "Use DNSSEC"
  6. Create two keys, both 257 KSK with algorithm RSA/SHA-256(8) (the bold items in step 3), the first one uses the first key you copied in step 3. The second key is the second key in step 3.
  7. Scroll down and press "Save changes"

Now be patient and wait for the DNS and DNSSEC changes to apply. After a while you can check the status via https://dnssec-analyzer.verisignlabs.com/ or https://dnsviz.net/ for a more visual interpretation.

To speed up the process you can flush the SOA and DS records of the domain via https://dns.google/cache

# Syncing DNS Server

Because all three DNS servers should propagate the same DNS records you can manually force synchronisation.

  1. In plesk lookup "Slave DNS Manager" (not the most woke name)
  2. Hit the sync button and let it do it job untill the page refreshes with a succes message (this could take up to 15 minutes).
  3. Test yours DNS records by entering your domain url in https://digwebinterface.com, select the record type and in the right hand column enter our DNS servers: (https://digwebinterface.com/?hostnames=beeldr.nl&type=A&useresolver=8.8.4.4&ns=self&nameservers=ns1.beeldr.hosting%0D%0Ans2.beeldr.hosting%0D%0Ans3.beeldr.hosting)
    1. ns1.beeldr.hosting
    2. ns2.beeldr.hosting
    3. ns3.beeldr.hosting

# Fixing DNS errors

When the test above shows different results you should check the DNS logs and try to fix all errors that are displayed. It's good practice to do this once in a while, plesk sometimes screws up deletion of domains leaving a lot of dns records on our servers.

  1. Log in as root on CLI and scan the log files for DNS problems: cat /var/log/messages | grep named

Common actions