Domain Name Service (DNS)

Table of Contents

A Domain Name Service (DNS) allows your E-Mail and Web Server to use a name instead of an IP Address, so other people can find you by name. Some Internet Service Providers (ISP) will change your IP address every few months in a residential environment.

You pay a company to register [1] your unique name and assign it to an IP address. In turn they look up your IP address for anyone trying to connect to your name [2]. Kind of like the old telephone white/yellow pages where telephones were assigned to a fixed location (wire).

  1. Registration
  2. DNS

Dynamic DNS Providers (DDNS)

The primary reason to use a DDNS is to keep your IP address updated when it changes. They should supply a software/programming interface, or web page to change it.

Dynamic IP Address and E-Mail

Another requirement fulfilled by DDNS is support for E-Mail sending and receiving over SImple Mail Transport Protocol (SMTP). Some residential IP providers will block port 25 required by SMTP receiving and some providers will block E-Mails sending from a residential IP address.

This is where DDNS providers step in and accept port 25 on your behalf and redirect to another port at your server. They also provide outgoing SMTP services using their fixed IP business address to pass through other E-Mail handler's block lists.

SMTP2GO

SMTP2GO [1] is an example of a service that sends your E-Mail with a good reputation and is accepted by most all E-Mail handlers. They offer a free plan with a limit of sending 1000 per month. This is a good option if you can not send E-Mails on port 25.

  1. https://www.smtp2go.com/

No-IP

No-IP [1] sells a Mail Reflector to receive your E-Mails at their IP address if you have your domain registered with them. They will also hold your mail for up to seven days if your E-Mail server is down. Just like SMTP2GO they sell an SMTP Alternative Port service to send mail on another port from your host.

  1. https://www.noip.com

Putting It All Together

If your ISP blocks port 25, here is a workflow you can use to send and receive E-Mails over the Internet to and from a Recipent using SMTP2GO service and NO-IP extra service.

E-Mail Send over non-25 port using SMTP2GO -or- NO-IP Alternative SMTP Address.
sequenceDiagram
    participant Your Server
    participant SMTP2GO
    participant E-Mail Contact
    Your Server->>SMTP2GO: Sends E-Mail over port 2567
    SMTP2GO->>E-Mail Contact: Sends E-Mail over port 25

sequenceDiagram
    participant Your Server
    participant NO-IP
    participant E-Mail Contact
    Your Server->>NO-IP: Sends E-Mail over port 2567
    NO-IP->>E-Mail Contact: Sends E-Mail over port 25
E-Mail Receive over non-25 port using No-IP Mail Reflector.
sequenceDiagram
    participant Your Server
    participant NO-IP
    participant E-Mail Contact
    E-Mail Contact->>NO-IP: Receives E-Mail over port 25
    NO-IP->>Your Server: Receives E-Mail over port 2567

No-IP

No-IP [1] handles IP Address to Domain Name Services (DNS) and registration of domains.

They offers DNS services, DDNS, E-Mail, network monitoring and SSL certificates. E-Mail services include IMAP, POP3, SMTP, E-Mail backup services, E-Mail reflection and filtering.

A basic free account requires you to log in periodically. You can create up to three free hostnames, using several No-IP domains, or register your own domain. Some routers also support No-IP.

  1. https://www.noip.com

Dynamic Update Client

With a purchased dynamic domain you can run a Dynamic Update Client. This runs on several servers to check the IP address from your Internet Service Provider (ISP) for changes and updates my DNS resolution at noip if it happens to change.

It is started upon every boot by these lines in file /etc/rc.local:

# no-ip dynamix DNS
/usr/local/bin/noip2

Download here: https://www.noip.com/download

cloudflare

Cloudflare primarily acts as a reverse proxy between a website's visitor and the Cloudflare customer's hosting provider. They do name registration and also supply free personal DNS services complete with SSL certificate and Distributed Denial-of-Service protection, DNS Security (DNSSEC), and other services [1]. With twice as many Points of Presence (POP) than No-IP.

If security concerns top your priority list you can't go wrong with cloudflare. Their public DNS server addresses, 1.1.1.1 and 9.9.9.9 are super fast.

The cloudflare free tier supports uploading your web pages, integration with github's git workflow and several other methods for hosting a web site, except there is no ssh into a cloud server. These free web pages will be hosted on the domain pages.dev.

If you register your domain with then you can enable E-Mail forwarding [2] of the new domain to an existing E-Mail address. Their domain registration is very well priced compared to other reputable resistrars and comes with privacy protection of your whois records, something others charge for. They even have DDNS client update automation [3].

  1. https://www.cloudflare.com/plans/application-services/
  2. https://developers.cloudflare.com/email-routing/
  3. https://developers.cloudflare.com/dns/manage-dns-records/how-to/managing-dynamic-ip-addresses/

easyDNS

easyDNS [1] is one of the oldest domain registrar, DNS, web hosting and email provider. Their services are very similar to no-ip with a free entry level DNS [2] and easyMAIL services. However, just like no-ip you will want to buy domain privacy to protect your home address from web searches, $7.50yr in this case.

  1. https://easydns.com/
  2. https://easydns.com/dns/

Dynu DNS

Dynu DNS [1] is a single site DNS, DDNS, E-Mail, Certificates and VPS provider from Arizona USA. Their prices are much lower than No-IP for Email Forward and Outbound SMTP Relay, around $10 year. They also offer full service E-Mail and full access to your DNS records.

If I still used No-IP I would probably switch to them. If nothing else, check out the nice array of Network Tools [2], like SPF generator and DKIM Wizard.

  1. https://www.dynu.com/en-US/
  2. https://www.dynu.com/en-US/NetworkTools

NameCheap

Well now, doesn't that name say it all? Surprising to me, it actually works quite well and is half the price of the Big Boys.

Registering a new domain name and setting up DNS records is easy and painless. The wait for DNS world propogation is reasonable, and you don't have to be a DNS expert as they help you some of the trickier parts.

Best of all, no charge for Privacy protection of your registration address and phone number! Very nice.

  1. https://www.namecheap.com/

Virtual Private Server (VPS)

A VPS is located in someone else's building and only accessible over the network, like a cloud. These plans vary a lot from click only menus to complete root access. Of course they range from $3.00 per month to $30, with contracts into a one to three year time frame.

The advantage here is that they keep up the hardware, DNS and install the operating system. VPS setups offer fixed IP addresses, great for E-Mail hosting as no DDNS is required and port 25 is open, also they have a Graphical Control Panel (cpanel) for administration, and lastly they are a gauntlet against the Internet attacking your home residential network directly.

The disadvantages include Linux updates may be handled by the vendor, backups have to occur over the Internet, and their administrators will have full access to your host. So you should not put any financial or personal data on a VPS host. Also the extra cost could be an issue.

You need to invent your list of requirements. Something like:

  • OS: Linux
  • Database: PostgreSQL
  • Login: root shell
  • Network Bandwidth: 1TB per month
  • Memory: 2GB
  • Disk: 100GB
  • CPU: 2 cores

Here are just a couple of contenders in the market recently:

InMotion

Reference: https://www.inmotionhosting.com/cloud-vps

  • Linux versions available: CentOS, Ubuntu or Debian
  • Starting at $6.00 month

Configuring Your VPS or Dedicated Server as a Mail Server: https://www.inmotionhosting.com/support/email/configuring-your-vps-dedicated-server-as-a-mail-server/

Hostwinds

Reference: https://www.hostwinds.com/vps/unmanaged-linux

  • Choice of Debian, Ubuntu, Fedora, and CentOS
  • Hourly or monthly billing, starting at $4.99 mo

How to Install iRedMail on a VPS (CentOS 7): https://www.hostwinds.com/tutorials/how-to-install-iredmail-on-a-vps-centos-7

Kamatera

Reference: https://www.kamatera.com/Products/201/Cloud_Servers

  • 40+ Linux distros, from FreeBSD to CloudLinux
  • 30 day free trial, starting at $4.00 mo

How to Create a Linux VPS Server on Kamatera: https://www.linuxbabe.com/linux-server/how-to-create-a-linux-vps-server-on-kamatera

Install a Web Server

Now check that you have:

  • Registered your name with a registrar [1].
    • Example registration check using google:
$ whois google.com|grep 'Domain Name'
   Domain Name: GOOGLE.COM
Domain Name: google.com
  • Assigned an Internet IP address to that name using a DNS [2] provider.
    • Example DNS lookup check using google:
$ nslookup google.com|head -6
Server:		1.1.1.1
Address:	1.1.1.1#53

Non-authoritative answer:
Name:	google.com
Address: 172.253.62.102
  1. https://www.icann.org/en/accredited-registrars
  2. https://www.rfc-editor.org/rfc/rfc1034.html

If the above tests using your new name respond like google.com does, congradulations, you are ready to test a web site using that name.

Apache

Apache web server is the oldest web server still popular today with good support.

Installation

It's easy to install.

  • Debian:
$ sudo apt-get install apache2
  • Redhat:
$ sudo dnf install httpd

Configuration

Edit a new configuration file for a site called me..

  • Debian: File: /etc/apache2/sites-available/me.conf

  • RedHat: File: /etc/httpd/sites-available/me.conf

<VirtualHost *:80>
    ServerAdmin mail@www.example.com
    DocumentRoot /var/www/html
    ServerName www.example.com
	ErrorLog ${APACHE_LOG_DIR}/error.log
	# Possible values include: debug, info, notice, warn, error, crit,
	# alert, emerg.
	LogLevel warn
	#LogLevel debug
	CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Then enable that configuration.

  • Debian:
$ sudo ln -s /etc/apache2/sites-available/me.conf /etc/apache2/sites-enabled
$ sudo systemctl reload apache2
  • RedHat:
$ sudo ln -s /etc/httpd/sites-available/me.conf /etc/httpd/sites-enabled
$ sudo systemctl reload httpd

Check the link is enabled:

$ ls -l /etc/*/sites-enabled/
total 0
lrwxrwxrwx 1 root root 36 Oct 13  2018 me.conf -> ../sites-available/me.conf

To disable a site, simply remove the link file in /etc/*/sites-enabled/me.conf

First Page

Now create a landing page for your web site. They are normally placed in an index.html file.

File: /var/www/html/index.html

<!DOCTYPE html>
<html>
    <head>
        <title>ERROR 404 - Nothing to See</title>
      
        <style type="text/css">
            html,
            body {
                height: 100%;
                background-color: #666;
                font-family: Helvetica, sans-serif
            }

            body {
                color: #fff;
                text-align: center;
                text-shadow: 0 1px 3px rgba(0,0,0,.5);
            }

            h1 {
                font-size: 58px;
                margin-top: 20px;
                margin-bottom: 10px;
                font-family: inherit;
                font-weight: 500;
                line-height: 1.1;
                color: inherit;
            }
            
            .site-wrapper {
                display: table;
                width: 100%;
                height: 100%;
                min-height: 100%;
            }

            .site-wrapper-inner {
                display: table-cell;
                vertical-align: top;
            }

            .cover-container {
                margin-right: auto;
                margin-left: auto;
            }

            .site-wrapper-inner {
                vertical-align: middle;
            }
            .cover-container {
                width: 100%;
            }     
          .button {
    background-color: ##fff;
    border: none;
    color: white;
    padding: 15px 32px;
    text-align: center;
    text-decoration: none;
    display: inline-block;
    font-size: 16px;
    margin: 4px 2px;
    cursor: pointer;
}
        </style>    
    </head>    
    <body>
        <div class="site-wrapper">
          <div class="site-wrapper-inner">
            <div class="cover-container">
                <h1 class="cover-heading">ERROR 404 - Move along, nothing to see here</h1>
            </div>
          </div>
        </div>
    </body>
</html>

Check your file permissions, index.html should be owned by www-data and read for others:

$ chown www-data:www-data /var/www/html/index.html

$ chmod 644 /var/www/html/index.html

$ ls -l /var/www/html/index.html
-rw-r--r-- 1 www-data www-data 1894 Nov  8 19:47 index.html

Network Direction

Next you need to do Port Forwarding on your router. If your server IP address is 192.168.1.5, then in your router redirect port 80 to 192.168.1.5.

Don't forget to open port 80 on your firewall:

  • Debian
$ sudo ufw allow 80/tcp
  • RedHat
$ sudo firewall-cmd --permanent --add-port=80/tcp
$ sudo firewall-cmd --reload

The Big Test

Start the service:

  • Debian
$ sudo systemctl enable --now apache2
  • RedHat
$ sudo systemctl enable --now httpd

Now try your website by name:

http://example.com

If all went well, you should see this:

404.png

Continue

Now that you have set up an Internet name for your new server, consider giving it an internet certificate with Let's Encrypt.

Proceed in the order presented, some things are depending on prior setups.

Book Last Updated: 29-March-2024


Domain Name Services to Find Your Server - Linux in the House - https://linux-in-the-house.org Creative Commons License