DNS can and does mean | Domain Name System | Domain Name Server
DNS is normally one of the most misunderstood features of an OS X Server setup.
DNS is primarily to make 'humans' be able to navigate around the Internet a bit easier. Everyone can remember http://www.google.com and http://www.amazon.co.uk but not many people would remember http://207.171.166.149 (Amazon) and http://66.102.9.99. (Google). In most web browsers you don't have to type in "http://" it gets added for you. In some you don't have to type in the "www" bit either. In Safari you can just type in apple or amazon or mac-help and you will be transported to www.apple.com www.amazon.com or www.mac-help.com. Only works for .com addresses !
DNS Servers are in essence like telephone directories, (they are an active distributed database) ie you ask for a web site in your web browser this then sends a request to a Domain Name Servers this then translates the request into an IP address which then allows your computer to request the web page from that server. Domain Name Servers can translate from an IP address to a name and back again (reverse lookups).
Most 'users' experience of DNS is on their home computer. When you sign up to an ISP (Internet Service Provider) they will normally give you some information to allow you to use their service, how to set up your modem etc. Amongst this will be 1 or 2 DNS IP Addresses. Without these, if you type in www.bbc.co.uk into your web browser then it would give an error saying that it couldn't be found if however you had typed in the IP address that 'resolves' to the Amazon web server 207.171.166.149 then you would go straight to the page. Sometimes DNS servers can be down and when you type an address into your web browser it won't be found. I find it's always best to have a couple of IP addresses written down on your Mac somewhere...then if you can't access any web sites type in one of the IP addresses then if it works you know your ISP DNS Servers are currently down.
One handy tip to find out the IP address of your favourite websites, go to your Applications folder ---> Utilities Folder ---> Network Utility. Open up Network Utility and go to the lookup tab...then enter in the domain name ie www.amazon.co.uk and then hit return...this will then give you the IP address ! Lookup works both ways...type in an IP address and it will tell you the host name etc...Network Utility has a lot of good functions if you need them !!!
Anyway back to DNS on the OS X Server Software...
Mac OS X Server 'can' be a Domain Name Server, that's to say if set up correctly it will translate IP addresses to names and also translate names to IP addresses.
This is implemented by using 'Zone Records'. Zone Records are text files that are kept on the server with the relevant IP address and the matching 'name'.
There are lots of different types of Zone Records...two types you must implement are forward and reverse records.
To start with we will need the IP Address of the server and it's host name. We will also need the router address and the net mask, If you are unsure of either of these, IP address can be found by typing :
ifconfig | grep "inet " | grep -v 127.0.0.1 | cut -d\ -f2
into your terminal and then press return.You can find out the host name by typing:
hostname
and then press return, into your terminal.
or you can go to the Network preference and get the info from their.
Once you have these you can now setup the Domain Name Server on your Mac OS X Server.
We will be changing our server from a 'Standalone Server' to a 'Master Server', but not until we have got the DNS Server functioning correctly ! This helps us check the DNS Server is working properly.
For this example our Server is an Xserver which we have named:
Computer: xserver
Hostname: xserver.mac-help.com
Rendevous name: xserver
To Set up Forward and Reverse Zone Records:
1) Launch Server Admin
2) Select the DNS Service from the list on the left.
3) Click the settings tab at the bottom
4) Select the Zones tab
5) Click the + button under the zones pane
6) Enter the zone name, ours is
mac-help.com.
then enter the SOA (Source of Authority, the name of the computer running the zone !)
xserver.mac-help.com.
Now enter an admin email, use a real one !
admin_no (e-mail address removed).
(the full stops at the end of each line are meant to be there, it is not a typo !)
then press OK !
7) You have now set up a name space record !
8) Now, click the + button under the records pane, whilst the mac-help.com zone is selected in the left hand pane !
9) Choose Address record from the list (A type).
10) In the Map from...we would enter the FQDN (Fully Qualified Domain Name)
xserver.mac-help.com.
11) In the Map to field...we would enter our IP address
10.0.1.1
12) Select the "Create reverse mapping record" checkbox.
13) You should now have two zone records in your zone list for the zone mac-help.com
14) Now click the 'Save' button.
15) Click the start service button !
The most common failure/error when someone is editing/creating DNS records is to not have the period at the end of each line !
This will prevent your DNS Server from functioning correctly ! Type carefully !
16) Now we need to check that we have set up this stage correctly ! Go to the network prefs pane and change the DNS server IP Address to your IP address ours would be:
(your IP address and the DNS Servers address will be the same !)
10.0.1.1
Then change the search domain to :
mac-help.com
17) Depending on what else your server is doing, I normally give it a reboot at this time, go get a coffee !
Now we need to check our work:
18) Open Terminal and type:
hostname
press the return key
this should give you the FQDN ---> ours would be:
xserver.mac-help.com
presuming this is correct (if not get another coffee, and then go and check for missing periods !)
19) Open terminal and type:
host xserver.mac-help.com
(one space after 'host')
press the return key
This should give you your IP Address ! Ours would have given:
10.0.1.1
20) Open terminal and type:
(replace IP with yours!)
host 10.0.1.1
(one space after 'host')
press the return key
This should resolve to your FQDN ! Ours would have given:
xserver.mac-help.com.
21) Pat yourself on the back your basic DNS is now setup and working correctly !
22) More coffee. Make yourself a written (pen and ink cheat sheet, or print this out and add in your settings). You don't normally have to do a lot of work with DNS and you may forget what you have done the next time you come to do something !
Now we're going to add an alias record for our Web Server ( we are presuming that this runs on the same machine!)
23) Back to the Server Admin, DNS Service.
24) Now, click the + button under the records pane, whilst the mac-help.com zone is selected in the left hand pane !
25) Select an Alias (CNAME) record from the pop up menu.
26) Add in as before, our would be:
Map from: xserver.mac-help.com.
Map to: www.mac-help.com.
27) Now press okay, then you need to stop and then restart DNS Services, personally I would just reboot !
Now we will add in the MX Records for the Mail Server
28) Back to the Server Admin, DNS Service.
29) Now, click the + button under the records pane, whilst the mac-help.com zone is selected in the left hand pane !
30) Select a Mail Exchanger (MX) record from the pop up menu.
31) Add in as before, our would be:
Map from: mac-help.com.
Map to: xserver.mac-help.com.
Order Number: 10
You could enter 1, but for future expandability most people use 10 as a start point !
You should really have another Mail Server running else where...you would then add in another MX record with the new servers details, using '20' as the next order number. What this means is, that if the 'main mail server' is offline then all the mail will go via the second MX record (mail server), the users will not know that anything is different ! And you will not loose any emails, having them bounced because mail server one is having maintenance done to it !
32) Now press okay, then you need to stop and then restart DNS Services, personally I would just reboot !
That covers most aspects...of DNS should anyone require it !!!
Without making all this sound like a waste of time, not many people 'really need to run their own "DNS Server". Have a think about what your requirements are first !
if anythings not clear let me know,
regards
Ric
DNS is normally one of the most misunderstood features of an OS X Server setup.
DNS is primarily to make 'humans' be able to navigate around the Internet a bit easier. Everyone can remember http://www.google.com and http://www.amazon.co.uk but not many people would remember http://207.171.166.149 (Amazon) and http://66.102.9.99. (Google). In most web browsers you don't have to type in "http://" it gets added for you. In some you don't have to type in the "www" bit either. In Safari you can just type in apple or amazon or mac-help and you will be transported to www.apple.com www.amazon.com or www.mac-help.com. Only works for .com addresses !
DNS Servers are in essence like telephone directories, (they are an active distributed database) ie you ask for a web site in your web browser this then sends a request to a Domain Name Servers this then translates the request into an IP address which then allows your computer to request the web page from that server. Domain Name Servers can translate from an IP address to a name and back again (reverse lookups).
Most 'users' experience of DNS is on their home computer. When you sign up to an ISP (Internet Service Provider) they will normally give you some information to allow you to use their service, how to set up your modem etc. Amongst this will be 1 or 2 DNS IP Addresses. Without these, if you type in www.bbc.co.uk into your web browser then it would give an error saying that it couldn't be found if however you had typed in the IP address that 'resolves' to the Amazon web server 207.171.166.149 then you would go straight to the page. Sometimes DNS servers can be down and when you type an address into your web browser it won't be found. I find it's always best to have a couple of IP addresses written down on your Mac somewhere...then if you can't access any web sites type in one of the IP addresses then if it works you know your ISP DNS Servers are currently down.
One handy tip to find out the IP address of your favourite websites, go to your Applications folder ---> Utilities Folder ---> Network Utility. Open up Network Utility and go to the lookup tab...then enter in the domain name ie www.amazon.co.uk and then hit return...this will then give you the IP address ! Lookup works both ways...type in an IP address and it will tell you the host name etc...Network Utility has a lot of good functions if you need them !!!
Anyway back to DNS on the OS X Server Software...
Mac OS X Server 'can' be a Domain Name Server, that's to say if set up correctly it will translate IP addresses to names and also translate names to IP addresses.
This is implemented by using 'Zone Records'. Zone Records are text files that are kept on the server with the relevant IP address and the matching 'name'.
There are lots of different types of Zone Records...two types you must implement are forward and reverse records.
To start with we will need the IP Address of the server and it's host name. We will also need the router address and the net mask, If you are unsure of either of these, IP address can be found by typing :
ifconfig | grep "inet " | grep -v 127.0.0.1 | cut -d\ -f2
into your terminal and then press return.You can find out the host name by typing:
hostname
and then press return, into your terminal.
or you can go to the Network preference and get the info from their.
Once you have these you can now setup the Domain Name Server on your Mac OS X Server.
We will be changing our server from a 'Standalone Server' to a 'Master Server', but not until we have got the DNS Server functioning correctly ! This helps us check the DNS Server is working properly.
For this example our Server is an Xserver which we have named:
Computer: xserver
Hostname: xserver.mac-help.com
Rendevous name: xserver
To Set up Forward and Reverse Zone Records:
1) Launch Server Admin
2) Select the DNS Service from the list on the left.
3) Click the settings tab at the bottom
4) Select the Zones tab
5) Click the + button under the zones pane
6) Enter the zone name, ours is
mac-help.com.
then enter the SOA (Source of Authority, the name of the computer running the zone !)
xserver.mac-help.com.
Now enter an admin email, use a real one !
admin_no (e-mail address removed).
(the full stops at the end of each line are meant to be there, it is not a typo !)
then press OK !
7) You have now set up a name space record !
8) Now, click the + button under the records pane, whilst the mac-help.com zone is selected in the left hand pane !
9) Choose Address record from the list (A type).
10) In the Map from...we would enter the FQDN (Fully Qualified Domain Name)
xserver.mac-help.com.
11) In the Map to field...we would enter our IP address
10.0.1.1
12) Select the "Create reverse mapping record" checkbox.
13) You should now have two zone records in your zone list for the zone mac-help.com
14) Now click the 'Save' button.
15) Click the start service button !
The most common failure/error when someone is editing/creating DNS records is to not have the period at the end of each line !
This will prevent your DNS Server from functioning correctly ! Type carefully !
16) Now we need to check that we have set up this stage correctly ! Go to the network prefs pane and change the DNS server IP Address to your IP address ours would be:
(your IP address and the DNS Servers address will be the same !)
10.0.1.1
Then change the search domain to :
mac-help.com
17) Depending on what else your server is doing, I normally give it a reboot at this time, go get a coffee !
Now we need to check our work:
18) Open Terminal and type:
hostname
press the return key
this should give you the FQDN ---> ours would be:
xserver.mac-help.com
presuming this is correct (if not get another coffee, and then go and check for missing periods !)
19) Open terminal and type:
host xserver.mac-help.com
(one space after 'host')
press the return key
This should give you your IP Address ! Ours would have given:
10.0.1.1
20) Open terminal and type:
(replace IP with yours!)
host 10.0.1.1
(one space after 'host')
press the return key
This should resolve to your FQDN ! Ours would have given:
xserver.mac-help.com.
21) Pat yourself on the back your basic DNS is now setup and working correctly !
22) More coffee. Make yourself a written (pen and ink cheat sheet, or print this out and add in your settings). You don't normally have to do a lot of work with DNS and you may forget what you have done the next time you come to do something !
Now we're going to add an alias record for our Web Server ( we are presuming that this runs on the same machine!)
23) Back to the Server Admin, DNS Service.
24) Now, click the + button under the records pane, whilst the mac-help.com zone is selected in the left hand pane !
25) Select an Alias (CNAME) record from the pop up menu.
26) Add in as before, our would be:
Map from: xserver.mac-help.com.
Map to: www.mac-help.com.
27) Now press okay, then you need to stop and then restart DNS Services, personally I would just reboot !
Now we will add in the MX Records for the Mail Server
28) Back to the Server Admin, DNS Service.
29) Now, click the + button under the records pane, whilst the mac-help.com zone is selected in the left hand pane !
30) Select a Mail Exchanger (MX) record from the pop up menu.
31) Add in as before, our would be:
Map from: mac-help.com.
Map to: xserver.mac-help.com.
Order Number: 10
You could enter 1, but for future expandability most people use 10 as a start point !
You should really have another Mail Server running else where...you would then add in another MX record with the new servers details, using '20' as the next order number. What this means is, that if the 'main mail server' is offline then all the mail will go via the second MX record (mail server), the users will not know that anything is different ! And you will not loose any emails, having them bounced because mail server one is having maintenance done to it !
32) Now press okay, then you need to stop and then restart DNS Services, personally I would just reboot !
That covers most aspects...of DNS should anyone require it !!!
Without making all this sound like a waste of time, not many people 'really need to run their own "DNS Server". Have a think about what your requirements are first !
if anythings not clear let me know,
regards
Ric
.