- Print
- PDF
Global DNS concept
- Print
- PDF
Available in Classic and VPC
A few important concepts about Global DNS are explained prior to learning the overall scenarios of using Global DNS. The following are the main concepts to be explained:
To aid in understanding of Global DNS concepts, see glossary.
Domain registration mechanism
If you want to use a domain, purchase and register a domain name to use instead of an IP address, and have a name server containing the mapping information of the domain name and the actual IP address. If you use NAVER Cloud Platform's Global DNS, you can build a name server in a cloud environment but you cannot purchase a new domain name. Therefore, you must first register a new domain name in a certified registration agency such as Gavia, iNames, or Dotname Korea, and then build a name server with Global DNS.
DNS record type
DNS record is a series of characters used to configure settings about a domain in DNS.
The following DNS record types are available in Global DNS:
SOA record
- SOA stands for Start of Authority and shows the important information of a domain zone.
- In Global DNS, the SOA record is automatically created when adding a domain and cannot be added, edited, or deleted.
- Record form: {Domain name server} {Serial} {Refresh} {Retry} {Expire} {TTL}
- Serial: version number of the domain zone
- Refresh: data renewal interval of the domain zone
- Retry: retry interval when the data renewal interval of the domain zone fails to be confirmed
- Expire: expiration interval of the domain zone after repeated failure to retry
- TTL: application interval of record changes
A record
- It maps a domain name to an IPv4 address.
- You can map multiple IP addresses to one domain name, and multiple IPs are answered in round robin order according to the number of requests.
- The TTL default is 300 seconds (5 minutes), and setting the TTL too high will delay reflections when changing record values.
- Examples
- Record name: www.example.com
- Record value: 10.0.0.1
AAAA record
- It maps a domain name to an IPv6 address.
- Just like A record, you can map multiple IP addresses to one domain name, and multiple IPs are answered in round robin order according to the number of requests.
- The TTL default is 300 seconds (5 minutes), and setting the TTL too high will delay reflections when changing record values.
- Examples
- Record name: www.example.com
- Record value: 2001:0db8:85a3:0000:0000:8a2e:0370:7334
NS record
- It shows the name server information of a domain.
- In Global DNS, the NS record is automatically created when adding a domain, and you cannot add, edit, or delete the record values.
- Record values provided: ns1-1.ns-ncloud.com, ns1-2.ns-ncloud.com
- The TTL default is 86,400 seconds (1 day) and can be edited.
PTR record
- PTR stands for Pointer and maps an IP address to a domain, as opposed to an A or an AAAA record.
- PTR is a record for a reverse domain and is used for purposes such as host/service identification, validation of mail addresses and so on.
- The domain name and IP address are written in the other direction and separated by a period (.).
- Examples: how to create a PTR record of www.ncloud.com A 49.236.142.51
- Create domain 142.236.49.in-addr.arpa > Add record > Enter record name: 51, select PTR type and enter record value: www.ncloud.com
CNAME record
- CNAME stands for Canonical Name and maps one domain name to a different domain name by defining it as an alias.
- CNAME records conflict with all other records, so you cannot add other records if you add one to a host.
- You cannot add CNAME records to the root domain. To use this feature in the root domain, use the alias feature provided by Global DNS.
- Examples
- Record name: www.example.com
- Record value: www1.example.com
MX record
- Use to set the mail routing domain for a domain zone for the purpose of using mail services.
- Enter the record value as a fully qualified domain name (FQDN).
- To enter multiple mail servers, separate them with newlines and add preference values in front of them. Smaller values have higher priority.
- Examples
- Record name: @.ncloudtest.com
- Record value:
10 mx1.ncloudtest.com
20 mx2.ncloudtest.com
SPF record
- SPF stands for Sender Policy Framework, a technology that authenticates email-sending servers.
- By setting an SPF record, recipients can check the information in an outgoing email against the SPF record to verify whether the email is forged.
- Any email from servers not registered in the SPF record is processed as spam.
- Examples
- Record name: @.example.com
- Record value: v=spf1 include:_spfblocka.ncloudtest.com include:_spfblockb.ncloudtest.com ~ all
TXT record
- A TXT record is a text record consisting of arbitrary strings of characters, and you can enter simple text data about your domain.
- It can be used for a variety of purposes including verifying domain ownership, authorizing senders with SPF, adding digital email signatures (DKIM), and preventing spam from being sent.
- Examples
- Record name: @.example.com
- Record value: "favorite drink=orange juice"
A TXT record supports up to 255 characters; any record longer than this limit is wrapped.
SRV record
- SRV stands for Service, which stores the location (host name and port number) of a service in DNS.
- When listing multiple servers, their priority and weight can be indicated.
- Servers with higher priorities receive more traffic than other servers. When servers have the same priority value, servers with higher weights receive more traffic than other servers.
- Record form: _ {Service}._ {Protocol}.{Domain} SRV {Priority} {Weight} {Port number} {Target}
- Examples
- Record name: _kerberos._tcp.ncloudtest.com
- Record type: SRV
- Record value: 10 60 88 kerberos.ncloudtest.com
CAA record
- It specifies a certificate authority (CA) that can issue a certificate for a domain.
- A wrong CA may interrupt the issuance of a certificate regarding the domain.
- Record form: {flags} {tag} "{value}"
- flags: set a value from 0 to 255
- tag: set to the value of issue or issuewild
- value: enter a value according to the specified tag value
- Examples
- Record name: ca.example.com
- Record value: 0 issue "ncloud.com"
DS record
- A DS record is a DNSSEC key fingerprint used for zones with delegated security when DNSSEC is enabled and is used to verify the reliability of the subdomain.
- In Global DNS, DS records are created automatically when DNSSEC is enabled.
- Record form: {Key tag} {Algorithm} {Digest type} {Digest}
- Key tag: A numeric value used for record identification
- Algorithm: The encryption algorithm used to create a security key for the DNSKEY record (record with a public signing key in the domain zone). It is paired with a hash function, such as RSA/SHA1.
- Note that 1 (SHA1) can be a potential threat.
- Digest type: the algorithm used to create a digest of DNSKEY records
- Digest: the hashed value of the DNSKEY records uniquely identifying the records
- Examples
- Record name: ds.example.com
- Record value:
36061 8 2 b7b5c0f2c4917d6eacc9ba4461e6ae693d7a366823530b385168cc842492c271
36061 8 4 938888f1b4185ed56e65bbc63470d712decc509c1caf1682173134e2d833b8d3676965cc7084d5b1254ca21a62eaf94c