Share

Question

Not sure which DNS records I need to create to achieve the following goals. Wildcards? @? CNAMEs? A records? MX? It’s not clear how I should proceed. Please assist.

I own three domains and want all records in all 3 pointing to the same places. Eventually the domains will show different web content but for today they should be the same.
I will be standing up two droplets in a hot-cold configuration with a floating IP, manually controlled. Failover amounts to booting the second droplet and switching the floater.
I will be running a simple https Wordpress website (LAMP) on each droplet, resolvable by both www.domain and domain (no www.)
I will be running a MQTT broker on each droplet. The hostname the client is expecting for these is mqtt.SmartBird.io.
Current hostnames for the droplets are mqtt01.SmartBird.io and mqtt02.SmartBird.io. (Maybe I should have asked before committing to that naming scheme. Second one is not yet created, and I can easily rebuild the first.)
Mail is to be handled by Zoho

What records should I create, pointing to what?

Answer 1

jarland December 10, 2018

Hey friend,

To best determine what each should be, I think it’s best to break down what the record types are for. Each has it’s use case. You already have MX handled, so let’s talk about A records and CNAMEs:

A record - This points a name to an IP address. The name might be “domain.com” or even “sub.domain.com” but it simply points to an IP address.

CNAME record - This points to an A record, and pulls the IP from it. Let’s say that I want sub.domain.com to always use the IP address assigned to domain.com, and I want to update both records to a new IP address later by only changing one record. I would make “sub.domain.com” a CNAME for “domain.com” which means that it always pulls the A record from “domain.com” when asked.

Each has it’s use case, and which to use at each point is entirely your decision :)

Jarland

Report

BetterAutomations December 10, 2018

Right. A records for IPs and CNAMEs as aliases… that much I get. Just not sure what is typically recommended for such a setup. Also considering wildcards and @ records.
Report
- jarland December 10, 2018
  
  I would say that there is no recommended way, and that any choice which makes sense to you and also functions is the right choice as a result of that. A wildcard is a way to say “every subdomain that I have not already defined will point to this IP” and an “@” is simply a commonly accepted way to leave the name field blank, therefore referring to the root domain (ex. domain.com).
  
  Report
  
  BetterAutomations December 10, 2018
  
  Do you have a webserver? What records have you setup?
  
  Report
  
  jarland December 10, 2018
  
  I have a bunch. I do this:
  
  @ or blank (depending on DNS editor preference) - A record to IP address
  www - CNAME to domain
  
  So in DigitalOcean’s DNS editor that would be:
  
  Type: A
  Name: @
  Record: 1.1.1.1 (example IP)
  
  Type: CNAME
  Name: www
  Record: domain.com (sample domain)
  
  Report
  
  BetterAutomations December 10, 2018
  
  So for the www CNAME do you use @ ? Or an IP? I suppose @ but wanted to be very certain :-)
  
  Report
  
  jarland December 10, 2018
  
  I use a CNAME for the www, so it looks like this for my domain jarland.me:
  
  https://i.imgur.com/YQLiMHY.png
  
  That way if my site IP changes, I just change the A record for jarland.me, and www.jarland.me follows along. This is what I’d add for jarland.me without www, if the IP were 1.1.1.1:
  
  https://i.imgur.com/POuqdcV.png
  
  Report
  
  BetterAutomations December 10, 2018
  
  Okay and how about the other two domains?
  
  Report
  
  jarland December 10, 2018
  
  If it’s me, for other subdomains like mqtt01 and mqtt02, I’m going straight A records pointing directly to the IPs. If you see a scenario where a CNAME makes your life easier there, go for it, but an A record with just the name “mqtt01” and the record of the IP address hosting it would be looked upon as perfectly fine by anyone.
  
  Report
  
  BetterAutomations December 10, 2018
  
  Okay very good, and the other two domains? I own three domains and want all records in all 3 pointing to the same places. Eventually the domains will show different web content but for today they should be the same.
  
  Report
  
  jarland December 10, 2018
  
  For the other domains you would do an A record for the main domain, the “@” record, and you could do a CNAME for any subdomains (including www). Granted, if you’re pointing a subdomain to the same IP as another record and use a CNAME, but then you intend to change it later then there’s no real benefit to CNAME over A record.
  
  So many ways to spin it :)
  
  Report
  
  BetterAutomations December 10, 2018
  
  Here are the resulting settings, I am posting these in case others come later with the same question. Would you please glance at them and make sure I did nothing stupid? If this is a security risk I will need to remove them.
  
  TTLs are deliberately set very low while I am doing the setup.
  
  https://goo.gl/photos/5xT4bUz7y185upXNA
  
  Report
  
  jarland December 10, 2018
  
  Looks good to me :)
  
  Report
  
  BetterAutomations December 10, 2018
  
  Thank you, and it is not a security risk to leave these screenshots up for others to see, yes? I think so, I am fairly certain these are all public record :-)
  
  Report
  
  jarland December 10, 2018
  
  It could theoretically increase the severity of an existing security risk, but that would mean that something on the droplet and public facing is vulnerable to begin with, which means it’s only a matter of time before someone out there attacks it anyway.
  
  Report

Answer 2

BetterAutomations December 10, 2018

Right. A records for IPs and CNAMEs as aliases… that much I get. Just not sure what is typically recommended for such a setup. Also considering wildcards and @ records.
Report
- jarland December 10, 2018
  
  I would say that there is no recommended way, and that any choice which makes sense to you and also functions is the right choice as a result of that. A wildcard is a way to say “every subdomain that I have not already defined will point to this IP” and an “@” is simply a commonly accepted way to leave the name field blank, therefore referring to the root domain (ex. domain.com).
  
  Report
  
  BetterAutomations December 10, 2018
  
  Do you have a webserver? What records have you setup?
  
  Report
  
  jarland December 10, 2018
  
  I have a bunch. I do this:
  
  @ or blank (depending on DNS editor preference) - A record to IP address
  www - CNAME to domain
  
  So in DigitalOcean’s DNS editor that would be:
  
  Type: A
  Name: @
  Record: 1.1.1.1 (example IP)
  
  Type: CNAME
  Name: www
  Record: domain.com (sample domain)
  
  Report
  
  BetterAutomations December 10, 2018
  
  So for the www CNAME do you use @ ? Or an IP? I suppose @ but wanted to be very certain :-)
  
  Report
  
  jarland December 10, 2018
  
  I use a CNAME for the www, so it looks like this for my domain jarland.me:
  
  https://i.imgur.com/YQLiMHY.png
  
  That way if my site IP changes, I just change the A record for jarland.me, and www.jarland.me follows along. This is what I’d add for jarland.me without www, if the IP were 1.1.1.1:
  
  https://i.imgur.com/POuqdcV.png
  
  Report
  
  BetterAutomations December 10, 2018
  
  Okay and how about the other two domains?
  
  Report
  
  jarland December 10, 2018
  
  If it’s me, for other subdomains like mqtt01 and mqtt02, I’m going straight A records pointing directly to the IPs. If you see a scenario where a CNAME makes your life easier there, go for it, but an A record with just the name “mqtt01” and the record of the IP address hosting it would be looked upon as perfectly fine by anyone.
  
  Report
  
  BetterAutomations December 10, 2018
  
  Okay very good, and the other two domains? I own three domains and want all records in all 3 pointing to the same places. Eventually the domains will show different web content but for today they should be the same.
  
  Report
  
  jarland December 10, 2018
  
  For the other domains you would do an A record for the main domain, the “@” record, and you could do a CNAME for any subdomains (including www). Granted, if you’re pointing a subdomain to the same IP as another record and use a CNAME, but then you intend to change it later then there’s no real benefit to CNAME over A record.
  
  So many ways to spin it :)
  
  Report
  
  BetterAutomations December 10, 2018
  
  Here are the resulting settings, I am posting these in case others come later with the same question. Would you please glance at them and make sure I did nothing stupid? If this is a security risk I will need to remove them.
  
  TTLs are deliberately set very low while I am doing the setup.
  
  https://goo.gl/photos/5xT4bUz7y185upXNA
  
  Report
  
  jarland December 10, 2018
  
  Looks good to me :)
  
  Report
  
  BetterAutomations December 10, 2018
  
  Thank you, and it is not a security risk to leave these screenshots up for others to see, yes? I think so, I am fairly certain these are all public record :-)
  
  Report
  
  jarland December 10, 2018
  
  It could theoretically increase the severity of an existing security risk, but that would mean that something on the droplet and public facing is vulnerable to begin with, which means it’s only a matter of time before someone out there attacks it anyway.
  
  Report

What are the recommended DNS records for a web server and MQTT?

Leave a Comment

Share

Share your Question

What are the recommended DNS records for a web server and MQTT?

Leave a Comment

Related

question

Whois on IRC returns IP instead of domain

question

rDNS for name other than hostname?

question

Two domains on same dopplet, only one of them is working

question

Help a newbie out here please

Almost there!