We hope you find this tutorial helpful. In addition to guides like this one, we provide simple cloud infrastructure for developers. Learn more →

How To Set Up and Test DNS Subdomains with DigitalOcean's DNS Panel

PostedNovember 13, 2013 332.5k views DNS DigitalOcean

Prerequisites


DigitalOcean's DNS panel allows you to easily setup multiple subdomains (e.g. foo.bar.myserver.com).

Three important guidelines:

  • When entering a subdomain part (e.g just foo of the foo.myserver.com), DO NOT enter a dot at the end.

  • When entering a fully-qualified domain name (e.g. foo.myserver.com), DO add a dot at the end.

  • DNS information takes time to propagate (from minutes to hours at times) - wait several minutes before testing changes. If your changes have not propagated, try again later.

This tutorial assumes you've followed the Basic DNS Setup Tutorial and have the following:

  • A registered domain name (e.g. myserver.com) using a domain registrar.
  • An active droplet, with a public IP address (e.g 1.2.3.4).
  • A configured domain name in the Digital Ocean DNS control panel
  • A configured Wild-Card CNAME record in the Digital Ocean DNS control panel (optional).

To test the above setup you should be able to ping your server:

$ ping myserver.com
PING myserver.com (1.2.3.4) 56(84) bytes of data.
64 bytes from myserver.com (1.2.3.4): icmp_seq=1 ttl=64 time=0.168 ms
...

If you've configured a Wild-Card CNAME record, using any subdomain of myserver.com should also work:

$ ping FOO.myserver.com
PING myserver.com (1.2.3.4) 56(84) bytes of data.
64 bytes from myserver.com (1.2.3.4): icmp_seq=1 ttl=64 time=0.168 ms
...

Desired Setup


  • You have multiple droplets, each with a different IP:

    • WebDropLet on 1.2.3.4
    • ApiDropLet on 5.6.7.8
  • Each droplet serves a different purpose:

    • WebDroplet is a small droplet of 512MB/1CPU, serving simple, static webpages.
    • ApiDroplet is a medium droplet of 4GB/2CPUs, serving API requests (or doing other intensive operations).
  • The following domain naming is desired:

    • myserver.com points to WebDroplet (1.2.3.4)
    • www.myserver.com points to WebDroplet (1.2.3.4)
    • *.myserver.com points to WebDroplet (1.2.3.4) (i.e. any other subdomain, including user typos)

Except "api.myserver.com" points to ApiDroplet (5.6.7.8) & "*.api.myserver.com points to ApiDroplet (5.6.7.8)" (i.e. any sub-sub domain under api.myserver.com).

DNS Setup


Current setup


In the DigitalOcean Control Panel, Click Networking. If you click on the PTR records section, the following information will be shown (your IP addresses, Domain name and Droplets will be different):

DigitalOcean DNS PTR records

If you click back to the Domains, you should see an entry for your domain name again:

DigitalOcean DNS domain names

Click on the domain name to view the domain records:

Add new A record


Select the A record type, enter "api" (or your desired sub-domain name) in the HOSTNAME field and the IP address of your droplet (5.6.7.8 in the example below) in the WILL DIRECT TO field:

NOTE: There is no dot after the name api

Click the Create Record button to add the new DNS record. Your records will look like so:

Add new CNAME record


Next, select the CNAME record type, enter ".api" (or your desired sub-domain name) in the *HOSTNAME** field and the fully-qualified name of your droplet (api.myserver.com. in the example below) in the IS AN ALIAS OF field:

NOTE: The is no dot after the ".api`" -- there *is a dot after the fully-qualified domain name (api.myserver.com.)

Click the Create Record button to add the new DNS record.

Final Configuration


After adding the A and CNAME record, your DNS settings should look like so (with different names and IPs):

Testing the new configuration


NOTE: Even after your changes appear in the control panel, it might take several more hours until the changes are propagated to other domain servers around the internet. Be patient!

Test directly with DigitalOcean's nameservers


Use the linux host command to query DigitalOcean's name-servers directly.

The reason to test their servers directly is that your new records might not have been propagated yet to other name-servers.
The second parameter to "host" is ns1.digitalocean.com - tells "host" to query a specific name-server instead of the default server (the default server could be your ISP's name-server).

The original domain name (without the new subdomain) should work:

$ host   myserver.com   ns1.digitalocean.com
Using domain server:
Name: ns1.digitalocean.com
Address: 198.199.120.125#53
Aliases: 

myserver.com has address 1.2.3.4

Subdomains should work as well (due to the wildcard CNAME record):

$ host   foo.myserver.com   ns1.digitalocean.com
Using domain server:
Name: ns1.digitalocean.com
Address: 198.199.120.125#53
Aliases: 

foo.myserver.com is an alias for myserver.com.

The new api subdomain should point to the new IP address:

$ host   api.myserver.com   ns1.digitalocean.com
Using domain server:
Name: ns1.digitalocean.com
Address: 198.199.120.125#53
Aliases: 

myserver.com has address 5.6.7.8

NOTE: If you still get 1.2.3.4 for the new api subdomain, continue waiting and then test again. If it still doesn't show the new IP, check your configuration.

The new sub-sub-domains (e.g. foo.api.myserver.com) should show the new alias:

$ host   foo.api.myserver.com   ns1.digitalocean.com
Using domain server:
Name: ns1.digitalocean.com
Address: 198.199.120.125#53
Aliases: 

foo.api.myserver.com is an alias for api.myserver.com.

Test your ISP's name-servers


After verifying your DNS records on DigitalOcean's servers, test the propagation to other name-servers on the internet.
Running "host" with just one parameter (the queried host name) uses your default name-servers:

$ host myserver.com
myserver.com has address 1.2.3.4
$ host foo.myserver.com
foo.myserver.com is an alias for myserver.com.
myserver.com has address 1.2.3.4

Test the new "api" sub-domain:

$ host api.myserver.com
myserver.com has address 5.6.7.8
$ host foo.api.myserver.com
foo.api.myserver.com is an alias for api.myserver.com.
api.myserver.com has address 5.6.7.8

NOTE 1: If you get the correct (new) IP when querying DigitalOcean's name-servers, but not when using your default name-server - it means the new records have not yet propagated to the rest of the name-servers (which sometimes employ caching to reduce network traffic). This depends on a variety of factors and you may have to wait some time before it is available on your default name server.

NOTE 2: Your ISP might use multiple name-servers for load-balancing, and some of them might get updated sooner than others. This could lead to a frustrating situation where the same query return different results, e.g.:

# Updated name-servers return updated result
$ host api.myserver.com
api.myserver.com has address 5.6.7.8
# running host again, might use different name-servers,
# which return old,stale result
$ host api.myserver.com
api.myserver.com has address 1.2.3.4
$ host api.myserver.com
api.myserver.com has address 1.2.3.4
$ host api.myserver.com
api.myserver.com has address 5.6.7.8

If this happens, wait a few minutes for all the name-servers to get up to date.

Reach out to the new server


NOTE: "ping", "ssh", and web-access will only work after your default name-servers have been updated. Always test using "host" before testing with "ping" (see above section).

Pinging the new sub-domain should reach the new droplet:

$ ping api.myserver.com
PING api.myserver.com (5.6.7.8) 56(84) bytes of data.
64 bytes from 5.6.7.8: icmp_seq=1 ttl=48 time=157 ms
...

Connect to the new server (if SSH is enabled):

$ ssh root@api.myserver.com
The authenticity of host 'api.myserver.com (5.6.7.8)' can't be established.
key fingerprint is fb:32:7c:81:7e:6a:33:17:ac:4c:2d:a5:3c:75:07:95.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'api.myserver.com' to the list of known hosts.
Are you sure you want to continue connecting (yes/no)? yes
root@api.myserver.com's password: 

Test the webserver on the new droplet (if a Webserver is enabled):

$ wget api.myserver.com
--2013-11-06 20:42:42--  http://api.myserver.com/
Resolving api.myserver.com (api.myserver.com)... 5.6.7.8
Connecting to api.myserver.com (api.myserver.com)|5.6.7.8|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 13 [text/html]
Saving to: 'index.html'

100%[======================================================>] 13  --.-K/s in 0s

2013-11-06 20:42:43 (702 KB/s) - 'index.html' saved [13/13]

Application-Level Configuration


After the name-server is configured, you'll need to configure your web-servers to respond to the new host names. The wildcard CNAME record allows multiple hostnames (e.g. api.myserver.com, foo.api.myserver.com, www.api.myserver.com) to reach the same server (all resolve to IP address 5.6.7.8).

In web-server parlance, handling multiple server names is called Virtual Hosts.

See the following tutorials on configuring VirtualHosts:

Post-script


Submitted by Assaf Gordon

45 Comments

Creative Commons License