Managing Your Own Web DNS Services

In one of my first posts I promised to describe how I was able to transfer my domain name from one web host to another with minimal cut-over time, and essentially no waiting for DNS propagation. The key is I did not have to wait for DNS changes to propagate across the Internet at all–the changes only had to occur on my own DNS server. If you were to purchase a new domain name, then you would have propagation delay as the new name is discovered.

I strongly believe in the separation of DNS services and web hosting services. This keeps me from having any issues with my web host holding me ‘hostage’ for some reason because they have control of my domain name. While you may legally own your domain name, unless you manage the DNS services, you don’t have full control. While many web hosts will provide this service to you at no extra cost, I decided long ago I was willing to pay a little more to get those services from a third party to protect myself.

I use the DNS services of Dynamic Network Services, Inc. They are a DNS specialist. They do not provide web hosting services! I initially discovered them while searching for a means of getting a stable DNS name for a dynamic IP assigned by my ISP in order to remotely access a server at home. After I realized all the services they provided, and what insulation it would give me from my web host, I moved management of all my domains there. At the time, they did not do domain registration, and I simply went to my domain registrar and designated the Name Servers hosted by DynDNS as mine. From then on, I used their Custom DNS services to manage my hosts.

While most people might be afraid of managing their own DNS services, DynDNS makes it very simple. Their FAQ pages are extensive and supply all the information you need. I’ve been able to manage all my needs without contacting their support staff, and I’m not a DNS expert–though I try to play one in the movies. 😉 Just kidding!

Back to how I accomplished the move so easy… Since I did not have to add a new domain and change NS records (name server IPs), I only had to add a new host name (blog) to my cdchase.com domain. I will eventually move this site under my main www site, but I have not decided how I’m going to integrate the old content and new. As I’ve stated before, the design is still in Alpha mode–subject to change at any time.

While Media Temple aka (mt) is my host, and they stated that I would not have a dedicated IP for my domain, but that it would be a named virtual host, and they pointed me at the Apache documentation, I knew exactly what I could do! While the IP might not be dedicated to my web hosting server, it does respond to a specific IP, and the name used is what tells it to use one virtual server or another. That IP is what is behind the access domain that they provide–a generic host name that is under their domain control, and you can use at any time–even before DNS propagates if you are stuck waitng for it. By looking up the IP related to it using ‘dig‘ on Linux, I was able to create my A record DNS entry pointing my new host at it’s appropriate IP. Once I did that, it was immediately available!

Why immediately you ask? Because when you provide your browser a a fully qualified domain name like blog.cdchase.com, it has to look up the IP for it. Where it looks is the server that controls the domain above, in this case cdchase.com. Since that domain had been in existence for years, it simply went there, and got the new host IP and I was in business!

Note, as soon as I had the web pages copied to the new site using the generic access domain, and I saw how well things were going, I changed the DNS record for www.cdchase.com. That took up to 12 hours to propagate depending on if you had been to the site before. 12 hours is the TTL or time-to-live setting on my DNS entries, they time out after that time and a client, such as a web browser, will normally re-request them and get the updated IP. Same goes for my MX (mail) entries, 12 hours to time-out and I was in business on my new host. Time now to cancel my old service…

Once you have all the changes you need made, you should test your DNS too… you might want to do it before you change to see how good your web hosting provider’s configuration is! Try DNS Stuff, lots of tools to help testing and trouble shooting.

If I’ve haven’t sold you on the power of separating DNS hosting from web hosting, you can also add on the additional redundancy they provide, distributed world-wide. DynDNS has five DNS hosting facilities spread around the world for redundancy and isolation from network break-downs, as well as improving response times in their related regions. I also use their Mail Hop Outbound service to provide secure outbound SMTP services at home, but more importantly when I’m traveling. If I’m using some hot spot some place, I don’t always have access to their SMTP mail servers information for routing mail, besides the pain it is to find & setup every time. With Mail Hop Outbound, all my mail uses the Mail Hop server. Very convenient and secure. Since I control my DNS, I have also added an SPF record to help support mail security.

If you have specific questions, I would be happy to answer them, just leave a comment! If you are interested in learning more about DNS, get the O’Reilly guide: DNS and BIND (5th Edition) from Amazon.

Smooth Sailing at Media Temple

I was getting my feeds redirected through FeedBurner tonight & claiming my blog over at Technorati and did a quick search on ‘Media Temple’ and came across a post at Derek Davis’ The Journal that I commented on about all the fuss over Media Temple. Neither of us understand it. As I mentioned previously, I’m giving them the benefit of the doubt. I forgot to mention it in my post at Derek’s, but I think that it is just a case of the few that have the problems being ‘louder’ and speaking out. I can understand that to a certain extent, but I’m more about keeping my problems quiet, not blaming anyone, and just working it out. That’s how I ended up at (mt)! My previous host, who will rename nameless as they did serve me well for years, just wasn’t offering me the tools and support I wanted. So, I started searching for someone that could do so for a reasonable price. Media Temple met my qualifications, and then some. See my comments at Derek’s again regarding their world-class data center.

24 Hours on Media Temple

Last night I finally made the move to a new, more reliable and supportive web host. Media Temple (mt). After a lot of research and watching them iron out their difficulties with the Grid Server (gs)–which I’m using for this site–I am optimistic about the new world. We all know that grid technology for the web is new, and there have been pains in getting it implemented at (mt), but I’m giving them a chance despite all the negative things I’ve read.

I’m an optimist. I like to read good things about people and companies. Media Temple has been praised for their customer support, and their data center is nothing less than world-class. And they are offering us web developers the opportunity to use it for a song! Here’s my take: If you are dependent on a web site for mission critical systems, then it should be a dedicated server, or Dedicated-Virtual (dv) in Media Temple’s offerings. Those of us living on The Grid are just incubator projects… When you grow up, you get a real server. 🙂

Here’s my experience of the past 24 hours:

  • 6:40 pm – Requested account
  • 6:45 pm – Received Service Activation email
  • Added A record entry for www in my DNS name servers to point to my Grid Server Access Domain (I left primary host address, cdchase.com, pointing at old site since that is the address I advertise) – site available immediately!
  • Added alternate A record entries to my DNS to allow access to old site under new subdomain temporarily
  • Pointed my MX entry to mail server at (mt)
  • 4:30 am – DNS had timed out for old MX entry, so mail was being delivered to (mt)!
  • Copied web site content from old site to new
  • Changed A record for cdchase.com to new site, updated all other A records to CNAMEs for neatness
  • Sent a few test emails & updated SPF entry in DNS
  • Since all was working, I replaced several A records pointing to the common address at Media Temple with CNAME records
  • Done! Nobody new the difference that the site was in transistion!

OK, OK… I had a little benefit from managing my own DNS off-site. 🙂

I will follow-up this post with more details on how that works in coordination with a name-based hosting site like The Grid. Also more details on using SPF records to help prevent SPAM from your domain.