Configuring DNS Services

Your control panel works in cooperation with the BIND DNS server, which enables you to run DNS service on the same machine where you host Web sites.

Setup of DNS zones for newly added domains is automated: When you add a new domain name to control panel, a zone file is automatically generated for it in accordance with the server-wide DNS zone template and registered in the name server's database, and name server is instructed to act as a primary (master) DNS server for the zone.

You can:

• Add resource records to and remove from the template
• Override the automatic zone configuration with custom settings on a per-domain basis
• Switch off the domain name service on this machine if your provider or another organization is running DNS service for your sites

To view the default records in the server-wide DNS template:

1. Click the Server shortcut in the navigation pane.
2. Click the DNS icon in the Services group. All resource record templates will be displayed.

   The <ip> and <domain> templates are automatically replaced in the generated zone with real IP addresses and domain names.

To add a new resource record to the server-wide DNS template:

1. Click the Server shortcut in the navigation pane.
2. Click the DNS icon in the Services group.
3. Click the Add New Record icon in the Tools group.
4. Select the resource record type and specify the record properties as desired.

   Note that you can use <ip> and <domain> templates that will be replaced in the generated zone with real IP addresses and domain names. You can use a wildcard symbol (*) to specify any part of the domain name, and you can specify the exact values you need.

5. Click OK.

To remove a resource record from the server-wide DNS template:

1. Click the Server shortcut in the navigation pane.
2. Click the DNS icon in the Services group.
3. Select a check box corresponding to the record template you wish to remove, and click Remove Selected.
4. Confirm removal and click OK.

Plesk updates automatically the zone name, hostname, administrator's e-mail address, and serial number, and writes the default values for the rest of Start of Authority record parameters to the zone files it maintains. If you are not satisfied with the default values, you can change them through the control panel.

To change the Start of Authority (SOA) record settings in the server-wide DNS template:

1. Click the Server shortcut in the navigation pane.
2. Click the DNS icon in the Services group.
3. Click SOA Preferences.
4. Specify the desired values:
   • TTL. This is the amount of time that other DNS servers should store the record in a cache. Plesk sets the default value of one day.
   • Refresh. This is how often the secondary name servers check with the primary name server to see if any changes have been made to the domain's zone file. Plesk sets the default value of three hours.
   • Retry. This is the time a secondary server waits before retrying a failed zone transfer. This time is typically less than the refresh interval. Plesk sets the default value of one hour.
   • Expire. This is the time before a secondary server stops responding to queries, after a lapsed refresh interval where the zone was not refreshed or updated. Plesk sets the default value of one week.
   • Minimum. This is the time a secondary server should cache a negative response. Plesk sets the default value of three hours.
5. Click OK. The new SOA record parameters will be set for the newly created domains.

By default, transfer of DNS zones is allowed only for name servers designated by NS records contained within each zone. If your domain name registrar requires that you allow transfer for all zones you serve:

1. Click the Server shortcut in the navigation pane.
2. Click the DNS icon in the Services group.
3. Click the Common ACL icon in the Tools group. A screen will show all hosts to which DNS zone transfers for all zones are allowed.
4. Click the Add New Address icon.
5. Specify the registrar's IP or network address and click OK.

If you are using third-party DNS servers, and are not running your own DNS server, you should switch off your control panel's DNS server:

1. Click the Server shortcut in the navigation pane.
2. Click the DNS icon in the Services group.
3. Click the Switch off icon in the Tools group.

To restore the original configuration of server-wide DNS template:

1. Click the Server shortcut in the navigation pane.
2. Click the DNS icon in the Services group.
3. Click the Default icon in the Tools group.

You can specify whether your DNS server should provide recursive service for queries.

With recursive service allowed, your DNS server, when queried, performs all the lookup procedures required to find the destination IP address for the requestor. When recursive service is not allowed, your DNS server performs minimal number of queries only to find a server that knows where the requested resource resides and to redirect the requestor to that server. Therefore, recursive service consumes more server resources and makes your server susceptible to denial-of-service attacks, especially when the server is set to serve recursive queries from clients outside your network.

After your install Plesk, the built-in DNS server defaults to serving recursive queries only from your own server and from other servers located in your network. This is the optimal setting. If your upgraded from earlier versions of Plesk, your DNS server defaults to serving recursive queries from any host.

If you want to change the settings for recursive domain name service:

1. Click the Server shortcut in the navigation pane.
2. Click the DNS icon in the Services group.
3. Click the DNS Preferences icon in the Tools group.
4. Select the option you need:
   • To allow recursive queries from all hosts, select Any host.
   • To allow recursive queries from your own server and hosts from your network, select Localnets.
   • To allow recursive queries only from your own server, select Localhost.
5. Click OK.