Setup DNS Records to Route Traffic for Different Services
2020-09-16Why
Previously, there was a need to host a web app under a domain name, while routing emails to another mailing service provider.
Although it is not very hard, there's not much tutorial around, so, here it is.
Concepts
Before we start let's review some domain name related concepts
What is Domain Name Services (DNS)
Network communications are based on IP address, which is few groups of random characters (IPv6, like 2404:6800:4005:803::200e
) or digits (IPv4, like 216.58.199.110
), is hard to memorize. Therefore, a human readable way to access to different servers is needed, and DNS is built for this purpose. Now people use different domain names, e.g. www.google.com
, instead of 216.58.199.110
for various websites.
How DNS works
When a DNS client, e.g. a web browser, needs to resolve a domain name to IP, it will raise a DNS query to DNS servers to translate the domain to proper IP address.
In details, the query from client is sent to DNS resolver and handled differently depending on caching.
Without Cache
In this case, the DNS resolver will check with root name server, Top Level Domain Server and authoritative server to search for the IP address
- The first DNS Server go down this path is root name server. DNS resolver will query the root name server, which will return IP address of different Top Level Domain (TLD) Server depends on the TLD, i.e.
.com
,.net
, or.io
- From the TLD Server, DNS resolver will get the IP address of authoritative name server of the domain.
- Resolver than get the IP address of the domain name mapped to from authoritative name server of them domain name.
- Destination IP address is than returned to the client by DNS resolver.
With Cache
Once a new DNS query is done, the result is cached in DNS resolver for a period specified by Time To Live (TTL). Within this period, resolver replies DNS query from cache instead of going through the above procedure, which results in faster response for the query.
What are DNS Records
DNS records are the mappings of domain names and their destinations, and stored in the domain’s authoritative name server.
There are few types of records would be use in this article.
A record is to map an IP address to a given domain name.
MX record is specifically for mapping email to mail server.
SRV record is for mapping different domain to a combination of IP address and port.
How to do that on Digital Ocean
Digital Ocean provides DNS management. Beside it's free, it integrates with droplets and load balancer from Digital Ocean, which is very convenient to users already using droplets (virtual machines) on Digital Ocean.
In the following, it will be used to route traffic based on domain name. Traffic to web server would be route to droplet hosted on Digital Ocean, and email would be route to other email servers.
1. Configure domain to use Digital Ocean's name server
To use Digital Ocean to manage DNS records, the name server of the domain should be point to all three of the following name server
- ns1.digitalocean.com
- ns2.digitalocean.com
- ns3.digitalocean.com
Configuration for different domain registrant (where the domain is bought) may vary. This article provides where to change that. How To Point to DigitalOcean Nameservers From Common Domain Registrars
2. Create new domain name resource in Digital Ocean control panel
This Digital Ocean document How to Add Domains provided how to do this in Digital Ocean control panel, which is rather straight forward.
3. Configure domain name resource to route traffics
Once the resouce is created, we can add the DNS records needed.
For web app, we will create an A record to route web traffic to droplet in Digital Ocean
For email, we will create both SRV and MX record to route email to mail servers.
This Digital Ocean document How to Create, Edit, and Delete DNS Records shows how to add different records accordingly.
When using mail services from Gandi, the result should be similar to the following (the domain purchased in this example is blurred out).
Closing
After this article, we manage web traffic to different server based on domain name and protocol. Besides separate traffic to mail and web app, other services can be done in similar fashion.
References
This article is written with information from CloudFlare and Digital Ocean.
If you like this article, remember to show your support by buy me a book.