1 of 20
2 of 20
3 of 20
4 of 20
5 of 20
6 of 20
7 of 20
8 of 20
9 of 20
10 of 20
11 of 20
12 of 20
13 of 20
14 of 20
15 of 20
16 of 20
17 of 20
18 of 20
19 of 20
20 of 20

site

doc

blog

success stories

Intelligent DNS

Edit on GitHub

Azion Intelligent DNS is a domain hosting service that is part of Azion’s traffic routing solution. By using it, your domains will be hosted on Azion distributed infrastructure, using the same performance and security solutions built for other Azion products, combining techniques to optimize requests with protection against DDoS attacks.

  1. What a DNS is
  2. How Intelligent DNS works
  3. Configuring Intelligent DNS
  4. Types of supported entries and recommendations for each
  5. Rules for filling in values
  6. Using wildcards
  7. Testing my zone
  8. Configuring Intelligent DNS to respond to my domains

1. What a DNS is - Domain Name System

As the name implies, it is a domain name resolution system. It manages to translate the name into an IP address so a connection can be established with the destination that will provide the requested website content.

It is the DNS that allows you to type in a domain name instead of a string of numbers. In other words, DNS translates the string of numbers – IP – of the domain you want to access into words that form the URL you know.


2. How Intelligent DNS works

It is designed for those that want high performance and high availability for their hosting and their domain. Intelligent DNS is an authoritative DNS solution, and allows the customers to manage their domains, zones and records through a friendly and intuitive interface.

You can create ANAME type entries, which allow you to host and use naked domains with other Azion products.


3. Configuring Intelligent DNS


Creating a Hosting Zone

  1. Go to Real-Time Manager, access the Produts menu on the top left corner and select Edge Routing > Intelligent DNS. You will see the main interface where you can create and manage your zones;
  2. Click the Add Zone button and fill in the following fields:
    Name for zone: Identifier for the newly created zone of the domain. This field is free text. You can enter text in whatever form suits you best; Domain: You can only enter the Domain Name in FQDN format, in this field. Example: mydomain.com;
    Active: This flag indicates whether the zone is active and therefore whether the Intelligent DNS should respond to it or not. Deactivated zones are ignored in DNS responses;
  3. Click the Save button to finish.

Creating or editing records linked to a hosting zone

A record is used to find a computer IP address connected to the internet from a name.

  1. Go to Real-Time Manager, access the Produts menu on the top left corner and select Edge Routing > Intelligent DNS.

  2. Click on the zone you want to edit;

    You will see the main interface where you can create or edit your zones. When you do this, you will see two tabs:

    Main Settings – In this tab you can edit the zone’s name, the main domain, the DNS service status and you will also have access to the addresses of Azion’s authoritative servers – Nameservers that will answer the queries for your zone.

    Records – In this tab you will see a list of all the records that are part of this zone.

  3. Click on the Records tab to create a new record or edit an existing one;

  4. To create a new record, click the Add Record button and fill in the following fields: Name, Type, Value, TTL (seconds) and Policy. See the details below:

    Name

    Identifier for the newly created Record.

    This description is the domain that you want to create. For example: “help”, in “help.azion.com”, or then “manager” in “manager.azion.com

    Type

    This is the type of record that is being added, such as types A, AAAA, MX or CNAME, among other examples.
    (see section - Types of supported entries and recommendations for each).

    See the the types options and description below:

    Type Description
    A - IPv4 Address Address Mapping record (A Record) – also known as a DNS host record, it stores a hostname and its corresponding IPv4 address.
    AAAA - IPv6 Address IP Version 6 Address record (AAAA Record) – it stores a hostname and its corresponding IPv6 address.
    ANAME - Maps a name to another name ALIAS record is a virtual record type created to provide CNAME – like behavior on apex domains.
    CAA - Certification Authority Authorization A CAA record allows a DNS domain name holder to specify one or more Certification Authorities (CAs) authorized to issue certificates for that domain or subdomain.
    CNAME - Canonical name Canonical Name record (CNAME Record) – it can be used to alias a hostname to another hostname. When a DNS client requests a record that contains a CNAME, which points to another hostname, the DNS resolution process is repeated with the new hostname.
    MX - Mail exchange Mail exchanger record (MX Record) – specifies an SMTP email server for the domain, used to route outgoing emails to an email server.
    NS - Name Servers NS-records identify the DNS servers responsible (authoritative) for a zone. A zone should contain one NS-record for each of its own DNS servers (primary and secondaries).
    PTR - Reverse DNS lookup PTR records are used for the Reverse DNS (Domain Name System) lookup. Using the IP address you can get the associated domain/hostname. An A record should exist for every PTR record. The usage of a reverse DNS setup for a mail server is a good solution.
    SRV - Location of server or service A Service record (SRV record) is a specification of data in the Domain Name System defining the location, for example: the hostname and port number, of servers for specified services. It is defined in RFC 2782, and its type code is 33.
    TXT - Text A TXT record (short for text record) is a type of resource record in the Domain Name System (DNS) used to provide the ability to associate arbitrary text with a host or other name, such as human readable information about a server, network, data center, or other accounting information.

    Value

    This is the DNS response to the registered record, such as an IPv4 address for example.
    (see section - Rules for filling in values)

    TTL (seconds):

    This is the time a response can be cached for on a resolver server. Time-to-live (TTL) is a value in an Internet Protocol (IP) packet that tells a network router whether or not the packet has been on the network too long and should be discarded.

    Policy

    It allows you to specify which policy iDNS should consider while resolving requests answered by this record entry.

    You can select either Simple Policy – to use the standard DNS functionality – or Weighted Policy – to specify the amount of traffic to send to each Record.

    By choosing the Weighted Policy, there will be two more fields to be completed, which are:

    Weight: you can choose a number between 0 and 255 to specify the weight for each record. When you choose 0, Intelligent DNS stops using this record.

    Description: used to differentiate records with the same Name and Type.

    Click the Save button to finish creating your record.

    From this point on, this set of information will be synchronized with the Intelligent DNS service. Your settings are saved and distributed to the Azion network practically in real time.

    Your domain is now set up and ready to be served by Azion Intelligent DNS. To make sure everything is working well, run some of the tests described in the section Testing my zone.


Record Policies

While you are adding or modifying a record on Intelligent DNS, you will find the “Policy“ field. This field is enabled just when you are configuring either A, AAAA, CNAME, ANAME or MX type records. This field lets you to choose between two policies to specify how Intelligent DNS should deal with requests answered by this record.

Simple Policy

By selecting simple policy, Intelligent DNS uses the standard DNS records behavior, routing all the traffic to the specified addresses in the “Value” field.

Weighted Policy

By selecting weighted policy, Intelligent DNS allows you to create multiple records with the same Name and Type, enabling you to specify a Weight that defines how much traffic should be routed to each record. This configuration allows you to load balance your applications or even gradually test new configurations.

By selecting weighted policy, different fields options are displayed:

Field Description
Weight
*required
You need to specify a weight value between 0 and 255. Higher values increases the chances of a specific record to be used. Setting 0 disables the record.
Description
*optional
You may add a description up to 45 characters to distinguish between records with same Name and Type.
Example: Florida Load Balancer

Given a set of Weighted Records, with same Name and Type, the chances of a specific record to be chosen by Intelligent DNS is defined by the following formula:

Weight of the record / Sum of all Weights


4. Types of supported entries and the respective recommendations that Intelligent DNS follows

To provide record creation Intelligent DNS supports the following types of DNS entries.

Type Referência
A RFC1035
AAAA RFC3596
ANAME draft-ietf-dnsop-aname-04
CAA RFC8659
CNAME RFC1035
MX RFC1035 e RFC7505
NS RFC2782
PTR RFC1035
SRV RFC2782
TXT RFC1035 e RFC1464

5. Rules for filling in values

Type Restriction rule Example
A It must be in IPv4 format

Maximum of 10 IP addresses (one per line).

Only valid IPv4 addresses are accepted as a response.
Name of zone: azion.com

Name of record: @ (or blank)

Value(s) of response:

192.209.210.67

198.199.105.93
AAAA It must be in IPv6 format

Maximum of 10 IP addresses (one per line).

Only valid IPv6 addresses are accepted as a response.
Name of zone: azion.com

Name of record: www

Value(s) of response:

2800:3f0:4001:815::2004
ANAME It must be in FQDN format

Only one domain for each ANAME type record.

Only the domains below from ‘azioncdn.net’, ‘azionedge.net’ e ‘azionedge.com’ are accepted.

It can coexist with records of the same name but of different types (MX, TXT etc.)
Name of zone: azion.com

Name of record: @

Value of response:

32082s.ha.azioncdn.net
CAA The value of the response must follow the format [FLAG] [TAG] “[VALUE]”.
Example: 0 issue “ca.example.net”.

It will not be possible to register a CAA type record, when the zone already has a CNAME type record.

N.B. the tool SSL mate can help when creating and querying.
Flag:
If the flag has a value of 0 (zero), all flags will be switched off. If the flag has a value of 1, the 0 bit (Issuer Critical Flag) is on, i.e. A CA must not send certificates for any FQDN, if the relevant record for that FQDN contains a CAA.

Tag:
The tags must be in lower case and must follow the naming convention in the RFC, Example: issue, issuewild, iodef.

Issue: it indicates that the CA of the ACM specified in the value field can send a certificate to your domain or sub-domain.
Issuewild: it indicates that the CA of the ACM specified in the value field can send a wildcard certificate to your domain or sub-domain.

iodef: it indicates that should the CA receive an invalid request for a certificate, it should send a notification to the domain owner. Use url (http/https) or mailto, e.g. “mailto:email@domain.com”, “https://url” and “http://url”.

Value:
The value must always be between inverted commas, e.g. “ca.example.com”, and the content will depend on the tag you use.
Issue: url or a sequence, e.g. “ca.example.net; account=123456” or “ca.example.com”
Issuewild: must use a domain with a wildcard e.g. “*.example.com”
iodef: a url callback or an email address, e.g. “mailto:email@domain”, “https://example.com/callback” and “http://example.com/callback”.
CNAME It must be in FQDN format

Only point it to another domain name, never an IP address.

It can’t be added at the level of the root domain.

Only one domain is allowed for each CNAME type record.

A defined host name in a CNAME record must not include records from other types of resources (MX, A, etc.)

CNAME records can point to other CNAME records, but this isn’t considered good practice, as it is inefficient.

If a CNAME record is pointing to a record in the same zone, Intelligent DNS will respond to all of them in just one query.
 
MX It must be in the format [PRIORITY] [ADDRESS].

Maximum of 10 IP addresses (one per line).
Name of zone: azion.com

Name of record: mail

Value(s) of response:

10 mailserver.example.com

20 mailserver2.example.com
NS It must be in FQDN format or an IP address.

Maximum of 10 addresses (one per line).

An NS cannot be configured by the main domain of the zone (naked domain).

It must point to the servers that have authority over that record.
Name of zone: azion.com

Name of records: ns

Value(s) of response:

ns1.aziondns.net

ns2.aziondns.net
PTR Reverse zones lined to IPv6 addresses follow other rules. See here for more information. 1- Create a new zone, add the following information for DOMAIN:
0.168.192.in-addr.arpa

2 - After creating the zone, you must create a type PTR record associated with it, with the following settings:

Name of record: 1

Value of response: www.exemplo.com
SRV The record name must have the following format: ‘_service._protocol.name’. Example: “_ldap._tcp.azionsrv”.

The response values must be in the format [priority] [weight] [port] [target].

Maximum of 10 records (one per line).

It must point to the host name that has an A or AAAA record.

Note: You must pay special attention to this, because Intelligent DNS will not validate this automatically.
Name of zone: azion.com

Name of record: _ldap._tcp.azionsrv

Value(s) of response:

0 60 5060 bigbox.example.com
TXT Limited to 100 characters.

Text that is separated by ENTER is considered as differente responses by Intelligent DNS
Name of zone: azion.com

Name of record: txt

Value(s) of response:

This domain name is reserved for use in documentation

“printer=lpr5”

“favorite drink=orange juice”

6. Using wildcards

A wildcard record is a record that responds to DNS requests by domains that you haven’t defined yet. You can create them for any type, inserting an asterisk (*) in the record name. For example, imagine that you have the following configuration for a zone whose domain is “example.com”:

Name Type Value
www A 192.168.0.1

192.168.0.2

192.168.0.3
* A 1.1.1.1
*.wildcard A 2.2.2.2

This means that:

  • if the query is made by www.example.com the response will consist of 3 IP addresses: 192.168.0.1, 192.168.0.2 and 192.168.0. N.B. It isn’t a wildcard, but it is given priority for the response because it correctly meets the record that is queried;
  • if the query is made by ghost.example.com the response will be according to the wildcard it found. I.e. The response will be: 1.1.1.1;
  • If the query is made by another.wildcard.example.com the response will be according to the wildcard it found this time, i.e. The response will be: 2.2.2.2;
  • if the query is made by wrong.record.example.com the response will have no value, because there is nothing that corresponds to this structure.

Restrictions on the use of wildcards

Only the left-most asterisk followed by a dot will be considered a wildcard. All other asterisks, if any, will be considered as valid characters.

Asterisks located further to the left that are not followed by a dot will not be considered wildcards.

It is not allowed to use wildcard characters in SRV type records because it requires a standard format in its name.


7. Testing my zone

If you have already set up Intelligent DNS as you want and you now want to test it to see if it is processing your information properly, you can test it using the following tools:

DIG

The “dig” - domain information groper - is a network administration command-line tool for querying the Domain Name System (DNS). It is useful for network troubleshooting and for educational purposes. It can operate based on command line option and flag arguments, or in batch mode by reading requests from an operating system file. When a specific name server is not specified in the command invocation, it uses the operating system’s default resolver, usually configured in the file ‘resolv.conf. Without any arguments it queries the DNS root zone.

It is a component of the domain name server software suite BIND and, in practice, replaces older tools, such as “nslookup” and “host”. However, the older tools are still used in complementary way.

To test Intelligent DNS, you should use one of the nameservers listed on the Main Settings tab of your Azion registered zone.

For example, imagine you have the following settings:

Name Type Value TTL
www A 192.168.0.1

192.168.0.2

192.168.0.3
3600

To check how Intelligent DNS handles a type “A” query, registered to the “www” record, type the following command:

  > dig A www.example.com @ns1.aziondns.net 

The response to this will be:

 ; <<>> DiG 9.10.6 <<>> A www.example.com @ns1.aziondns.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46329 ;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;www.example.com. IN A ;; ANSWER SECTION: www.example.com. 3600 IN A 192.168.0.1 www.example.com. 3600 IN A 192.168.0.2 www.example.com. 3600 IN A 192.168.0.3 ;; Query time: 22 msec ;; SERVER: 179.191.160.2#53(179.191.160.2) ;; WHEN: Thu Sep 12 13:13:14 -03 2019 ;; MSG SIZE rcvd: 137

HOST

Host queries the DNS, converting domain names into IP addresses and vice-versa. If no argument or option is provided, the host prints a brief summary of the command line options and arguments.

For example, imagine you have the following settings:

Name Type Value TTL
www A 192.168.0.1

192.168.0.2

192.168.0.3
3600

To check how Intelligent DNS handles a type “A query, registered to the “www” record, type the

> host www.example.com ns1.aziondns.net

The response to this will be:

Using domain server: Name: ns1.aziondns.net Address: 179.191.160.2#53 Aliases: www.example.com has address 192.168.0.1 www.example.com has address 192.168.0.2 www.example.com has address 192.168.0.3

NSLOOKUP

Nslookup is a tool, common to both Windows and Linux, used to obtain information about DNS records for a particular domain, host or IP.

For example, imagine you have the following settings:

Name Type Value TTL
www A 192.168.0.1

192.168.0.2

192.168.0.3
3600

To check how Intelligent DNS handles a type “A” query, registered to the “www” record, type the following command:

 > nslookup www.example.com ns1.aziondns.net

The response to this will be:

 Server: ns1.aziondns.net Address: 179.191.160.2#53 Name: www.example.com Address: 192.168.0.1 Name: www.example.com Address: 192.168.0.2 Name: www.example.com Address: 192.168.0.3

8. Configuring Intelligent DNS to respond to my domains

In order for Intelligent DNS to become the authority over your zones, you must point it at your DNS registry. (registro.br, GoDaddy, AWS Registrar, etc)

To point to your registration DNS, use one of the nameservers listed in the Main Settings tab of your Azion registered zones.

It is important to verify that all your records are properly registered and tested at Intelligent DNS before making this appointment. Otherwise you run the risk of having your service unavailable.


Didn’t find what you were looking for? Open a support ticket.