Questions about using DNS servers provided by the registrar

M

MyriadStars

New member
Joined
Dec 5, 2020
Messages
2
Hi,

Since last night my VPS has been having issues with rebooting, so it is offline till the support technician fixes it. It just occurred to me that, since I used the name servers setup on the same VPS, when it is online again, I would need to wait till DNS information is propagated again, would I?

My domain is required at Namecheap. Would it be better to just use their nameservers instead of setting up one on the same VPS server? I heard somewhere that registrars' nameservers may require less time to resolve a domain name. Is this true?

If it's better to use the registrar's, I am wondering whether the following steps would be enough:
Suppose the domain name is domain.com, and the hostname of DirectAdmin is host.domain.com. I could setup an A record for domain.com and another for *.domain.com at Namecheap, and make them both point to my static IP. Would this be enough? More specifically, would it be OK if I don't create a specific record for host.domain.com?

Another question is, if I do this, can I still follow these instructions to get a Let's Encrypt SSL for both domain.com and host.domain.com? I read somewhere that the script shipped with recent versions of DirectAdmin still works even if the DNS is remote.

Thank you very much for your help!
 
MyriadStars said:
I would need to wait till DNS information is propagated again, would I?
Click to expand...
That depends. Normally that info is cached for certain time, not sure for how long. However, this is one of the reasons that it's not wise to have both nameservers on the same physical machine.

If you don't really need nameservers on your VPS, for example if you only have one domain on it, then it's better to use the one from the registrar. However, take in effect that all records used need to be copied to the dns of the registrar in that case.

If you are running a mailserver, your example would not be enough. You also have to create MX records, copy the TXT records if present (for SPF, DKIM and maybe DMARC) and make sure an rDNS record to your ip exists. This has probably to be done with your VPS provider.

For SSL you're pointing to old docs. Have look at the new docs:

Wildcard SSL does not always work with external DNS, however, check the LEGO section, in the docs I pointed to, because lots of external providers are supported now for wildcard SSL.
 
Thanks for your answer! I checked the new document, and found that it says "ensure that enable_ssl_sni=1 is set in the directadmin.conf". However, an older document says that "For all newer OSs, the enable_ssl_sni=1 setting will be the new default"

Version 1.51.4 | Directadmin Docs

DirectAdmin Knowledge Base
directadmin.com
Do I still need to manually set enable_ssl_sni=1 when running an up-to-date version of DirectAdmin on CentOS8, or has this change to enable_ssl_sni=1 been reverted in newer versions??
 
It is enabled by default, if you want to disable add in directadmin.conf enable_ssl_sni=0 and restart directadmin.
 
I'm having the exact same issue and this thing did not work for me hopelessly. Is there something else I can do, please ?
 
Glue records were not the question. The question was if it would be better to use the registrars name server. And what stepts to take if it was.
And that is not per definition better, but it's a choice.
However glue records are needed when running your own nameserver.

MyriadStars said:
I read somewhere that the script shipped with recent versions of DirectAdmin still works even if the DNS is remote.
Click to expand...
That's an old doc. But if you don't select wildcard, but select every selection box present, it should work, or at least it still did some time ago.

@burbigo3 Seem you have an issue which seems the same. To not confuse things, please open your own new topic with your issue.
 
You must log in or register to reply here.
Back
Top