Table of Contents
To take full advantage of the Symbiosis system, your domain needs to be configured to have Bytemark’s name servers as authority for it.
What follows only applies if our name servers are used; if that is not the case you will need to manage your DNS data outside of the Symbiosis system. Section 20.1, “Example DNS records” gives a listing of the records needed for the correct functioning of the system.
All domains which are hosted upon a Symbiosis system will have their DNS records automatically uploaded to the Bytemark Content DNS servers.
By default a set of typical records is created for each hosted domain with MX records pointing to the local system, and aliases such as www. and ftp. for convenience. If you wish you may edit the records to make custom additions or otherwise make changes to those defaults.
For the domain "my-brilliant-site.com" you will find the
auto-generated DNS records in
/srv/my-brilliant-site.com/config/dns/my-brilliant-site.com.txt
The DNS files are uploaded to the Bytemark content DNS service every hour, and allow you to use the full range of available TinyDNS options. These options are documented upon the Bytemark Website and in the TinyDNS documentation.
This is an example of the records Symbiosis generates for
my-brilliant-site.com
. They are created automatically and stored in
config/dns/my-brilliant-site.com.txt
.
DNS records example.
# # Nameserver records. # .my-brilliant-site.com::a.ns.bytemark.co.uk:300 .my-brilliant-site.com::b.ns.bytemark.co.uk:300 .my-brilliant-site.com::c.ns.bytemark.co.uk:300 # # The domain name itself # =my-brilliant-site.com:89.16.174.65:300 # # Useful aliases. # +ftp.my-brilliant-site.com:89.16.174.65:300 +www.my-brilliant-site.com:89.16.174.65:300 +mail.my-brilliant-site.com:89.16.174.65:300 # # A record for MX # +mx.my-brilliant-site.com:89.16.174.65:300 # # The domain name itself -- AAAA record and reverse. # 6my-brilliant-site.com:200141c80001596d0000000000000065:300 # # Useful aliases -- AAAA records only # 3ftp.my-brilliant-site.com:200141c80001596d0000000000000065:300 3www.my-brilliant-site.com:200141c80001596d0000000000000065:300 3mail.my-brilliant-site.com:200141c80001596d0000000000000065:300 # # AAAA record for MX # 3mx.my-brilliant-site.com:200141c80001596d0000000000000065:300 # # MX record -- no IP defined, as this is done separately above. # @my-brilliant-site.com::mx.my-brilliant-site.com:15:300
These lines create NS and SOA records for | |
This creates an A record pointing | |
These three lines add A records for expected aliases. Once again, the TTL for these records is 300 seconds. | |
This line adds in an A record for the MX record defined below. | |
From here the IPv6 equivalents of 2, 3, and 4 are specified, using AAAA records is used instead of an A record. Note that IPv6 addresses are specified in full, without any colons. | |
This last record creates an MX record directing mail for
|
In addition to these records for each domain, a wild-card A record is
needed for the hostname such that the .testing.
prefix works. If
your machine is at Bytemark, this has already been setup for your
machine’s Bytemark alias, for example example.vm.bytemark.co.uk.
If your machine is not hosted at Bytemark, or your hostname does not
end in bytemark.co.uk
then you will need to set this alias up.
Adding the following line to your DNS file will work, assuming the
domain is hosted at Bytemark. This assumes that your machine is called
host.example.com
and that your machine’s IP address is 1.2.3.4.
+*.host.example.com:1.2.3.4
If you wish to move your domains between two machines running Symbiosis and using the Bytemark content DNS service, you must contact Bytemark Support to arrange the domain to be moved between content DNS accounts.
This results from the necessity for ensuring that only people with the proper authorisation can change live DNS data. Once a domain has been hosted on our network, a content DNS account will have sole authority for it.
If you purchase a second server and move some of your domains onto it, or purchase a domain from another Bytemark customer you must contact us to move authority for the domain into the correct account.
Until this is done, although the Symbiosis system will be creating and uploading data it will not be to the account with the authority to make the data live.
SPF and DKIM are standards that help mail servers decide if email is legitimate, ensuring it is more likely to reach the intended recipient’s inbox instead of being rejected or marked as spam. Both these technologies require creation of one or more DNS records.
Before adding any records, a policy needs to be decided. The guide at OpenSPF can help determine what the record should look like. The default policy Symbiosis uses is v=spf1 +a +mx ?all.
To create SPF records simply create the file /srv/my-brilliant-site.com/config/spf
. Nothing more is required if the default policy is adequate. If you have decided on a different policy, then you can just write it to this file.
A task is run hourly to generate the DNS data and upload it to the Bytemark DNS servers, at which point the domain will start benefiting from it. If you wish to speed up this process, run sudo symbiosis-dns-generate --verbose.
DKIM is a way of cryptographically signing email headers to provide a level of confidence surrounding the origin of said email. Configuring DKIM requires a private RSA key, and a DNS record specifying the public part of the key, along with a policy dictating how the key should be used. For DKIM to work in Symbiosis two files are required, one contains the private key, and the second contains the selector (or nothing).
To generate the private key, run openssl genrsa -out /srv/my-brilliant-site.com/config/dkim.key 2048 -outform PEM on your server. This will generate a key that is 2048 bits long.
Next create the file /srv/my-brilliant-site.com/config/dkim
, either as an empty file or with the selector in it. If the file is empty, the selector is left as "default".
Once both files are in place the hourly DNS task will update the DNS records for your domain and upload them as usual. If you wish to speed up this process, run sudo symbiosis-dns-generate --verbose.