Server and Domain

[BostonBoston]

I want to learn how to use DNS Records to point to thinks on my server, say i have a website running using IIS and just want some basic information on it and my server is running on internal ip 10.x.x.x and how to set a record to be info.hostname.com.

 

or i have a service with internal ip x.x.x.x on port xxxx what do i need to do to have service.hostname.com to allow me to connect to it

 

Windows server 2016, using dynu.com

[Acedia]

You need to port forward your external Ip on port 80/tcp and/or 443/tcp to the internal IP of your webserver.

[BostonBoston]

5 hours ago, Acedia said:

You need to port forward your external Ip on port 80/tcp and/or 443/tcp to the internal IP of your webserver.

i have done this already but in the DNS Records of my my domain what do i need to set

[Jarsky]

2 hours ago, BostonBoston said:

i have done this already but in the DNS Records of my my domain what do i need to set

So your hostname is managed by dynu? Then you need to create an A record, with the hostname and external IP address

If you have say a webserver that understands name based VirtualHosts, then your webserver will determine where to direct the traffic. i.e I could run a website info.site.com and admin.site.com, both have the same A record (IP Address) but my Apache webserver would direct requests for info.site.com to /www/info, and admin.site.com to /www/admin

[BostonBoston]

1 hour ago, Jarsky said:

So your hostname is managed by dynu? Then you need to create an A record, with the hostname and external IP address

If you have say a webserver that understands name based VirtualHosts, then your webserver will determine where to direct the traffic. i.e I could run a website info.site.com and admin.site.com, both have the same A record (IP Address) but my Apache webserver would direct requests for info.site.com to /www/info, and admin.site.com to /www/admin

If im using other services that run out of ports and are managed by me rather than a webserver how would i go about managing their direction 

[Jarsky]

1 minute ago, BostonBoston said:

If im using other services that run out of ports and are managed by me rather than a webserver how would i go about managing their direction 

 

Do you mean you want to redirect to a specific port, based on the hostname? Some things can use an SRV record...otherwise you need like a reverse proxy in between...

It depends how the request is sent through to your server...you can only do *so* much with a single public IP address though...

[BostonBoston]

1 hour ago, Jarsky said:

 

Do you mean you want to redirect to a specific port, based on the hostname? Some things can use an SRV record...otherwise you need like a reverse proxy in between...

It depends how the request is sent through to your server...you can only do *so* much with a single public IP address though...

if i have [x] service running on x.x.x.x:xxxx and want node.hostname.com to allow me to connect to it rather than remembering the ip, like remote desktop, what do i do in that scenario 

[Jarsky]

1 hour ago, BostonBoston said:

if i have [x] service running on x.x.x.x:xxxx and want node.hostname.com to allow me to connect to it rather than remembering the ip, like remote desktop, what do i do in that scenario 

 

On your DNS host (dynu.com) you need to create an "A record" which is the Public IP address of your server. 

If you have a dynamic IP address, then install dynu's dynamic update client which will update the IP address for you, and keep it up to date whenever your IP address changes. 

 

You will still need to remember what port the service is running on depending on the service thats running on that port. 

Dont forget you will also need to forward the ports in your routers firewall. 

[BostonBoston]

1 hour ago, Jarsky said:

 

On your DNS host (dynu.com) you need to create an "A record" which is the Public IP address of your server. 

If you have a dynamic IP address, then install dynu's dynamic update client which will update the IP address for you, and keep it up to date whenever your IP address changes. 

 

You will still need to remember what port the service is running on depending on the service thats running on that port. 

Dont forget you will also need to forward the ports in your routers firewall. 

yep yep, good information, now ive heard rather than port forwarding for security reasons i can use an srv record instead?

[Jarsky]

44 minutes ago, BostonBoston said:

yep yep, good information, now ive heard rather than port forwarding for security reasons i can use an srv record instead?

SRV records have nothing to do with port forwarding. They allow you to redirect a port with a DNS entry. 

But they only work for things that are RFC2782 compliant such as SIP.  https://www.ietf.org/rfc/rfc2782.txt

[mtz_federico]

You would acces your service doing something like portal.domain.com:port

and on your dns providers’s website you just need to create an A record pointing the subdomain (in this example is portal) to the external ip of your server

[Mikensan]

DNS is domain name service, it does nothing else. It resolves a name to some infromation, it doesn't route/forward/proxy. Port manipulation is done by NAT / routing / proxy / your-firewall.

 

You have external and internal (public and private). If you want to internally use DNS then you need to create a DNS server (Windows Domain Controllers automatically come with this role). You do not technically need to purchase domain names for internal use. Then you need to tell all your clients (desktops, laptops, phones) to use your internal DNS server instead. You must also configure your internal DNS server to forward requests to a public DNS server for queries it does not know the answer to. Then you need to create a zone for the domain you wish to use (unless it matches your AD domain), and then create your A records.

 

Now if you want to use sub.domain.com from the public internet (like at a friend's house or a cafe) you need to do a few things. First if you do not own domain.com you need to purchase it, or use a free service like no-ip.com. Then you need to create an A record with your public IP address (ipchicken.com). Then you need to check if the propigation has completed (https://www.whatsmydns.net/). Once this is done, you just need to forward ports for the services you wish to use. For instance, if you are hosting a website from 192.168.1.2 you need to create a NAT / Port-Forward rule. Internet > YourPublicIP:443 > NAT > 192.168.1.2:443. To verify this is working either use your cellphone (with the WiFi turned off) or use a website to check (https://www.yougetsignal.com/tools/open-ports/). Please note, before you use the website to check you must have the server turned on and ready, if there is nothing accepting connections the port check will fail. If you forward 443, make sure your IIS website is running for example.