ExternalDNS is an open-source tool that automates the management of public DNS records for Kubernetes resources such as services and ingresses, that are publicly exposed outside the cluster.
The ExternalDNS solution offers the following capabilities:
Control to developers to manage DNS resources that are usually managed manually by third teams. Example: Infrastructure team.
Ensures that the DNS records are always up-to-date with the current state of the Kubernetes cluster.
Manages a large number of records automatedly.
Simplifies the management of DNS records with improved security.
Prerequisites: Ensure that you have the following before you begin:
A domain name that is registered with your domain provider aka Registrar or a subdomain under your control.
A token from a user with privileges to manage zones and records with Cloud DNS.
An IONOS Managed Kubernetes cluster.
The kubectl installed on your local machine.
The Helm tool for installing a Helm chart.
Follow these steps to set up ExternalDNS for your Managed Kubernetes with IONOS DNS Provider Cloud DNS:
Prepare domain name: You need to first Create a DNS Zone for your domain name with Cloud DNS and then Connect Domain Name to Cloud DNS.
Add Helm chart: Add the Bitnami Helm repository, which contains the official external-dns Helm chart.
Create configuration: Create values file for ExternalDNS Helm chart that includes the plugin configuration. In this example, the values file is called external-dns-ionos-values.yaml.
Install ExternalDNS: To install ExternalDNS with Bitnami Helm chart, use the following commad:
Deploy application: Follow this step to deploy an application:
Deploy an echo server application by using the file echoserver_app.yaml.
If you want to use a service, you do not need to install an ingress controller. You can install an ingress controller in the cluster and deploy the application with kubectl by using the following command:
Result: The deployment of ExternalDNS on Managed Kubernetes is complete.
You can verify that the application deployed is functioning as expected by using one of the following options.
Check that the echo server app runs on the subdomain you have specified by using the following command:
Expected result:
Check that the new A and TXT records are created by using the following command:
The tutorial guides you through the commonly referred topics in the Cloud DNS:
ExternalDNS: Cloud DNS offers ExternalDNS integration that makes Kubernetes resources discoverable via the public DNS servers. For more information, see ExternalDNS for Managed Kubernetes tutorial.
Set Up a Secondary Zone: Guides you through how to set up a primary zone in IONOS Cloud Dedicated Core server and a secondary zone with Cloud DNS. For more information, see Set Up a Secondary Zone tutorial.
Enhance Email Deliverability with a Reverse DNS, SPF, and DKIM Record: Guides you through creating a reverse DNS, SPF, and DKIM record for your domain name. For more information, see Enhance email deliverability with a Reverse DNS and SPF record tutorial.
Issue TLS Certificates using IONOS Cloud Certbot Plugin: Guides you through creating TLS certificates using the IONOS Cloud Certbot Plugin. For more information, see Issue TLS Certificates using IONOS Cloud Certbot Plugin tutorial.
A PTR record is crucial for email servers, establishing Reverse DNS mapping and verifying server IP legitimacy. It's vital for email deliverability, preventing spam flags and contributing to FCrDNS. Servers lacking PTR records may face rejection, impacting delivery. Additionally, SPF records specify authorized email servers, preventing spoofing. DKIM further authenticates outgoing emails, enhancing trust and communication.
This tutorial will guide you on how to install and configure a email server and a PTR, SPF and DKIM records using IONOS Cloud DNS API. The steps we will follow are:
Reserve an IPv4 in your IONOS Cloud setup.
Create an A and MX record for your email server. For information on common record types, see Create records of other types.
Install and configure the email server on a Dedicated Core Server in the IONOS Cloud.
Test the email deliverability from the Dedicated Core Server.
Add a pointer record (PTR), DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF) record for your email server.
Test the email deliverability after adding PTR, DKIM and SPF records.
Info:
Pointer Record (PTR): A type of DNS record that maps an IP address to a domain name, commonly used for reverse DNS lookups to verify the authenticity of the sender's domain.
DomainKeys Identified Mail (DKIM): A method for validating the authenticity of email messages by adding a digital signature to the email headers, allowing receiving servers to verify that the message has not been altered and comes from a legitimate sender.
Sender Policy Framework (SPF): A DNS-based email authentication protocol used to prevent email spoofing by specifying which IP addresses are allowed to send emails on behalf of a particular domain. This helps to detect and prevent email fraud.
Switch to IPv6 and configure your email server to use IPv6.
Result: Email deliverability is achieved using reverse DNS, MX, A, DKIM, and SPF records for both IPv4 and IPv6.
To reserve an IPv4 in IONOS Cloud, follow these steps:
1. In the DCD, go to Menu > Network > IP Management.
2. In IP Management, click Reserve IPs, and a new pop-up window appears. Enter the following information:
Name: Enter a suitable name.
Number of IPs: Select the number of IP addresses to be reserved.
Region: Select a region that is the same as the region of your Dedicated Core server. Click Reserve IPs to reserve the IP addresses and confirm the reservation by selecting OK.
3. Exit the IP Management window and return to the IONOS Cloud Workspace.
Result: The IPv4 address is reserved.
1. To create an A record for your email server, follow these steps:
Info: We already own the zone mail.demo-ionos.cloud
and will use it for this tutorial. Previously, we have created a zone demo-ionos.cloud using the IONOS Cloud DNS API. For more information on how to create a zone using IONOS Cloud DNS API, see Create a zone using IONOS Cloud DNS API.
Prerequisite: Make sure to use your own <zone_id>
and <your_server_ip>
along with your <authorization token>
.
2. Create an MX record for demo-ionos.cloud using the IONOS Cloud DNS API:
Result: The A and MX records for your email server are created.
Info: For more information on how to create a record for a zone using IONOS Cloud DNS API, see Create a record for a zone using IONOS Cloud DNS API.
Note:
The user who creates the server has full root or administrator access rights. A server, once provisioned, retains all its settings (resources, drive allocation, password, and so on), even after server restart at the operating system level.
The server will only be removed from your virtual data center once you delete it in the DCD.
To set up a Dedicated Core server in IONOS Cloud, follow these steps:
1. Create a Dedicated Core server and configure the server in the Settings tab by following the steps in Create a Dedicated Core Server.
2. Configure the server Network settings by following the steps in the Dedicated Core Server network settings.
3. Configure the server Storage settings by following the steps in the Dedicated Core Server storage settings.
4. Continue to provision the changes and start the Dedicated Core Server by following the steps in the Provision changes and starting the Dedicated Core Server.
Result: A Dedicated Core Server is set up and started along with the configuration of Settings, Network, and Storage setup.
In the DCD > Inspector pane on the right, configure the following network details in the Network tab.
1. Name: Choose a name unique to this Virtual Data Center (VDC).
2. MAC: Assigned on VM creation.
3. LAN: Select the LAN connection that is connected to the internet, by default LAN 1.
4. Firewall: By default, the firewall is disabled. To enable firewall rules, make sure that incoming and outgoing traffic is allowed on port 25 for UDP and TCP.
5. In the IPv4 Configuration, click Add IP and select the same IP address that you used to create an A record.
Result: The Network settings for a Dedicated Core server are configured.
Warning: The storage type cannot be changed after provisioning.
In the DCD > Inspector pane on the right, configure the following storage details in the Storage tab.
1. Click SSD and a new pop-up window Create New Attached Storage appears.
2. Configure the following storage details:
Name: Enter a name that is unique within your VDC.
Availability Zone: Leave on "Auto".
Size in GB: Enter "20" which is sufficient for this tutorial.
Performance: Select "Standard".
Image: You can select one of IONOS images or snapshots, or use your own. For this tutorial, we will use an Ubuntu server image from IONOS. To make the same choice, select ubuntu-22.04-server-cloudimg-amd64 under IONOS Images.
Password: Create a password for the "root" user of the server. You will need this password to SSH and make changes.
SSH Keys: Select an SSH key stored in the SSH Key Manager.
Ad-hoc SSH Key: If you have not created an SSH key, copy and paste the public part of your SSH key into this field.
Cloud-Init user data: You can add the below Cloud-Init user data to your server. This will install Postfix, OpenDKIM, and OpenDKIM tools. Replace <your-email-domain>
with your email domain.
Boot from Device: Select this checkbox to make the SSD drive bootable.
3. Click Create SSD Storage to create the SSD storage.
Result: The Storage settings for a Dedicated Core server are configured.
1. Select the newly created Dedicated Core server.
2. From the Settings tab in the Inspector pane, select Power > Start.
3. Click Provision Changes in the lower right corner and further click Provision Now.
Result: The Dedicated Core server is provisioned and started.
Next steps: After your changes are provisioned and the server is started, select your Dedicated Core server, click the Network tab in the Inspector pane and copy one of the IPv4 addresses.
Note: You can now connect to your Dedicated Core Server, and send a test email. The email might be marked as spam, depending on your email provider. At this point, you have configured only A and MX records.
1. Connect to your Dedicated Core Server via ssh
:
2. Test the configuration using the following bash command:
Info: Replace <your-email>@<your-domain>
with your email address.
You should receive an email titled Test Email containing the message This is a test email. However, depending on your email provider, the email might be redirected to your spam folder. For example, the email can be in the spam folder with a note Mail system could not verify that demo-ionos.cloud actually sent this message (and not a spammer).
3. Check the mail.log
file to see the status of the email delivery:
4. Get the public key for the DKIM record:
Info: Public key for the DKIM record can be found in the /mail.txt
file. This is necessary to create the DKIM record.
The output should be similar to something like this:
Here, you need to save the public key for the next step.
Result: You have tested email deliverability with A and MX records.
1. Create a PTR record for your email server using the IONOS Cloud DNS API:
2. Create an SPF record for mail.demo-ionos.cloud
using IONOS Cloud DNS API:
Info:
For your SPF record make sure that instead of mail.demo-ionos.cloud
you use your own domain name.
After creating the PTR record and the SPF record, it might take around 10 minutes to propagate.
3. Create a DomainKeys Identified Mail (DKIM) record for mail.demo-ionos.cloud
using the IONOS Cloud DNS API:
4. Test the email deliverability using the following bash command:
Result: You have created reverse DNS, SPF, and DKIM records for your email server and tested email deliverability.
Info: Replace <your-email>@<your-domain>
with your email address.
Once you have configured your email server to use IPv4, you can now configure your email server to use IPv6.
1. To enable IPv6 for your LAN, select the LAN connection connected to the internet, then select the IPv6 enabled option. Provision your changes.
2. After the changes are provisioned and IPv6 is enabled you can configure your NIC in the Network tab. Provide the following details:
Name: Your choice is recommended to be unique to this Virtual Data Center (VDC).
MAC: The Media Access Control (MAC) address will be assigned automatically upon provisioning.
LAN: Select a LAN for which you want to configure the network.
Firewall: To activate the firewall, choose between Ingress / Egress / Bidirectional.
IPv4 Configuration: Provide the following details:
Primary IP: The primary IP address is automatically assigned by the IONOS DHCP server. You can, however, enter an IP address for manual assignment by selecting one of the reserved IPs from the drop-down list. Private IP addresses should be entered manually. The Network Interface Controller (NIC) has to be connected to the Internet.
Failover: If you have an HA setup including a failover configuration on your VMs, you can create and manage IP failover groups that support your High Availability (HA) setup.
Firewall: Configure the firewall.
DHCP: It is often necessary to run a Dynamic Host Configuration Protocol (DHCP) server in your VDC (e.g. Preboot Execution Environment (PXE) boot for fast rollout of VMs). If you use your own DHCP server, clear this checkbox so that your IPs are not reassigned by the IONOS DHCP server.
Add IP: In order to use "floating" or virtual IPs, you can assign additional IPs to a NIC by selecting them from the drop-down menu.
IPv6 Configuration: Provide the following details:
NIC IPv6 CIDR: You can populate an IPv6 CIDR block with prefix length /80 or allow it to be automatically assigned from the VDCs allocated range, by selecting PROVISION CHANGES. You can also choose 1 or more individual /128 IPs. Only the first IP is automatically allocated. The remaining IPs can be assigned as per your requirement. The maximum number of IPv6 IPs that can be allocated per NIC is 50.
DHCPv6: It is often necessary to run your own DHCPv6 server in your Virtual Data Center (VDC) (e.g. PXE boot for fast rollout of VMs). If you use your own DHCPv6 server, clear this checkbox so that your IPs are not reassigned by the IONOS DHCPv6 server.
Add IP: In order to use "floating" or virtual IPs, you can assign additional IPs to a NIC by selecting them from the drop-down menu.
To create the PTR record, use the automatically assigned IPv6 address from the VDCs allocated range. Continue and select PROVISION CHANGES.
3. Create a PTR record for your mail server using IONOS Cloud DNS API:
Note: Replace 2001:0db8::1
with your own IPv6 address.
4. Create an AAAA record for mail.demo-ionos.cloud
pointing to the IPv6 address that was assigned to your server:
Note: Replace 2001:0db8::1
with your own IPv6 address.
5. You need to alter the SPF record to include the IPv6 address. To update the SPF record, you need to get <spf_record_id>
using:
6. Update the SPF record to include the IPv6 address using:
Note: Replace <IPv4 address of email server>
and <IPv6 address of email server>
with IPv4 and IPv6 addresses of the email server.
7. Login to the email server using the new IPv6 address and test again the email deliverability using:
and send an email:
8. We can check the mail.log
using:
Result: You have switched from IPv4 to IPv6 and tested email deliverability.
Transport Layer Security(TLS), is a pivotal security protocol that ensures the encryption of data transmitted between web browsers like Chrome, Firefox, and web servers.
Employing TLS certificates for all hosted content and applications is imperative. It not only safeguards sensitive information but also fosters trust among users by guaranteeing secure communication channels.
Info: To obtain a Let’s Encrypt certificate for your domain, verification of ownership is required. This can be achieved through various methods detailed in the Let’s Encrypt documentation. One commonly used method is the DNS-01 challenge, which necessitates demonstrating control over the domain's DNS by generating a specific value in a TXT record. Utilizing the Certbot plugin facilitates the certificate issuance process by managing TXT records automatically, handling tasks such as creation, removal, renewal, and revocation. Further details on this process can be found in the Certbot documentation.. For more information on Cloud DNS Certbot plugin, see Cloud DNS Certbot GitHub.
This tutorial will guide you on how to install and configure a simple web server, create an A record for that web server using IONOS Cloud DNS API, and create an TLS certificate for your web server using Cloud DNS Certbot. The steps we will follow are:
Reserve an IPv4 in your IONOS Cloud setup.
Set up a Web Server on Dedicated Core Server in IONOS Cloud.
Create an A record for your web server. For information on common record types, see Create records of other types.
Create an TLS certificate for your web server using IONOS Cloud Certbot Plugin.
Add TLS certificate to your web server configuration.
Test your TLS certificate.
Prerequisites:
You have an IONOS account. If you do not have an account, you can create one by visiting the IONOS website.
You have a zone with IONOS Cloud DNS. If you do not have a zone, you can create one using the IONOS Cloud DNS API. For more information, see Create a zone using IONOS Cloud DNS API. We will refer to this zone and zone name as <your-zone>
and <your-zone-name>
, respectively.
Make sure to use your own <zone_id>
and <your_server_ip>
along with your <authorization token>
.
To reserve an IPv4 address in IONOS Cloud, follow these steps:
1. In the DCD, go to Menu > Network > IP Management.
2. In IP Management, click Reserve IPs, and a new pop-up window appears. Enter the following information:
Name: Enter a suitable name.
Number of IPs: Select the number of IP addresses to be reserved.
Region: Select a region that is the same as the region of your Dedicated Core server. Click Reserve IPs to reserve the IP addresses and confirm the reservation by selecting OK.
3. Exit the IP Management window and return to the IONOS Cloud Workspace.
Result: The IPv4 address is reserved.
Note:
The user who creates the server has full root or administrator access rights. A server, once provisioned, retains all its settings (resources, drive allocation, password, and so on), even after server restart at the operating system level.
The server will only be removed from your virtual data center once you delete it in the DCD.
To set up a Dedicated Core server in IONOS Cloud, follow these steps:
1. Create a Dedicated Core server and configure the server in the Settings tab by following the steps in Create a Dedicated Core Server.
2. Configure the server Network settings by following the steps in the Dedicated Core Server network settings.
3. Configure the server Storage settings by following the steps in the Dedicated Core Server storage settings.
4. Continue to provision the changes and start the Dedicated Core Server by following the steps in the Provision changes and starting the Dedicated Core Server.
Result: A Dedicated Core Server is set up and started along with the configuration of Settings, Network, and Storage setup.
In the DCD > Inspector pane on the right, configure the following network details in the Network tab.
1. Name: Choose a name unique to this Virtual Data Center (VDC).
2. MAC: It is automatically assigned during the VM creation.
3. LAN: Select the LAN connection that is connected to the internet by default it is LAN 1.
4. Firewall: By default, the firewall is disabled. To enable firewall rules, make sure that incoming and outgoing traffic is allowed on port 25 for UDP and TCP.
5. In the IPv4 Configuration, click Add IP and select the same IP address that you used to create an A record.
Result: The Network settings for a Dedicated Core server are configured.
Warning: The storage type cannot be changed after provisioning.
In the DCD > Inspector pane on the right, configure the following storage details in the Storage tab.
1. Click SSD and a new pop-up window Create New Attached Storage appears.
2. Configure the following storage details:
Name: Enter a name that is unique within your VDC.
Availability Zone: By default, the value is set to "Auto".
Size in GB: We recommend using 20 for the storage size.
Performance: Select "Standard".
Image: You can select one of IONOS images or snapshots, or use your own. For this tutorial, we will use an Ubuntu server image from IONOS. To make the same choice, select ubuntu-22.04-server-cloudimg-amd64 under IONOS Images.
Password: Create a password for the "root" user of the server. You will need this password to SSH and make changes.
SSH Keys: Select an SSH key stored in the SSH Key Manager.
Ad-hoc SSH Key: If you have not created an SSH key, copy and paste the public part of your SSH key into this field.
Cloud-Init user data: To install the Nginx web-server, Certbot, and Python3-pip tools, use the following Cloud-Init user data.
Boot from Device: Select this checkbox to make the SSD drive bootable.
3. Click Create SSD Storage to create the SSD storage.
Result: The Storage settings for a Dedicated Core server are configured.
1. Select the newly created Dedicated Core server.
2. From the Settings tab in the Inspector pane, select Power > Start.
3. Click Provision Changes in the lower right corner and click Provision Now.
Result: The Dedicated Core server is provisioned and started.
Next steps: After your changes are provisioned and the server is started, select your Dedicated Core server, click the Network tab in the Inspector pane, and copy one of the IPv4 addresses.
1. To create an A record for your email server, follow these steps:
Info: We already own the zone demo-ionos.cloud
and will use it for this tutorial. Previously, we created a zone demo-ionos.cloud
using the IONOS `Cloud DNS API. For more information on how to create a zone using IONOS Cloud DNS API, see Create a zone using IONOS Cloud DNS API.
Prerequisite: Make sure to use your own <zone_id>
and <your_server_ip>
along with your <authorization token>
.
Result: The A record for your web server is created.
Info: For more information on how to create a record for a zone using IONOS Cloud DNS API, see Create a record for a zone using IONOS Cloud DNS API.
1. Create a credentials.ini
file containing the IONOS Cloud API token. This file must contain ionos_dns_token
key with the value of the access token:
and add the following content:
Save and exit the file.
2. Restrict access to the credentials.ini
file:
3. Create an TLS certificate for your web server using the IONOS Cloud Certbot Plugin:
Flag
Description
--authenticator dns-ionos
Specifies the authenticator plugin to be used.
--dns-ionos-credentials
Specifies the path to the credentials.ini
file.
--dns-ionos-propagation-seconds
Specifies the time to wait for DNS propagation.
--agree-tos
Agrees to the terms of service.
--rsa-key-size
Specifies the size of the RSA key.
-d
Specifies the domain name for which the certificate is issued. Provide the previously created zone name.
4. When prompted, enter the email address for urgent renewals and security notices.
5. The Certbot plugin will automatically create a TXT record in your zone to verify the domain ownership.
6. The Certbot plugin will issue the TLS certificate for your web server. On successful issuance, you will see the following message:
Note: TLS Certificate and Key will be created in /etc/letsencrypt/live/<your-zone>/
folder. For the purpose of this tutorial we used zone demo-ionos.cloud
, therefore TLS Certificate and Key are created in /etc/letsencrypt/live/demo-ionos.cloud/
directory.
Result: The TLS certificate for your web server is issued using the IONOS Cloud Certbot Plugin.
1. Add the TLS certificate to your web server configuration by editing the Nginx configuration file:
2. At the beginning of /etc/nginx/sites-available/default
file, uncomment the following lines:
3. Add the following lines to the bottom of the server
block:
4. Your /etc/nginx/sites-available/default
file should look like this:
5. Save and exit the file.
6. Restart the Nginx service:
7. Verify the Nginx service status:
Result: The TLS certificate is added to your web server configuration.
1. To test your TLS certificate, open a web browser and enter the URL https://<your-zone-name>
.
Result: The TLS certificate is successfully installed, and your web server is secure.
Let's Encrypt certificates are valid for 90 days.
1. To manually renew your TLS certificate using the IONOS Cloud Certbot Plugin, you can do it manually by issuing the following command:
2. To automate the renewal process, you can set up a cron job to run the renewal command automatically. For more information on how to set up automated renewals, see the Certbot documentation page.
Result: Your TLS certificate is renewed successfully.
This tutorial explains how to set up a secondary DNS zone in IONOS Cloud by running a bind9 server on an Ubuntu operating system. The setup includes the following configuration steps:
Set up a Dedicated Core server in IONOS Cloud.
Configure a primary nameserver on a Dedicated Core Server in IONOS Cloud running a bind9 server on an Ubuntu operating system.
Create a secondary DNS zone using IONOS Cloud DNS API.
Establish and verify the zone transfer between primary and secondary zones.
Note:
The user who creates the server has full root or administrator access rights. A server, once provisioned, retains all its settings (resources, drive allocation, password, and so on), even after server restart at the operating system level.
The server will only be removed from your virtual data center once you delete it in the DCD.
To set up a Dedicated Core server in IONOS Cloud, follow these steps:
1. Create a Dedicated Core server and configure the server in the Settings tab by following the steps in Create a Dedicated Core Server.
2. Configure the server Network settings by following the steps in the Dedicated Core Server network settings.
3. Configure the server Storage settings by following the steps in the Dedicated Core Server storage settings.
4. Continue to provision the changes and start the Dedicated Core Server by following the steps in the Provision changes and starting the Dedicated Core Server.
Result: A Dedicated Core Server is set up and started along with the configuration of Settings, Network, and Storage setup.
In the DCD > Inspector pane on the right, configure the following network details in the Network tab.
1. Name: Choose a name unique to this Virtual Data Center (VDC).
2. MAC: Assigned on VM creation.
3. LAN: Select the LAN connection that is connected to the internet, by default LAN 1.
4. Firewall: By default, the firewall is disabled. To enable firewall rules, make sure that incoming and outgoing traffic is allowed on port 53 for UDP and TCP.
5. IPv4 Configuration: Leave to default values.
Result: The Network settings for a Dedicated Core server are configured.
Warning: The storage type cannot be changed after provisioning.
In the DCD > Inspector pane on the right, configure the following storage details in the Storage tab.
1. Click SSD and a new pop-up window Create New Attached Storage appears.
2. Configure the following storage details:
Name: Enter a name that is unique within your VDC.
Availability Zone: Leave on "Auto".
Size in GB: Enter "30" which is sufficient for this tutorial.
Performance: Select "Standard".
Image: You can select one of IONOS images or snapshots, or use your own. For this tutorial, we will use an Ubuntu server image from IONOS. To make the same choice, select ubuntu-22.04-server-cloudimg-amd64 under IONOS Images.
Password: Create a password for the "root" user of the server. You will need this password to SSH and make changes.
SSH Keys: Select an SSH key stored in the SSH Key Manager.
Ad-hoc SSH Key: If you have not created an SSH key, copy and paste the public part of your SSH key into this field.
Cloud-Init user data: Leave on "No configuration".
Boot from Device: Select this checkbox to make the SSD drive bootable.
3. Click Create SSD Storage to create the SSD storage.
Result: The Storage settings for a Dedicated Core server are configured.
1. Select the newly created Dedicated Core server.
2. From the Settings tab in the Inspector pane, select Power > Start.
3. Click Provision Changes in the lower right corner and further click Provision Now.
Result: The Dedicated Core server is provisioned and started.
Next steps: After your changes are provisioned and the server is started, select your Dedicated Core server, click the Network tab in the Inspector pane and copy the IPv4 address.
Prerequisite: A Dedicated Core server in IONOS Cloud needs to be set up and you must have the IPv4 address of the server.
To configure a Dedicated Core server and enable it to act as the primary nameserver, follow these steps:
1. SSH into the newly created Dedicated Core server.
2. Connect to the newly created server via SSH.
3. Proceed with configuring bind9 and your primary DNS zone.
4. Configure notify to the IONOS Cloud DNS anycast nameserver and allow zone update from localhost.
Note: For sending DNS notify messages, Cloud DNS uses the following Anycast addresses: IPv4 212.227.123.25 or IPv6 2001:8d8:fe:53::5cd:25.
5. Create your primary zone.
6. Edit the zone file.
7. Save your changes and quit the Vim editor.
8. Check the configuration, reload bind, and verify that the configured zone is working.
Result: The Dedicated Core server is configured as the primary nameserver in IONOS Cloud running a bind9 server on an Ubuntu operating system.
Prerequisite: A Dedicated Core server in IONOS Cloud is set up as a primary nameserver.
To create a secondary zone in the IONOS Cloud DNS by using the REST API, follow this step:
Send a POST request to the /secondaryzones
endpoint.
Result: A secondary zone in IONOS Cloud DNS is successfully created By using a POST request.
On the primary nameserver, you can verify the zone transfer in the logs by executing the following command:
You can also verify zone transfer status using IONOS Cloud DNS API:
On success response: 200 OK
Result: The zone transfer between primary and secondary zones is successfully verified.
To add a record, follow these steps:
1. On the primary nameserver, update the zone with a new record setting—A record to a TEST-NET-3 IP address:
2. Resolve the new record locally.
3. View the logs which show that a notification is sent to the secondary zone for the new record.
4. Using Cloud DNS API, verify that the newly added record is transferred to the secondary zone.
5. Globally resolve a new record from the IONOS Cloud DNS anycast network by using the following command:
Result: A record is successfully added to the primary nameserver.