DNS, domains and their delegation. We delegate the domain to a new hosting

Domain delegation is the process of transferring control of part of a domain zone to another responsible party. Despite the fact that it sounds very complicated, domain delegation itself consists of specifying DNS servers for it. This operation is available to anyone with an initial level of Internet user knowledge. Technically, in order to delegate a domain, you need to specify a resource record (usually several records) in its zone. type NS.

According to the Rules for Registration of Domain Names in the .RU and .РФ domains, an application for delegation is carried out only on the condition that the registrar has checked the possibility of contacting the administrator using the telephone number stored in the Registry with the function of receiving short text messages (sms).

In some areas (for example .ru, .su And .rf) domains can be removed from delegation, despite the fact that DNS servers are specified for them. In fact, such a domain will not be accessible, control over its zone will not be transferred to any name servers, but whois server It will still report that certain DNS servers are registered for the domain. In this case, the whois server necessarily displays information about the status of the domain, for example, for the zone .ru in case of removal from delegation, the state is specified: REGISTERED, UNDELEGATED. You can view the statuses of domain names in our.

The reasons for urgently removing a domain from delegation vary. The initiative can come from both the domain owner and the registrar. If the owner himself wants to instantly disconnect all services and sites associated with the domain from the domain, he needs to set the status for the domain UNDELEGATED(statuses may vary depending on the domain zone), and the task will be completed. If the registrar receives a complaint about a certain domain, he has the right to forcefully remove the domain from delegation at his own discretion.

In addition to emergency cases of removing a domain from delegation, there are also standard cases regulated by the registry rules.

Delegation and domain registration period

After the domain registration period expires, the domain is removed from delegation and a blocking period begins, after which the domain is removed from the Registry. Domains in zones .ru, .su And .rf are not deleted on weekends and holidays, as well as on the first working day after a non-working day. For most Western domain zones, similar rules are established.

Domain delegation takes some time

Due to the technical features of the domain name resolution system (the so-called DNS system), after installing DNS servers for a domain, the domain will not be delegated to them immediately. Despite the fact that almost at the same moment the information on the whois server will change, the local DNS servers of Internet providers will receive it only after some time. It has been experimentally established that domain delegation, i.e. distributing information about new DNS among Internet providers on our planet requires about 24 hours. But don’t be surprised if after changing DNS servers you will be able to see a functioning website on your domain much earlier. However, it may also happen that the site will be unavailable after 24 hours. The maximum period of time required for domain delegation is 72 hours.

The person who has at least once independently delegated a domain (domain name) will agree that the one that was purchased from one would be better placed on the server of another registrar that provides hosting services. At first glance, it seems that this is a very simple operation that does not require special knowledge, but the person who is performing this procedure for the first time becomes stunned.

Why is it necessary to carry out the domain delegation procedure?

In order to answer such an important question, you must first clearly understand that a domain is just the personal address of your website, which can be accessed from any place on the planet that has a connection to the global network. But in order for the domain to start working fully, it must be placed on and linked to the servers of this hosting, in other words, we can say that the DNS connection procedure is being performed.

In order to provide the site with the most secure operation, it needs two DNS servers. If one server stops working fully, then the second DNS server will take over this task. It should be understood that accessibility of your site is a very important indicator that will directly affect the size of your customer base. How do you think that the same visitor will return to your site if one day your project was unavailable for even a short period of time? And its inaccessibility may be due to a power outage or the negative consequences of a natural disaster; the situations are different, but the result will be the same.

How is domain delegation carried out?

Let's look at the solution to the problem using a specific example. The domain name was purchased from registrar “1”, and you need to link it to the hosting from registrar “2”. The whole point of this process is that at the end of the process of registering a domain name with registrar “1” you will be required to provide the address of two DNS servers from registrar “2”, this is done in order to provide the most reliable and stable operation of your Internet - project. From this it follows that the hosting service from registrar “2” must be ordered in advance.

After the domain name registration process is completed, two or more cells will appear in which it will be necessary to place the existing DNS server addresses for domain delegation. Naturally, these cells can be left empty and filled in only after a decision has been made regarding the choice of hoster. But the example will be considered in the case of filling two cells.

For example, you have a hosting provider RU center, whose two servers are located in Amsterdam and Moscow, and to carry out the delegation procedure you need to register the server data. DNS 1: ns4.nic.ru (first cell) and DNS 2: ns5.nic.ru (second cell). You can also register a third address, for example, ns6.nic.ru, but this procedure is not mandatory. Instead of DNS, you can also register an IP address, but this situation does not make the overall process any easier. But if it is more convenient for you, you can find out the IP addresses from the support service of the registrar that provides you with hosting.

In order to carry out the domain delegation procedure, nothing else is required. After the information regarding the situation in domain zones is updated, the delegated domain will be available for use on the hosting you specified, and you can start fill out your website.

Many novice website owners are interested in why the domain is not immediately available. Indeed, since registration only takes a few minutes, where does the rest of the time go? The same problem occurs when transferring an address to another hosting. The reason for this is. From the article you will find out what it is.

Before you start registering, you must choose the name of the future site, which must consist of a unique sequence of letters or numbers (a hyphen is allowed, but not at the end or beginning). This combination is the domain name of your resource. You can purchase a free address from registrar companies, which can be easily found.

Registration process

First of all, you go to a resource that provides the services you need. Fill out a form in which you indicate your data. The registrar inspects them and, if everything is correct, makes an entry about the new address in a special registry, that is, it delegates domains. Soon the information will be updated on the main servers. If necessary, the cache on the DNS servers is updated.

Each registration stage takes a certain amount of time, which depends on the organization’s settings. This is why you cannot start using the resource immediately after paying for the address. You can check domain delegation in the control panel in your personal account on the registrar’s website.

Domain transfer

There is such a procedure as its re-delegation. To implement this, you need to submit an application to change the list of NS servers. This can be done in your personal account on the registrar’s website. For the correct procedure, you need to specify new server addresses to which the redelegation will be carried out.

Changes are made quickly, the approximate time is about half an hour. Then a longer process begins (up to several days) - irrelevant information about old values is cached on the providers' servers.

This domain zone update is a process that cannot be controlled. The waiting time depends on the settings of previous servers and the DNS status of each individual provider. It is technically impossible to predict when it will end and the delegation of domains will be completed. That is why you should be patient and not blame the new hosting for being slow: in this case, practically nothing depends on it.

What needs to be done to speed up the process?

The main reason that slows down domain delegation is caching incorrect information about them. If you are registering a completely new address, just be a little patient and wait, the process shouldn't take long. It makes sense to act if you are transferring a domain, then reducing the waiting time is quite possible.

Contact the administrator of the server to which the address is delegated and ask him to change the TTL information (set the minimum value).
Test the domain zone. Many registrar companies offer to do this automatically. Sometimes, due to network problems, this procedure will fail even if the zone is configured correctly, so it is up to you to decide whether to use this advice.
If you change the list of servers for a domain, do not access it for a while. If you need to work with the resource during the transfer, contact your hosting provider. Ask about a service domain name to access resources (also called technical aliases).
If you can do it, clear the resolver cache yourself. For example, in the Windows operating system you can do this using a console command.

Let's sum it up

So now you know what domain delegation means. This is the second stage of registering your address on the Internet. First, information about the new address is added to a special database, then the domain is directly delegated. Without completing these important steps, you can't expect the resource to perform.

Delegation is an important stage of registration. Only after it has been completely passed will the address become fully operational, and only then will you be able to see the site on the World Wide Web. In other words, delegation is the activation of a registered domain.

Domain delegation is the indication of DNS servers that ensure its functionality. DNS servers must be specified in the domain settings on the registrar's website.

Attention.

You can delegate a domain to Yandex servers only after you have added it to Mail for the domain.

To delegate a domain to Yandex servers:

To do this, open the My Domains page and log in to the account created to work with it. Check the availability of the required domain.

Change the primary and secondary DNS server values as follows:

The primary DNS server is “dns1.yandex.net.” .

Secondary DNS server - “dns2.yandex.net.” .

Note. The letter “d” at the beginning of the name of DNS servers is required.

If your control panel has fields for entering IP addresses, leave them blank.

Wait for the DNS changes to take effect. This process can take up to 72 hours.

Check the status of your domain on the My Domains page - its value should be “The domain is connected and delegated to Yandex”.

How domain delegation will affect your website

DNS hosting and website hosting are two different services that are often provided by hosting providers at the same time. But they are not connected in any way, so you can painlessly transfer DNS hosting to Yandex servers. This will not affect the operation of the site.

When you delegate a domain to Yandex, A-records are created for the domain on the Mail servers, which point to the hosting address of your site. If A records were not created automatically, you can add them manually in the DNS editor:

In the Host field, enter the value "@" if you are setting up an entry for the root domain.

If the record is configured for a subdomain, then in the Host field you need to specify part of the subdomain name up to the first dot, for example:

if the subdomain name bar bar » ;

if the subdomain name foo.bar "foo.bar" .

in the Type list, select the value “A” (or “AAAA”, if the site is accessible via the IPv6 protocol);

In the Entry value field, specify the IP address of the desired site.

Then repeat the procedure for another A-record. If you are setting up an entry for the root domain, enter "www" in the Host field. If the record is configured for a subdomain, then in the Host field you need to specify “www” and part of the subdomain name before the first dot, for example:

if the subdomain name bar.yourdomain.tld, in the Host field specify " www.bar » ;

if the subdomain name foo.bar.yourdomain.com, in the Host field specify "www.foo.bar" .

The remaining fields are configured in the same way as the first entry.

Introduction

The main purpose of DNS is to map domain names to IP addresses and vice versa - IP to DNS. What is this whole system for? Computers on a network communicate with each other using only IP addresses. An IP address can be compared to a telephone number - in order for one computer to contact another, it needs to know its IP address. However, IP addresses have two disadvantages: firstly, there are only a limited number of them (which is not very important to us now), and secondly, and more importantly, an IP address is very difficult for a person to remember. Continuing the analogy with telephone numbers, do you remember the telephone numbers of all your friends and acquaintances? Probably not. But you can always use a notebook.

STORY

The Domain Name System was invented by Paul McPatris at the request of Jon Postel in 1983, and he also carried out its first implementation. In 1984, 4 Berkeley students - Douglas Tarry, Mark Painter, David Riggle and Sodny Zu wrote the first UNIX implementation, which they called the Berkeley Internet Name Domain Server (BIND for short). In 1985, the code for this implementation was substantially rewritten by Kevin Dunlap, and in 1990 it was ported to Windows NT. BIND is currently the most used DNS server in the world.

Domain Name System Concepts

The DNS domain structure is a tree-like hierarchy consisting of nodes, zones, domains, subdomains and other elements.

The “top” of the domain structure is the root zone. The root zone settings are located on many servers/mirrors located around the world and contain information about all root zone servers, and are also responsible for first level domains(ru, net, org, etc.). Information about root zone servers is located on the root servers website.

Zone is any part of the domain name system tree located as a whole on some DNS server. For greater understanding, the zone can be called "area of responsibility". The purpose of isolating part of the tree into a separate zone is the transfer of responsibility ( delegation) for this branch to another person or organization.

Domain is a named branch or subtree in the DNS name tree, that is, it is a specific node that includes all its child nodes.

Each node in the DNS hierarchy is separated from its parent by a dot. Domain name starts with a dot (root domain) and passes through the domains of the first, second and, if necessary, third, etc. levels and ends with the hostname. Those. Domain name fully reflects DNS hierarchy structure. The last dot (designation of the root domain) in the domain name is omitted (that is, in the browser we do not enter site.nam e. , and site.nam e ).

So, having analyzed the structure of a domain name, we quietly approached the concept FQDN.

FQDN(English) Fully Qualifed Domain Name, fully qualified domain name) is the name of the domain definitely defining a domain name and including the names of all parent domains in the DNS hierarchy, including the root one. A kind of analogue of an absolute path in the file system.

Let's look at the above using the domain name www.mydomain.com as an example:

The maximum FQDN size is 255 bytes, with a limit of 63 bytes per domain name.

There is also the so-called reserved domain names, defined in RFC 2606 ( Reserved Top Level DNS Names- reserved top-level domain names) defines domain names that should be used as examples (for example, in documentation) and also for testing. Such names include example.com, example.org and example.net, as well as test, invalid, etc.

How DNS works

The entire DNS system is built on technology client-server. This means that there are DNS servers, which are waiting for requests from users, and there are DNS clients, which send these requests. All browsers have a built-in DNS client, which is responsible for transcoding the DNS name into an IP address. After you type something in the address bar and press enter, it starts working. Initially, he knows no more about the domain name than you do, which is why he starts asking. Let's consider the procedure for obtaining an IP address based on a domain name.

If a user accesses the same network resource within a short time, the request is not sent to the remote server, but information is searched in the cache. The order of request processing can be described as follows: search for an answer in the local cache -> search for an answer on the provider’s local server -> search for information on the network.

This scheme is the most common on the network and looks like this:

Step 1. The browser looks for the domain's IP address in the local cache and if it is not found, it contacts the local domain name server (ISP server) for the IP address, telling it the domain name.
Step 2. The provider's server determines that the address is not part of the given domain and turns to the root domain name server for the server address of the requested domain.
Step 3. The root domain name server tells the local domain name server the address of the domain name server of the desired domain.
Step 4. The local domain name server asks the remote server to resolve its client's (browser) request.
Step 5. The remote server reports the IP address to the local server.
Step 6 The local server provides the IP address to the browser.
Step 7 The browser uses the received IP address to contact the site's hosting server.
Step 8 The hosting server provides the data generated upon request.

This is how the IP address of test-site.ru is determined:

Loading root server list (static data): -> a.root-servers.net (198.41.0.4) -> b.root-servers.net (192.228.79.201) -> c.root-servers.net (192.33.4.12 ) -> d.root-servers.net (128.8.10.90) -> e.root-servers.net (192.203.230.10) -> f.root-servers.net (192.5.5.241) -> g.root-servers .net (192.112.36.4) -> h.root-servers.net (128.63.2.53) -> i.root-servers.net (192.36.148.17) -> j.root-servers.net (192.58.128.30) - > k.root-servers.net (193.0.14.129) -> l.root-servers.net (199.7.83.42) -> m.root-servers.net (202.12.27.33) Sending request to "f.root-servers .net" (192.5.5.241) Received referral response - DNS servers for "ru": -> e.dns.ripn.net (193.232.142.17) -> d.dns.ripn.net (194.190.124.17) -> a .dns.ripn.net (193.232.128.6) -> b.dns.ripn.net (194.85.252.62) -> f.dns.ripn.net (193.232.156.17) Sending request to "f.dns.ripn.net " (193.232.156.17) Received referral response - DNS servers for "test-site.ru": -> ns2.test-site.ru (5.9.195.91) -> ns1.test-site.ru (5.9.195.90) Sending request to "ns2.test-site.ru" (5.9.195.91) Timeout waiting for response Sending request to "ns1.test-site.ru" (5.9.195.90) Received authoritative (AA) response: -> Answer: A- record for test-site.ru = 5.9.195.90 -> Authority: NS-record for test-site.ru = ns1.test-site.ru -> Authority: NS-record for test-site.ru = ns2.test- site.ru -> Additional: A-record for ns1.test-site.ru = 5.9.195.90 -> Additional: A-record for ns2.test-site.ru = 5.9.195.91

Storing information on DNS servers

DNS servers store information in the form of resource records.

Resource record is a unit of storage and transmission of information in DNS. Each such record carries compliance information some name And official information in DNS, for example, matching a domain name to an IP address.

A resource record consists of the following fields:

name (NAME)- the domain name to which this resource record is linked or “belongs”, or an IP address. If this field is absent, the resource record is inherited from the previous record.
Time To Live (TTL)- literally the “lifetime” of a record, the time a record is stored in the DNS cache (after the specified time the record is deleted), this field may not be specified in individual resource records, but then it must be specified at the beginning of the zone file and will be inherited by all records.
class (CLASS)- determines the type of network (in 99.99% of cases, IN is used (which means Internet). This field was created on the assumption that DNS can work in other types of networks except TCP/IP)
type (TYPE)- record type, syntax and purpose of record
data (DATA)- various information, the format and syntax of which is determined by the type.

In this case, it is possible to use the following symbols:

; - Enters a comment
· # - Also enters comments (BIND 4.9 only)
@ - Current domain name
() - Allow data to span multiple lines
* - Metacharacter (only in the name field)

The entire set of resource records can be found on Wikipedia. The most commonly used in practice are the following: resource records:

A - (address record) map a hostname (domain name) to an IPv4 address. One must be made for each network interface of the machine A-record.
Example : test-site.ru. A. 5.9.195.90. IN. 3600.

MX (mail exchange) - specifies hosts for delivery of mail addressed to the domain. In this case, the NAME field indicates the destination domain, the TTL and CLASS fields are the standard value, the TYPE field takes the value MX, and the DATA field indicates priorities separated by a space - the domain name of the host responsible for receiving mail.
Example :

test-site.ru. MX. 10. mx.yandex.ru. IN. 3600.

NAME TTL CLASS TYPE DATA
MX.YANDEX.RU 3600 IN MX 10

N.S. (name server) points to the DNS server serving this domain. It would be more accurate to say that they indicate the servers to which the given domain is delegated. If NS records refer to the name servers for the current zone, the domain name system practically does not use them. They simply explain how the zone is organized and which machines play a key role in providing the name service.
Example :

test-site.ru. NS. ns1.test-site.ru. IN. 3600.
test-site.ru. NS. ns2.test-site.ru. IN. 3600.

NAME TTL CLASS TYPE DATA
TEST-SITE.RU. 3600 IN N.S. NS1.TEST-SITE.RU
TEST-SITE.RU. 3600 IN N.S. NS2.TEST-SITE.RU

PTR (pointer) - PTR records associate an IP address with a hostname in the reverse lookup domain (in-addr.arpa). The entry contains the IP address and the hostname corresponding to that address. The hostname is specified in fully qualified domain name format. Many sites, as a security measure, deny access from computers that have discrepancies between the A and PTR records, so make sure to keep the contents of the PTR records in sync with the A records.

SOA (Start of Authority/initial zone entry) - describes the basic/initial settings of the zone, one might say, defines the area of responsibility of this server. There should be only one SOA record for each zone and it should be the first one. The NAME field contains the domain/zone name, the TTL, CLASS fields are the standard value, the TYPE field takes the SOA value, and the DATA field consists of several values separated by spaces:

- Name mainDNS (Primary Name Server)

- zone administrator address

Further - zone file serial number (Serial number) . Whenever changes are made to the zone file, this value must be increased, this indicates to the secondary servers that the zone has changed and that they need to update their zone.

Further - timer values (Refresh - specifies how often secondary servers should poll the primary to see if the zone serial number has increased, Retry - waiting time after an unsuccessful polling attempt, Expire - the maximum time during which the secondary server can use information about the received zone, Minimum TTL - the minimum time during which data remains in the cache of the secondary server).

Example :

test-site.ru. SOA. test-site.ru. root.test-site.ru. 2013112923. 10800. 3600. 604800. 86400. IN. 3600.

NAME	TTL	CLASS	TYPE	DATA (as per order above)
TEST-SITE.RU.		IN	SOA	test-site.ru	root.test-site.ru	2013112923	10800.3600.604800.86400
				test-site.ru. root.test-site.ru. 2013112923. 10800. 3600. 604800. 86400

SRV (server selection) - indicate servers that provide the operation of certain services in a given domain (for example, Jabber and Active Directory).

Domain delegation

Delegation(it would be more correct to say delegation of responsibility) is an operation transfer of responsibility for part of the domain name tree (zone) to another person or organization. Through delegation, DNS ensures distributed administration and storage of zones.

Technically, delegation is the addition of a list of DNS servers on which technical information about the domain (zone file) should be placed on the DNS servers that provide the operation of top-level domains. Delegation is a necessary condition for the operation of a website and mail on a domain.

Domain delegation is carried out by changing NS domain records, which indicate the address of the DNS server, which belongs to a third party and is responsible for maintaining the domain zone. IP address ranges are delegated using the in-addr.arpa domain zone.

Due to the technical features of the functioning of the domain name conversion system, after installing DNS servers for a domain, the domain will not be delegated to them immediately. Despite the fact that the information on the whois server will change almost immediately, the local DNS servers of Internet providers will receive it only after some time.

It has been experimentally established that domain delegation, i.e. It takes about 24 hours to distribute information about the new DNS among the Internet providers of our planet. But don’t be surprised if after changing DNS servers you will be able to see a working website on your domain much earlier. This is common practice and 24 hours is the maximum amount of time required to delegate a domain.

Domain name registration

In a nutshell I would like to address the issue domain name registration.

Domain registration is the act by which the client tells the registrar which DNS servers the subdomain should be delegated to, and also provides the registrar with contact and payment information. The registrar transmits the information to the appropriate registry. Most often, this is the process of entering into the registry first level zones(that is, in the TLD zones ru, com or others), records about the new domain subname.

Domain name registrar is an organization that has the authority to create (register) new domain names and renew the validity of existing domain names in a domain for which mandatory registration has been established.

The domain levels that require mandatory registration of the person responsible for the domain are as follows:

root domain
all top level domains (TLDs)
some second-level domains (for example, com.ru or co.uk)

Registrar for the root domain is an organization called ICANN. To become a domain registrar in second-level zones (.com .net .org .biz .info .name .mobi .asia .aero .tel .travel .jobs ...), you must obtain ICANN accreditation.

Links:

https://www.nic.ru/whois/ - domain checking (basic information)

http://www.cy-pr.com/tools/dns/ - extended information on DNS