elonovo
Tutorials
Select a solution...
Apps: EasyGantt |
MindMine |
CalTeam |
RemoteSupervisor |
VoxCom |
BirdMoney |
xDNS |
xMCP
Utilities: SecretBox |
SpamOut |
MaxidDock |
StarMenu |
GeoWatch |
SocialWatch |
FlashWrite
Tutorial for xDNS
1. Introduction to xDNS
xDNS is a powerful macOS application designed to help you manage BIND DNS servers with ease. Whether you are setting up a local development environment, managing a small office network, or learning about DNS, xDNS provides an intuitive interface to handle all your DNS needs.
What is DNS?
DNS stands for Domain Name System. Think of it as the phonebook of the internet. When you type a website address like www.example.com in your browser, DNS translates that human-readable name into an IP address (like 192.168.1.100) that computers use to locate the server.
What is BIND?
BIND (Berkeley Internet Name Domain) is the most widely used DNS server software. xDNS helps you configure and manage BIND without needing to edit complex configuration files manually.
What xDNS Can Do
- Create and manage DNS zones for your domains
- Add, edit, and delete DNS records
- Configure BIND server settings
- Monitor server status and logs
- Validate DNS configurations
- Generate reverse DNS zones
2. Getting Started
Prerequisites
Before you can use xDNS, you need:
- macOS 13.0 or later
- BIND DNS server (can be installed through xDNS)
- Administrator privileges for server management
- Basic understanding of networking concepts (helpful but not required)
Installing BIND
If BIND is not already installed on your system, xDNS can help you install it. You will need either Homebrew or MacPorts package manager installed first.
Step 1: Check if you have a package manager
- Open xDNS and look at the Dashboard
- Check the Package Manager status indicator
- If it shows "None", you need to install Homebrew or MacPorts first
Step 2: Install Homebrew (if needed)
- Visit https://brew.sh
- Follow the installation instructions
- After installation, restart xDNS
Step 3: Install BIND through xDNS
- In the sidebar, check the server status
- If BIND is not installed, click the "Install BIND" button
- xDNS will automatically install BIND using your package manager
Starting the Server
Once BIND is installed, you can start the DNS server:
1. Look at the sidebar in xDNS
2. Check the server status indicator (green circle means running, red means stopped)
3. Click the "Start Server" button to begin
4. Wait a few seconds for the server to start
5. The status should change to "Running"
3. Understanding the Interface
xDNS has a clean, organized interface with several main sections accessible from the sidebar:
Dashboard
The Dashboard provides an overview of your DNS server status and statistics:
- BIND Server Status: Shows whether the server is running or stopped
- Package Manager Status: Shows which package manager is available
- Active Zones: Displays the number of DNS zones you have configured
- Total Records: Shows the total number of DNS records across all zones
Zone Management
This section allows you to create, view, and manage DNS zones. A zone represents a domain and contains all DNS records for that domain.
DNS Records
Here you can view and manage individual DNS records within your zones. The interface shows records in a split view with zones on the left and records on the right.
Server Configuration
This section lets you configure BIND server settings such as:
- Listen ports and addresses
- DNS forwarders
- Recursion settings
- DNSSEC options
- Access control lists
Logs
View real-time server logs and troubleshooting information. This is helpful for diagnosing issues.
Tutorial
Built-in interactive tutorial sections that provide detailed information about DNS concepts and xDNS features.
4. Creating Your First DNS Zone
A DNS zone is a portion of the DNS namespace that you manage. Each zone corresponds to a domain (like example.com) and contains all the DNS records for that domain.
Step-by-Step: Creating a Zone
Step 1: Navigate to Zone Management
- Click on "Zone Management" in the sidebar
Step 2: Click Add Domain
- Click the "Add Domain" button in the top right
- A dialog window will appear
Step 3: Enter Domain Information
- Domain Name: Enter your domain (e.g., mycompany.local)
- Use a descriptive domain name
- For local networks, use .local or .internal
- For internet domains, use your actual domain name
- Zone Template: Choose a template
- Empty: Start with a blank zone
- Web + Mail: Includes common web and mail server records
- LAN Internal: Includes common local network records
Step 4: Configure SOA Record
- Primary Name Server: The main DNS server (e.g., ns1.example.com.)
- Note: Names should end with a dot (.)
- xDNS will auto-fill this based on your domain name
- Administrator Email: Contact email (e.g., admin.example.com.)
- Replace the @ symbol with a dot
- Example: admin@example.com becomes admin.example.com.
- xDNS will auto-fill this as well
Step 5: Create the Zone
- Review your settings
- Click "Create Domain"
- The zone will be created and appear in your zones list
Understanding Zone Files
Each zone is stored in a zone file. xDNS automatically creates and manages these files. The default location is typically:
/usr/local/var/named/db.yourdomain.com
You do not need to edit these files manually - xDNS handles everything for you.
5. Adding DNS Records
DNS records are the individual entries within a zone that map domain names to IP addresses, mail servers, and other information.
Step-by-Step: Adding a Record
Step 1: Navigate to DNS Records
- Click on "DNS Records" in the sidebar
Step 2: Select a Zone
- Choose a zone from the left panel
- If you have no zones, create one first (see Section 4)
Step 3: Click Add Record
- Click the "Add Record" button
- A dialog window will appear
Step 4: Fill in Record Details
Record Name:
- Enter the hostname or subdomain (e.g., www, mail, ftp)
- Leave empty or use @ for the root domain
- Example: For www.example.com, enter "www"
- Example: For example.com, leave empty or use @
Record Type:
- Select the type of record from the dropdown menu
- Common types: A, AAAA, CNAME, MX, NS, TXT
- See Section 6 for detailed explanations
Value:
- Enter the value for the record
- For A records: Enter an IPv4 address (e.g., 192.168.1.100)
- For AAAA records: Enter an IPv6 address
- For CNAME, MX, NS: Enter a hostname (trailing dot added automatically)
- For TXT records: Enter text in quotes
TTL (Time To Live):
- How long other servers should cache this record
- Common values:
- 300 seconds (5 minutes) - for records that change frequently
- 3600 seconds (1 hour) - for most production records
- 86400 seconds (24 hours) - for stable records
- Use the Quick TTL menu for common values
Step 5: Add Type-Specific Information (if needed)
For MX Records:
- Priority: Lower numbers have higher priority (0-65535)
- Example: Priority 10 for primary mail server, 20 for backup
For SRV Records:
- Priority: Lower numbers have higher priority
- Weight: Relative weight for records with same priority
- Port: Target port number for the service
Step 6: Save the Record
- Click "Save Record"
- The record will be added to your zone
- Changes take effect immediately (if server is running)
Editing Records
To edit an existing record:
1. Click on a record in the DNS Records view
2. Click the pencil icon to edit
3. Make your changes
4. Click "Save Changes"
Deleting Records
To delete a record:
1. Click on a record to edit it
2. Scroll to the "Danger Zone" section
3. Click "Delete Record"
4. Confirm the deletion
Warning: Deleting records cannot be undone. Make sure you have backups if needed.
6. Understanding DNS Record Types
xDNS supports many DNS record types. Here are the most commonly used ones:
A Record (Address Record)
Maps a domain name to an IPv4 address.
Example:
- Name: www
- Type: A
- Value: 192.168.1.100
- Result: www.example.com points to 192.168.1.100
Use for: Websites, servers, any IPv4 service
AAAA Record (IPv6 Address Record)
Maps a domain name to an IPv6 address.
Example:
- Name: www
- Type: AAAA
- Value: 2001:db8::1
- Result: www.example.com points to the IPv6 address
Use for: IPv6-enabled services and future-proofing
CNAME Record (Canonical Name)
Creates an alias pointing one domain name to another.
Example:
- Name: blog
- Type: CNAME
- Value: www.example.com.
- Result: blog.example.com points to www.example.com
Use for: Subdomains, CDN aliases, service redirects
Important: CNAME records cannot coexist with other record types at the same name.
MX Record (Mail Exchange)
Specifies mail servers for the domain with priority values.
Example:
- Name: @ (root domain)
- Type: MX
- Priority: 10
- Value: mail.example.com.
- Result: Email for example.com goes to mail.example.com
Use for: Email delivery configuration
Tip: You can have multiple MX records with different priorities. Lower numbers have higher priority.
NS Record (Name Server)
Delegates a subdomain to another set of name servers.
Example:
- Name: @ (root domain)
- Type: NS
- Value: ns1.example.com.
- Result: Specifies that ns1.example.com is authoritative for the zone
Use for: Subdomain delegation, zone transfers
TXT Record (Text Record)
Stores arbitrary text data for various purposes.
Example:
- Name: @
- Type: TXT
- Value: "v=spf1 include:_spf.google.com ~all"
- Result: SPF record for email authentication
Use for: SPF, DKIM, domain verification, configuration data
PTR Record (Pointer Record)
Provides reverse DNS lookup (IP address to domain name).
Example:
- Name: 100 (in reverse zone 1.168.192.in-addr.arpa)
- Type: PTR
- Value: server.example.com.
- Result: 192.168.1.100 resolves to server.example.com
Use for: Reverse DNS zones, email server reputation
SRV Record (Service Record)
Defines services available in the domain (port, weight, priority).
Example:
- Name: _http._tcp
- Type: SRV
- Priority: 10
- Weight: 5
- Port: 80
- Value: server.example.com.
- Result: Defines HTTP service on port 80
Use for: Services like SIP, XMPP, or custom applications
7. Server Configuration
The Server Configuration section allows you to customize how your BIND DNS server operates.
Basic Settings
Listen Port:
- Default: 53 (standard DNS port)
- Change only if you have port conflicts
- Most users should leave this at 53
Recursion:
- Enable if your server should resolve queries for external domains
- Disable for authoritative-only servers (serves only your zones)
- For most users, enable recursion
Enable DNSSEC:
- Enable for additional security through cryptographic signatures
- Recommended for production servers
- May require additional configuration
Logging Level:
- Controls the verbosity of server logs
- Options: Critical, Error, Warning, Info, Debug
- Use Debug for troubleshooting, Info for normal operation
DNS Forwarders
Forwarders are upstream DNS servers that your server uses to resolve queries it cannot answer from its own zones.
Common public DNS servers:
- Google DNS: 8.8.8.8, 8.8.4.4
- Cloudflare DNS: 1.1.1.1, 1.0.0.1
- Quad9: 9.9.9.9, 149.112.112.112
- OpenDNS: 208.67.222.222, 208.67.220.220
To add forwarders:
1. Go to Server Configuration
2. Scroll to the Forwarders section
3. Click "Add Forwarder"
4. Enter an IP address (e.g., 8.8.8.8)
5. Repeat for additional forwarders
6. Click "Save Configuration"
You can also use the Quick Forwarder Presets to add common DNS servers with one click.
Access Control
Allow Query:
- Specifies which clients can make DNS queries to your server
- Common values:
- "any" - allows queries from anywhere
- "localhost" - only local queries
- "192.168.1.0/24" - specific network
Listen Addresses:
- IP addresses the server will listen on
- Default: 127.0.0.1 (localhost only)
- Add additional addresses to serve other networks
- Example: Add 192.168.1.1 to serve your local network
Saving Configuration
After making changes:
1. Click "Save Configuration" to write changes to disk
2. If the server is running, click "Reload Server" to apply changes
3. If the server is stopped, changes will apply when you start it
Always validate your configuration before saving:
1. Click "Validate named.conf"
2. Check the Logs section for any errors
3. Fix any issues before saving
8. Managing Zones and Records
Viewing Zones
To view all your zones:
1. Go to Zone Management in the sidebar
2. All your zones will be listed
3. Each zone shows:
- Zone name
- Number of records
- Zone file name
Deleting Zones
To delete a zone:
1. Go to Zone Management
2. Find the zone you want to delete
3. Click the trash icon
4. Confirm the deletion
Warning: Deleting a zone will remove all DNS records in that zone. This cannot be undone.
Searching Records
To find specific records:
1. Go to DNS Records
2. Select a zone
3. Use the search box at the top
4. Type any part of the record name, value, or type
5. The list will filter automatically
Reverse Zone Wizard
xDNS includes a Reverse Zone Wizard to help you create reverse DNS zones:
1. Go to Zone Management
2. Click "Reverse Zone Wizard"
3. Enter a subnet in CIDR notation (e.g., 192.168.1.0/24)
4. Click "Create Reverse Zone"
5. xDNS will automatically generate the reverse zone
This is useful for setting up PTR records for reverse DNS lookups.
9. Troubleshooting Common Issues
Server Won't Start
If your BIND server won't start:
1. Check if BIND is installed:
- Look at the Dashboard
- Check the BIND Server status
- If not installed, use the Install BIND button
2. Check if port 53 is in use:
- Open Terminal
- Run: sudo lsof -i :53
- If another process is using port 53, stop it or change the port
3. Check configuration syntax:
- Go to Server Configuration
- Click "Validate named.conf"
- Check the Logs section for errors
- Fix any configuration errors
4. Check permissions:
- Zone files need proper permissions
- Run: sudo chown -R named:named /usr/local/var/named/
- Or use the appropriate user for your BIND installation
DNS Resolution Issues
If DNS queries are not working:
1. Test with dig command:
- Open Terminal
- Run: dig @127.0.0.1 example.com
- Replace example.com with your domain
- Check if you get a response
2. Check TTL values:
- Lower TTL values (300-3600 seconds) help changes propagate faster
- Use lower TTL during migrations or changes
3. Verify forwarders:
- Ensure upstream DNS servers are reachable
- Try pinging the forwarder IP addresses
- Consider using multiple forwarders for redundancy
4. Check recursion settings:
- Enable recursion if you want to resolve external domains
- Disable for authoritative-only servers
5. Review allow-query settings:
- Ensure your client IP is in the allowed list
- Check Server Configuration section
Zone File Errors
If you see zone validation errors:
1. Missing SOA record:
- Every zone must have exactly one SOA record
- xDNS should create this automatically
- If missing, recreate the zone
2. Invalid TTL values:
- TTL must be a positive integer
- Common valid values: 300, 3600, 86400
3. Syntax errors:
- Check for missing trailing dots on hostnames
- Ensure proper formatting of record values
- Use the validation feature in xDNS
4. Missing trailing dots:
- Fully qualified domain names (FQDNs) should end with a dot
- Example: mail.example.com. (note the trailing dot)
- xDNS usually adds these automatically
5. Duplicate records:
- Check for conflicting entries
- Remove duplicate records
Performance Issues
If your DNS server is slow:
1. Monitor query logs:
- Check the Logs section in xDNS
- Look for excessive queries or abuse
2. Check forwarder response times:
- Use faster upstream DNS servers
- Consider using local forwarders if available
3. Optimize TTL values:
- Balance between freshness and caching efficiency
- Use longer TTL for stable records
- Use shorter TTL for records that change frequently
4. Review cache settings:
- Adjust cache sizes for your query volume
- This may require manual BIND configuration
Useful Commands
Here are some useful Terminal commands for troubleshooting:
Test DNS resolution:
dig @127.0.0.1 example.com
Validate configuration:
named-checkconf /usr/local/etc/named.conf
Validate a zone file:
named-checkzone example.com /usr/local/var/named/db.example.com
Reload configuration without restart:
sudo rndc reload
Check if BIND is running:
pgrep named
View BIND logs:
tail -f /var/log/named.log
Or check other common log locations:
- /usr/local/var/log/named.log
- /opt/local/var/log/named.log
10. Best Practices
Naming Conventions
- Use descriptive, consistent names (web01, mail01, db01)
- Keep domain names short and memorable
- Avoid special characters except hyphens
- Use subdomain hierarchies logically (dev.app.company.com)
- Document your naming scheme for team members
TTL Guidelines
Short TTL (300-3600 seconds):
- For records that change frequently
- During migrations or maintenance
- For testing and development
Medium TTL (3600-86400 seconds):
- For most production services with stable IPs
- Standard web servers and applications
- Most common use case
Long TTL (86400+ seconds):
- For very stable records like NS and MX records
- Records that rarely change
- Reduces query load on your server
Security Considerations
- Limit zone transfers to authorized servers only
- Use DNSSEC when possible for zone signing
- Regularly audit and clean up unused records
- Monitor DNS logs for suspicious activity
- Keep BIND server updated with security patches
- Use strong passwords for administrative access
- Restrict allow-query to necessary networks only