DNS Management
Xelon HQ DNS management allows you to create and manage DNS zones and records directly from the platform. Configure A, AAAA, CNAME, MX, TXT, SRV, NS, PTR, CAA, ALIAS, and other record types to route traffic to your infrastructure.
DNS management is accessed from the DNS Zones sub-tab within the Networking page. Navigate to Virtual Datacenter > Networking and click the DNS Zones tab.
Creating a DNS Zone
Navigate to Virtual Datacenter > Networking, then click the DNS Zones tab. Click Create Zone. Enter your domain name (e.g., example.com). Xelon HQ creates the zone with default SOA and NS records.
After creating a zone, update the NS records at your domain registrar to point to the Xelon HQ name servers. DNS resolution will not work until delegation is configured.
Managing DNS Records
From the zone details page, click Add Record to create a new DNS record. Select the record type and provide the required values.
Record Types
| Type | Purpose | Example Value |
|---|---|---|
| A | Maps a domain name to an IPv4 address. | 203.0.113.10 |
| AAAA | Maps a domain name to an IPv6 address. | 2001:db8::1 |
| CNAME | Creates an alias pointing to another domain name. | www.example.com |
| MX | Specifies mail servers for the domain with priority. | 10 mail.example.com |
| TXT | Stores arbitrary text data. Used for SPF, DKIM, domain verification. | v=spf1 include:_spf.example.com ~all |
| SRV | Defines the location of specific services (host, port, priority, weight). | 10 60 5060 sip.example.com |
| NS | Delegates a zone or subdomain to specific name servers. | ns1.xelon.ch |
| PTR | Maps an IP address to a domain name (reverse DNS lookup). | host.example.com |
| CAA | Specifies which certificate authorities are allowed to issue certificates for the domain. | 0 issue "letsencrypt.org" |
| ALIAS | Similar to CNAME but can be used at the zone apex. | example.com |
| WR | Web redirect record. | https://example.com |
| TLSA | Associates a TLS certificate with a domain for DANE (DNS-based Authentication of Named Entities). | Certificate association data |
| RP | Specifies the responsible person for the domain. | admin.example.com |
| SSHFP | Publishes SSH public host key fingerprints in DNS. | SSH key fingerprint data |
Editing and Deleting Records
To edit a record, click the edit icon next to the record in the zone details view. Modify the value, TTL, or priority as needed and save.
To delete a record, click the delete icon and confirm. The record is removed from the zone immediately.
Changes to DNS records may take time to propagate depending on the TTL (Time to Live) value of the existing record. Lower the TTL before making changes if you need faster propagation.
SOA Record Management
The SOA (Start of Authority) record is automatically created when a zone is provisioned. It contains metadata about the zone including the primary name server, administrator email, serial number, and timing parameters.
You can view and edit SOA parameters from the zone details page:
| Parameter | Description | Default |
|---|---|---|
| Primary NS | The primary name server for the zone. | Set automatically |
| Admin Email | Contact email for the zone administrator. | Set from account |
| Refresh | How often secondary servers check for updates (seconds). | 3600 |
| Retry | Wait time before retrying a failed refresh (seconds). | 600 |
| Expire | Time after which secondary servers stop serving the zone (seconds). | 604800 |
| Minimum TTL | Default TTL for negative responses (seconds). | 300 |
Deleting a DNS Zone
To delete a zone, navigate to the zone list, select the zone, and click Delete. All records within the zone are permanently removed.
Deleting a DNS zone removes all records and immediately stops DNS resolution for the domain. Services relying on these DNS records will become unreachable.
Best Practices for DNS Configuration
- Use appropriate TTLs: Set lower TTLs (300s) for records that change frequently and higher TTLs (3600s+) for stable records to reduce DNS query load.
- Redundant MX records: Configure at least two MX records with different priorities for mail delivery redundancy.
- SPF and DKIM: Add TXT records for SPF and DKIM to improve email deliverability and prevent spoofing.
- CNAME restrictions: CNAME records cannot coexist with other record types at the same name. Do not use CNAME at the zone apex (bare domain).
- Plan before changing NS records: Changing name server delegation can cause temporary resolution failures. Lower TTLs on NS records before making changes.
- Document your records: Maintain an inventory of DNS records and their purposes, especially TXT records used for domain verification with third-party services.