8

I just bought a raspberry pi and made it a web server. I have a network with 1 IP. I created a DMZ and I am able to access my raspberry pi web server from the internet. I bought a domain that I intend to use for my web site but I found that I need to create some name servers(primary and secondary) and provide IPs for those name server to those from which I bought my domain name.

My questions are: Can I have my DNS server and my web site using the same IP? Is it really needed to have a secondary name server(as I have only one IP I don't think I could have a secondary name server)? What is it to be done next? Should I install a DNS server on my raspberry and configure it? Can I have my website up and running with just 1 IP and 1 raspberry pi? How can I achieve all of these things(having my website on my raspberry up and running and my domain name pointing to it)?

Thanks!

5 Answers5

16

Ugh. I don't normally chime in after so many good people have answered, but I can't entirely agree with any of the answers so far posted. After 20 years of DNS admin, here's my take:

  • Should DNS just be outsourced? No. It's perfectly fine to run your own DNS server (though a static IP address is to my mind essential), and as Vasili notes, it's a good learning experience. We see a number of questions here on SF that arise because the web interfaces of some DNS providers are so appalling that they lead people into making basic DNS errors.

  • Can you run DNS service on a server that offers other services? Yes, of course. The main DNS server for teaparty.net is also the web server (the IP addresses are slightly different, but that's only because my colocated server has several addresses allocated to it).

  • Do you need more than one DNS server? Hell, yes. RFC2182 discusses this explicitly, and notes that:

An argument is occasionally made that there is no need for the domain name servers for a domain to be accessible if the hosts in the domain are unreachable. This argument is fallacious.

Your secondary server should be on a completely different network, and preferably continent, than your primary server. Note that my secondary name server, ns2.teaparty.net, is nowhere near ns.teaparty.net in address space, and in a different country to boot. In the good old days, operators of primary name servers would swap services with each other, so that my primary would also be your secondary, and vice-versa. Alternatively, in these days of cheap VPSes, a tiny, cheap VPS will do the job of 2ary very well.

Don't forget to tie down your DNS server(s) so that they will only recursively-resolve for people in your own organisation. Open DNS servers are lovely, but unless carefully configured they can be used for amplified reflection DDoS attacks, which are bad.

Finally, whilst best-practice questions are arguably the lifeblood of SF, requests for learning material recommendations are explcitly off-topic. If I were you, I'd edit that bit out of your question lest it accumulate any more close votes.

Community
  • 1
MadHatter
  • 81,580
14

There's nothing wrong with having two services go to the same IP address, as long as the destination ports do not conflict with one another.

In this case, you would be using port 53 for DNS, and port 80 for your web server.

You can also have both (or all) of your nameservers set to the same IP address.*

You will need to set up an authoritative DNS server on your raspberry pi, then let your registrar know the IP addresses of your nameservers, and delegate authority of your domain to your dns server.

*It goes against normal recommendations, but it is possible.

Vasili Syrakis
  • 4,738
2

Yes, DNS and web server can be on the same IP.

However the way DNS is usually configured, it has to be a static IP. Running a web server on a dynamic IP is simple, as long as the DNS server supports it.

Moreover, you really should have two DNS servers with IPs in different subnets. So it may be simpler to just host you domain at one of the many free DNS hosting providers. I know of HE, other answers have mentioned other providers.

If you really want to host your own DNS server on a dynamic IP, the way to do it is to register dynamic hostnames at a couple of providers. Now you can have the NS records for your domain pointing at those two dynamic hostnames. Since those are outside your own domain, you don't need glue.

kasperd
  • 31,086
0

This is no problem technically speaking. But that's not what you want for your "home server" needs. Register yourself to some DynDNS service (DynDNS, no-ip, etc...) and point your domain there, thats it. Don't run a DNS Server if you don't know what you are doing. In your case it is also not needed to run one yourself.

duenni
  • 2,969
-2

DNS is pretty central to all serving. Consider moving your DNS to a dedicated provider:

Dyn

UltraDNS

Route53

Doing so will fix the one problem you've identified, namely that your domain registrar wants you to provide at least two (some regions three or more) DNS servers for your domain.

Sometimes, your domain registrar will provide this service for free.

dmourati
  • 26,498