DNS

From WebarchDocs
Jump to navigation Jump to search

Webarchitects Domain Name Services

See the domain name hosting page for information about prices and ordering domain name services via Webarchitects.

We provide three levels of service for domain names:

  • DIY — if you want to set up everything yourself, use online payment and have a web interface for DNS management you can use the Ecohost domains.coop service.
  • Managed — if you want use to sort out registration, setup and renewal we are happy to undertake all the technical aspects and invoice you for services provided, this is the best option if you have limited understanding of ther DNS system.
  • GIT Zone file access — we can provide GIT/SSH access to the raw zone files for your domains if you are technically competent to manage your own DNS.

We are members of Nominet (Tag: WEBARCHITECTS) and Janet, we have a reseller account with Gandi.

Domain name availability

You can check the availablity of .uk domains using the Nominet whois web interface.

For other domains you can use the Gandi whois lookup tools.

3rd party Data Sharing

Domain Name Registries require customer name, address, email address and other personal identifiable data. To supply domain names we must share that data with the Domain Name Registrars, so they can pass it through to the Registry. In most cases this is hidden from public records of domain names. Please ask if you want more information about this or see our GDPR privacy-notice.

DNS servers

The four production Webarchitects Co-operative domain name servers are:

  • dns0.webarchitects.co.uk
  • dns1.webarchitects.co.uk
  • dns2.webarch.info
  • dns3.webarch.info

At the moment the four DNS servers listed above also provide a recursive lookup service for servers on out Sheffield subnet, but they won't be doing this for much longer and the following servers should be used for this:

  • unbound1.webarch.net
  • unbound2.webarch.net

(There is also a testing / development domain name server at dns5.webarch.org.uk and dns5.webarch.org.uk.)

git managed zone files

We are able to provide access to edit bind zonefiles directly via git at git.coop, you don't need to have experience of using git to use this service since there is a web based editor interface.

How it works

We create a private group for you / your organisation on git.coop, you are then able to manage who has access to your zone files.

Within that group we create a git repo called zonefiles and in this a zone file is created for each domain and the file name matched the domain name, appended with .hosts.

An example zonefile

This is an example Bind 9 zone files, see the Wikipedia page for more details on the format.

; addresses and other host information
;
$TTL 86400
@          IN   SOA   dns1.webarchitects.co.uk.    root.dns1.webarchitects.co.uk. (
                                2019121901      ; serial
                                      7200      ; refresh
                                      3600      ; retry
                                      1209600   ; expire
                                      86400 )   ; minimum
;
; define the nameservers and the mailservers
;
        IN      NS      dns1.webarchitects.co.uk.
        IN      NS      dns0.webarchitects.co.uk.
        IN      NS      dns2.webarch.info.
        IN      NS      dns3.webarch.info.
;       IN      MX      10 mail.webarch.email.
;       IN      TXT     "v=spf1 a mx include:_spf.webarch.email ~all"
;
; NOTE that the DKIM record needs to be split after 255 characters, see https://kb.isc.org/docs/aa-00356
;20191001._domainkey   IN TXT "v=DKIM1;k=rsa;t=s;s=email;p=XXXXXXXXXXXXXXX" "YYYYYYYYYYYYYYYYYYYYYY"
; _dmarc                 IN TXT   "v=DMARC1; p=none; rua=mailto:dmarc-webarchclient-aggregate@webarchitects.coop; ruf=mailto:dmarc-webarchclient-forensics@webarchitects.coop; fo=1"
;
; define localhost
;
localhost  IN   A     127.0.0.1
;
; Records for webarch.email, see
; https://docs.webarch.net/wiki/Email#Webarch.email
;autodiscover          IN CNAME           mail.webarch.email.
;autoconfig            IN CNAME           mail.webarch.email.
;_imap._tcp            IN SRV   0 1 143   mail.webarch.email.
;_imaps._tcp           IN SRV   0 1 993   mail.webarch.email.
;_pop3._tcp            IN SRV   0 1 110   mail.webarch.email.
;_pop3s._tcp           IN SRV   0 1 995   mail.webarch.email.
;_submission._tcp      IN SRV   0 1 587   mail.webarch.email.
;_smtps._tcp           IN SRV   0 1 465   mail.webarch.email.
;_sieve._tcp           IN SRV   0 1 4190  mail.webarch.email.
;_autodiscover._tcp    IN SRV   0 1 443   mail.webarch.email.
;_carddavs._tcp        IN SRV   0 1 443   mail.webarch.email.
;_caldavs._tcp         IN SRV   0 1 443   mail.webarch.email.
;_carddavs._tcp        IN TXT   "path=/SOGo/dav/"
;_caldavs._tcp         IN TXT   "path=/SOGo/dav/"
;
; webarch6.co.uk
;@				IN	A	81.95.52.76
;www				IN	A	81.95.52.76

When you submit an edit the zonefile syntax is checked for errors using GitLab CI and the updated version is only deployed if it is error free.

Some notes on the key parts of this file that you need to be aware of follow.

Commented lines

Lines that start with a semi colon, ;, are comments and are ignored.

TTL

The number following $TTL, at the top of the files is the "time to live".

Serial Number

You should increment the serial number with every edit, we generally use a date based number, eg for the first edit on 11th July 2019 it would be 2019071101 and for the second edit 2019071102.

MX Records

TXT Records

.uk domains

We are able to register .ac.uk, .co.uk, .gov.uk, .me.uk, and .org.uk on behalf of clients.

.ac.uk

To register a .ac.uk we need the following information:

  • Requested name: domain name requested
  • To represent: the project, initiative or organisation for which the name is being registered
  • Domain owner: the name of the proposed domain owner organisation
  • Description: provide information detailing precisely how the requested name meets the eligibility criteria for registration within the ac.uk domain. The information provided should include details of funding, the primary objectives and status of the requesting organisation as well as the level of courses provided, or in the case of projects, the longevity of confirmed funding.
  • Admin-contact: Name of the person submitting the domain request
  • Admin-contact: address: full postal address of contact
  • Admin-contact: phone: telephone number of contact
  • Admin-contact: e-mail: e-mail address of contact
  • Reg-contact: Name of the person within the domain owner organisation that is responsible for the registration
  • Reg-contact: address: full postal address of contact
  • Reg-contact: phone: telephone number of contact
  • Reg-contact: e-mail: e-mail address of contact

.uk .co.uk, .org.uk and .me.uk

If you have a .uk, .org.uk or a .co.uk or a .me.uk and would like us to manage it you can ask your existing registrar to switch the Nominet Tag to WEBARCHITECTS and then we can sort everything out.

If you would like a new .uk, .co.uk, .org.uk or .me.uk domain name then the minimal details needed to buy the domain follow, (please note that Nominet are, these days, very strict with owner details and if the details can't pass an automated check you will probably need to login to their site and / or call them to get the registration verified after registration). There is a full list of fields on the Nominet site.

Details needed to register a .uk for organisations

If you represent a legal entity (Nominet don't count unincorporated associations as legal entities) then the following details are needed to register a .uk, .co.uk, .org.uk and .me.uk domain name:

  • The domain name required (eg example.org.uk)
  • The name of the owner, this isn't simple to change, best use the exact, official, organisation name from Companies House or the Mutuals Public Register rather than the name of a person, however if there is no legal entity (Nominet doesn't consider an Unincorporated Association to be a legal entity) then register it as an individual, see below
  • Trading name, the name the organisation is commonly known as, rather than the legal name
  • The type of organisation, see the registrant types
  • The company number if the type is one of LTD, LLP, IP (Industrial and Provident Society), check this at Companies House or the Mutuals Public Register or the Charity Commission in the case of RCHAR (if in doubt check the list of types full list of types at Nominet)
  • Postal address, use the exact same address as used at Companies House if possible — this improves the chance of automated checks passing, if the domain is being registered to a person, if possible, use an address that appears on the electoral role to improve the chance of the registration passing the Nominet automated checks
  • Post code (if the country code is GB, JE, GG or IM)
  • Country code (need to use GB, JE, GG or IM for the UK)
  • Administrator name the person who is responsible for the domain name
  • Administrator email the email address of the person responsible for the domain, it is best not use an address on the domain itself, eg admin@example.org.uk, however this is possible, but we strongly advise against it

Details needed to register a .uk for individuals

If you want to register a .uk, .co.uk, .org.uk or .me.uk domain for a individual or an organisation which doesn't have a recognised legal entity, the following details are needed:

  • The domain name required (eg example.org.uk)
  • The name of the owner the full name of the owner of the domain, to register for an organisation use the name of a person "on behalf of" the organisation, eg "Ms. A Example on behalf of Example Org"
  • The type of organisation, IND for a Individual
  • Postal address, your full postal address
  • Post code (if the country code is GB, JE, GG or IM)
  • Country code (need to use GB, JE, GG or IM for the UK)
  • Administrator name the person who is responsible for the domain name
  • Administrator email the email address of the person responsible for the domain, it is best not use an address on the domain itself, eg admin@example.org.uk, however this is possible, but we strongly advise against it
  • Opt-out prevent the registrant's address details from being made public via the WHOIS system, if set to y.

.gov.uk

Please contact us if you would like to register a .gov.uk domain name.

DNSSEC

We are required by Nominet to make the following information available to registrants before they digitally sign their domain names and submit DNSSEC records to Nominet:

  • The way in which DNSSEC works and the affect that its use can have on the stability of domain name records;
  • That Nominet accepts no liability in relation to the operation or use of DNSSEC records and that registrants accept all risk in relation to the use of DNSSEC in relation to their domain names; and
  • That Nominet will take reasonable steps to correct any error in the DNSSEC records, where such an error is as a result of a mistake on Nominet’s part, but will otherwise accept no liability for the error.
  • To the extent that you register domain names for yourself, you also confirm that you understand and accept the risks of using DNSSEC and that Nominet accepts no liability in relation to the operation or use of DNSSEC.

You agree to indemnify Nominet in relation to all liabilities, costs, expenses, damages and losses (including any direct or indirect consequential losses, loss of profit, loss of reputation and all interest, penalties and legal and other professional costs and expenses) suffered or incurred by Nominet as a result of your failure to notify your customers of the above information.

Top level domains

For domains other than .uk ones we use Gandi — if you switch your domain to Gandi or would like us to manage your Gandi domain please set the Technical Handle to CC619-GANDI.

.org, .net, .com and other TLDs

To register a .org, .net, .com or other top level domain name on your behalf we need the following details:

  • Company name (if the domain name is for an organisation)
  • First name
  • Last name
  • Street address
  • Post code
  • City
  • Internal State/Province/Region/County
  • Country
  • Phone number (in international format, eg +44.1142769709)
  • E-mail address

.coop domains

We can register .coop domain names for organisations we believe will use the domain name for a Co-operative, see the agreements and policies of nic.coop and the verification policy at nic.coop for the details.

When we register a .coop domain you will have to prove you are eligible to own a .coop, the Eligibility Criteria:

While hundreds of thousands of organizations worldwide operate as cooperatives, the definition of a cooperative varies from country to country and from culture to culture. In order to standardize the definition for .coop verification purposes, the following eligibility criteria which define what organizations are eligible for .coop domains were included in the .coop Sponsored TLD Agreement:

  • Members of the National Cooperative Business Association (NCBA) if otherwise eligible;
  • Members of the International Cooperative Alliance (ICA) if otherwise eligible;
  • Organizations formed as and/or considered cooperatives under applicable local law;
  • Associations comprised of cooperatives;
  • Organizations that are committed to the seven cooperative principles;
  • Organizations that are majority controlled by cooperatives;
  • Entities whose operations are principally dedicated to serving cooperatives; and
  • For no more than 5,000 registrants, persons or entities whose use of a .coop domain name would, in the opinion of the DCLLC Board, advance the interests of th e cooperative sector in general or would assist in the development of cooperatives worldwide.

If you are unable to convince www.coop that you are a legitimate co-operative then the cost of the domain name registration might not be refundable.