Tag Archives: dns

DNS Ownership

The Domain Name System (or DNS for short) is a simple technology that we use every day, but most people probably have little idea how it functions. Like any good infrastructure technology, it is invisible when it is working smoothly. Its main purpose is to translate simple names like www.workaround.ca into a lower level numeric address like 67.226.157.50.  DNS is a lot like associating a name with a street address. If I want to go to the CN Tower, I’m going to use the name (CN Tower) and not the address (301 Front St. W). Without this service, we would need to remember low level IP addresses and the usability of the world wide web would disappear.

One of the few times that you might need to worry about DNS is when registering your domain name for use on the Internet. Like any directory service, DNS works by requiring end users to register and maintain their own directory entries. There are two parts to managing a DNS entry:

  • Registering the name
  • Hosting the name

Registration of domain names is handled by large organizations such as ICANN and CIRA. In general, you will interface with these organizations through a second-tier organization that will handle the registration for you.

Hosting the domain name refers to actually having a server on the Internet that responds to requests for name translations. This can be done by a third-party company, or you can host a DNS server within your own infrastructure. For most small to medium companies, the additional overhead of managing an external DNS server and having to deal with security and denial of service issues isn’t cost effective. You will almost certainly use an external DNS hosting provider and that provider will amost certainly handle the registration for you.

One of the complications that can arise when working with an external web design firm, especially if they also host your web site, can come in the form of implicit DNS registration. In these cases, the web design firm may register your domain for you and essentially own that domain. You can determine if this is the case by doing a whois search on your own domain names. Someone from your organization must be the administrative contact for the domain, even if the technical contact is from an external company. This will allow you to control the administration and transfer of the domain, if necessary.

While outsourcing domain ownership can seem like less of a headache when you’re trying to get a new site onto the Internet quickly, it can be a major problem if you need to part ways with your provider down the road. One of the issues with DNS hosting is that your domain name system is responsible for more than your web site. DNS services are also potentially used for e-mail delivery, server auto-discovery, or SMB services offered by Google or Microsoft. In addition, domain control is usually required if you need to obtain security certificates for secure access to your web servers. If another company has control of your domain registration and hosting, it can cause problems or delays if you need to make changes to these settings.

For this reason, we recommend our clients always register and host their own DNS entries through a trusted DNS hosting company that is not tied to a specific web design partner. This gives them maximum flexibility if they need to switch design firms or hosting companies.

If your web design partner currently owns your domains, you should have them transferred to a third-party DNS hosting company to avoid future problems with domain control and ownership. This is usually a painless process and your current provider should not obstruct this move. Your domains are your property and possession is nine tenths of the law. Due to built-in protections for domain ownership and to prevent fraud and domain hijacking, it can be a long process to get control of your own domains without co-operation from the current owner.

Once you do have control over your own DNS registrations and hosting, ensure:

  • You maintain your own passwords and access to DNS modifications. If your DNS provider allows you delegate access to your domains, that’s great. Otherwise, don’t give up your credentials to a third party.
  • Make sure you renew your domains when they are up for expiry. This means you should always make sure the contact information in your whois record is up to date and accurate. You should receive notification e-mails when your domains are up for renewal.

DNS is largely invisible if it is set up properly and maintained on an annual basis. With some small upfront effort, you can ensure that your domains operate smoothly when changes are required.