Connect a Google Domain to a Web Server

Google Domains makes it very easy to create DNS entries so that your domain will resolve to the IP address of your server. We'll look at the basics of how to set this up and then follow up with some extra DNS entries to solidify your DNS configuration.

Basics

Once you're logged in to Google Domains, find the domain you want to attach to your server's IP address (and get the IP if you don't have it handy). Click on the "Configure DNS" icon (in the middle) and scroll down to the "Custom resource records" section.

The first entry will have no name so just enter the IP address in the box and click "Add" (the name will become "@" which is what you want). Next, we'll add another address record so that entering "www" before your domain name will still resolve to the same IP address and people can still get to your website. Type "www" in the name box and re-enter your IP address again then click "Add".

That's all that's really necessary to connect your domain to your server. Wait a few minutes (up to 48 hours) then try to ping your domain and you should see a response from the IP address you entered.

To see how far your DNS entries have propagated, you can checkout a website like this one. This will show you who all can "see" that your domain resolves to a specific IP address. Make sure the drop down menu is set to "A" for "Address Record" which is what we just added.

Slightly More Advanced

You can enhance your DNS configuration by adding a few more resource records.

First, let's add a text record so that people can get a short description of your website. Leave the name field empty, change the type to TXT and then enter a short description in the text field. Click on "Add" and now your website description will be propagated alongside your resource records.

Second, let's add the reverse of an address record, a pointer record. This record will associate an IP address with a domain, whereas the address records associated a domain with an IP address. Enter the server's IP address in the name field, set the type to "PTR" then enter your domain name (with no preceding "www") in the domain name box. Once added, other people can see the domain name associated with the IP address of your server. These types of records are also used for reverse DNS lookups.

Next, we can add an SPF record to identify which mail servers are associated with the website. This aids in recipients being able to verify that the mail came from the correct place. Leave the name blank, set the type to SPF and then enter the following string for the policy:

v=spf1 include:_spf.google.com ~all

This tells everyone else that this policy is for SPF version 1 and that all mail should come from google's mail servers. If you aren't using Google for your e-mail on this domain, make sure to substitute in the domain or IP address of your actual mail server.

Lastly, if you're hosting a website then we can create a SRV record to indicate as such. This tells the outside world what services are offered by the machine at a certain domain. For a web server specifically, set the name field to "_http._tcp" (without quotes) to indicate that you are serving HTTP over TCP. Next we need a priority, a weight, a port, and a target domain for the service parameters. I use 10 for priority and 5 for weight. These are somewhat arbitrary if you only have one SRV record, so don't worry about those numbers too much unless you start adding more. Finally the port will be 80 for HTTP and I want that to point to www.gridc0.com. So my service parameters will be:

10 5 80 www.gridc0.com.

Substitute in your own domain, click on "Add" and you're all done! Now you've got quite a few extra DNS features associated with your server without much work.

Verifying DNS Records

You can wait and trust that your DNS records are working or you can verify that they work. The dig program provided by BIND allows us to check our DNS records.

To do so, simply provide the domain you're interested in to the dig command:

dig gridc0.com

You'll see a fair amount of output, but what we're interested in is the "ANSWER SECTION" which has an entry like so:

gridc0.com. 3600 IN A 192.34.61.221

We can do the same for the "www" version to get:

www.gridc0.com. 3600 IN A 192.34.61.221

If you did the advanced setup then you can issue a few more commands for further verification.

Use the following command to see the TXT record:

dig -t txt gridc0.com

Which returned:

gridc0.com. 3600 IN TXT "tech articles"

Now we can do a reverse DNS lookup to verify that our PTR record is working:

dig -x 192.34.61.221 +short

To get:

gridc0.com

To verify the SPF record:

dig -t spf gridc0.com

We get:

gridc0.com. 3600 IN SPF "v=spf1 include:_spf.google.com ~all"

And finally to verify the SRV record:

dig srv _http._tcp.gridc0.com

returns:

_http._tcp.gridc0.com. 3600 IN SRV 10 5 80 www.gridc0.com.

And that's all. You've got DNS setup and can verify that it's working!

links

social