DNS Management
Xelon HQ DNS management allows you to create and manage DNS zones and records directly from the platform. Configure A, AAAA, CNAME, MX, TXT, SRV, NS, PTR, CAA, ALIAS, and other record types to route traffic to your infrastructure.
DNS management is accessed from the DNS Zones sub-tab within the Networking page. Navigate to Virtual Datacenter > Networking and click the DNS Zones tab.
Xelon HQ DNS is backed by a managed, partnered authoritative DNS service. When you create, update, or delete zones and records in Xelon HQ, the platform forwards those operations to the underlying DNS provider over a secure API. You do not need a separate account with the provider — the integration is fully managed by Xelon HQ, and all DNS operations are audited in the activity log.
Default name servers for created zones are on the xdns.cloud domain. Once a zone is created, Xelon HQ returns the specific name servers to delegate your domain to at your registrar.
Creating a DNS Zone
Navigate to Virtual Datacenter > Networking, then click the DNS Zones tab. Click Create Zone. Enter your domain name (e.g., example.com). Xelon HQ creates the zone with default SOA and NS records.
After creating a zone, update the NS records at your domain registrar to point to the Xelon HQ name servers. DNS resolution will not work until delegation is configured.
Managing DNS Records
From the zone details page, click Add Record to create a new DNS record. Select the record type and provide the required values.
Record Types
| Type | Purpose | Example Value |
|---|---|---|
| A | Maps a domain name to an IPv4 address. | 203.0.113.10 |
| AAAA | Maps a domain name to an IPv6 address. | 2001:db8::1 |
| CNAME | Creates an alias pointing to another domain name. | www.example.com |
| MX | Specifies mail servers for the domain with priority. | 10 mail.example.com |
| TXT | Stores arbitrary text data. Used for SPF, DKIM, domain verification. | v=spf1 include:_spf.example.com ~all |
| SRV | Defines the location of specific services (host, port, priority, weight). | 10 60 5060 sip.example.com |
| NS | Delegates a zone or subdomain to specific name servers. | ns1.xelon.ch |
| PTR | Maps an IP address to a domain name (reverse DNS lookup). | host.example.com |
| CAA | Specifies which certificate authorities are allowed to issue certificates for the domain. | 0 issue "letsencrypt.org" |
| ALIAS | Similar to CNAME but can be used at the zone apex. | example.com |
| WR | Web redirect record. | https://example.com |
| TLSA | Associates a TLS certificate with a domain for DANE (DNS-based Authentication of Named Entities). | Certificate association data |
| RP | Specifies the responsible person for the domain. | admin.example.com |
| SSHFP | Publishes SSH public host key fingerprints in DNS. | SSH key fingerprint data |
Editing and Deleting Records
To edit a record, click the edit icon next to the record in the zone details view. Modify the value, TTL, or priority as needed and save.
To delete a record, click the delete icon and confirm. The record is removed from the zone immediately.
Changes to DNS records may take time to propagate depending on the TTL (Time to Live) value of the existing record. Lower the TTL before making changes if you need faster propagation.
SOA Record Management
The SOA (Start of Authority) record is automatically created when a zone is provisioned. It contains metadata about the zone including the primary name server, administrator email, serial number, and timing parameters.
You can view and edit the SOA parameters from the zone details page. Refresh, Retry, Expire, and Minimum TTL are chosen from fixed time-interval lists, and Admin Email (Hostmaster) is free-text. The Primary NS value is system-assigned and shown for reference only — it is not editable in the UI:
| Parameter | Description | Default |
|---|---|---|
| Primary NS | The primary name server for the zone. | Set automatically |
| Admin Email | Contact email for the zone administrator. | Set from account |
| Refresh | How often secondary servers check for updates (seconds). Selected from a dropdown of preset values ranging from 20 minutes (1200) to 12 hours (43200). | Pre-filled from the DNS platform's SOA value (commonly 3600); Xelon HQ does not impose its own default. Required. |
| Retry | Wait time a secondary name server waits before retrying a failed zone refresh (seconds). Selected from a dropdown of preset intervals (5 minutes up to 4 weeks). | No fixed default; pre-filled from the existing SOA record. (600 is not a selectable value.) Required. |
| Expire | Time after which secondary servers stop serving the zone (seconds). Selectable values are 2 weeks (1209600) and 4 weeks (2419200). |
Inherited from the DNS server's existing SOA record. (604800 / 1 week is not a selectable Expire option.) Required. |
| Minimum TTL | Default TTL for negative responses (seconds). Selected from a dropdown of preset intervals (1 minute up to 4 weeks). | Initialized from the zone's existing SOA value when the zone is created; no fixed 300-second default. Required. |
Deleting a DNS Zone
To delete a zone, navigate to the zone list, select the zone, and click Delete. All records within the zone are permanently removed.
Deleting a DNS zone removes all records and immediately stops DNS resolution for the domain. Services relying on these DNS records will become unreachable.
Best Practices for DNS Configuration
- Use appropriate TTLs: Set lower TTLs (300s) for records that change frequently and higher TTLs (3600s+) for stable records to reduce DNS query load.
- Redundant MX records: Configure at least two MX records with different priorities for mail delivery redundancy.
- SPF and DKIM: Add TXT records for SPF and DKIM to improve email deliverability and prevent spoofing.
- CNAME restrictions: CNAME records cannot coexist with other record types at the same name. Do not use CNAME at the zone apex (bare domain).
- Plan before changing NS records: Changing name server delegation can cause temporary resolution failures. Lower TTLs on NS records before making changes.
- Document your records: Maintain an inventory of DNS records and their purposes, especially TXT records used for domain verification with third-party services.