Zone – B2B Whitelabel

In this article, you will learn:

WEDOS Zone Whitelabel

Whitelabel allows you to use your own interface and DNS while also using our infrastructure to handle the actual traffic. This requires you to use our DNS servers as secondary to your authoritative ones. Such a setup enables you to manage domain DNS in our system as well as yours, and for them to communicate via AXFR. You or your users still manage everything in your system, and the changes are reflected according to the TTL set in the SOA record.

The general steps you take to set up whitelabel DNS currently are:

  1. Provide custom NS names. These can be either existing nameservers, or completely new (sub)domains, such as ns1.yourdomain.tld, ns2.yourdomain.tld. These are the names our servers will recognize as legitimate, so make sure to send a complete list with no typos.
  2. Add secondary domains to WEDOS DNS. For each domain to utilize WEDOS DNS infrastructure, make sure it’s added to the system. There are multiple ways to achieve this, we recommend following the one described in chapter Integrating WEDOS Zone.
  3. Configure NS IP addresses. In return for your custom NS names, we will provide you with the corresponding number of IP addresses. These can be shared, dedicated (from WEDOS IP range), or custom (from your own IP range). Assign these IP addresses to the nameserver domains and ask us to validate the setup in our system.
  4. Update domain NS records. This step only applies if you chose new NS names in Step 1. Update the NS records (DNS servers) of all applicable domains to the new NS names.

WEDOS technicians typically respond to requests within 1-2 business days, depending on the request complexity and department workload.

Integrating WEDOS Zone

Before you start integrating WEDOS Zone, make sure you meet the following prerequisites:

  • You have set up a WEDOS credit account according to this guide. You do not need to charge credit to the account, but it needs to be active.
  • You have allowed AXFR transfers from your primary DNS servers for the IPv4 range 46.28.104.64/27.

To get the maximum out of your WEDOS Zone whitelabel, do the following:

  1. Set up and test WEDOS API
  2. Automate creating secondary DNS zone files on WEDOS NS
  3. Update DNS server settings

1. WEDOS API Setup

WEDOS API, WAPI for short, lets you manage select parts of our system from your own application. To activate WAPI from the WEDOS Global admin panel and include it in your application, follow the guide WAPI – Manual.

2. Automate WEDOS DNS

Once WAPI is correctly configured, move on to setting up the dns-domain-add command to automate creating secondary DNS zone files on our servers. Use the following JSON template:

{
  "request": {
    "user": "your-login-email@adress.tld",
    "auth": "generated-authentication-string",
    "command": "dns-domain-add",
    "clTRID": "your-own-id",
    "data": {
      "name": "domainname.tld",
      "type": "secondary",
      "primary_ip": "authoritative.server.ipv4.address"
    }
  }
}

For more information for the dns-domain-add command, read the WAPI – DNS article.

3. Update DNS Servers

Once you’re able to reliably create secondary DNS zone files via WAPI, contact us ⧉ to double-check from our side and send further instructions. We will get back to you with a list of new IP addresses for you to configure on your servers. For example, if your server ns.domain.tld uses the address 46.28.104.67, you will need to change it to a different IP address, which we will tell you.

Once the changes propagate, your DNS will benefit from our world-wide server network.

Example

Here is an example PHP script for adding secondary zone files for domains loaded from a domains.txt file.

<?php
// Set CEST timezone for timestamp verification
date_default_timezone_set('Europe/Prague'); 

// WEDOS WAPI credentials and settings
$wapiUrl = 'https://api.wedos.com/wapi/json';
$wapiLogin = 'your_wapi_login';
$wapiPassword = 'your_wapi_password';

// Function to make WAPI requests
function wapiRequest($command, $data) {
    global $wapiUrl, $wapiLogin, $wapiPassword;

    // Construct the authorization string
    $dateHour = date('H', time());
    $auth = sha1($wapiLogin . sha1($wapiPassword) . $dateHour);

    // Construct the request payload
    $payload = array(
        'request' => array(
            'user' => $wapiLogin,
            'auth' => $auth,
            'command' => $command,
            'data' => $data,
            'clTRID' => 'custom-client-identifier-' . date('YmdHis'),
        )
    );

    // Initialize cURL session
    $ch = curl_init($wapiUrl);

    // Set cURL options
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query(array('request' => json_encode($payload))));

    // Execute cURL session
    $response = curl_exec($ch);

    // Close cURL session
    curl_close($ch);

    return json_decode($response, true);
}

// Read domains from the TXT file
$domains = file('domains.txt', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);

// Process each domain for secondary DNS creation
foreach ($domains as $domain) {
  // Placeholder for secondary DNS settings according to WAPI documentation
  $secondaryDnsSettings = array(
    'type'        => 'secondary',
    'primary_ip'  => 'authoritative_dns_server_ip',
  );
    $response = wapiRequest('dns-domain-add', array_merge(array('name' => $domain), $secondaryDnsSettings));

    // Handle the response
    if (isset($response['response']) && $response['response']['code'] == '1000') {
        echo 'Successfully added secondary DNS for domain: ' . $domain . "\n";
    } else {
        echo 'Failed to add secondary DNS for domain: ' . $domain . '. Response: ' . json_encode($response) . "\n";
    }
}
?>

Billing

Billing is handled by WEDOS credit account in a special mode:

  • Every transaction is recorded in the system.
  • On the 1st day of each month, the previous month’s transactions are tallied and invoiced.
  • The invoice is due on the 15th of that month.

Common issues

Common issues with WEDOS Zone Whitelabel include:

AXFR communication error

Problem: The AXFR transfer does not take place, giving an axfr communication error: not doing AXFR of an NSEC3 narrow zone.

Cause: We have encountered this issue on servers using PowerDNS with DNSSEC and nsec3 semantics enabled.

Solution: If you have DNSSEC enabled within your PowerDNS server, you may also need to disable nsec3 semantics to ensure the transfer is properly allowed and accepted. If you’re using Cpanel, the following command performs this for a single domain (domain.tld).

/usr/local/cpanel/bin/whmapi1 unset_nsec3_for_domains domain=domain.tld

FAQ

Is there a trial period for Whitelabel?

Yes, consult your sales representative during the service negotiation for details.

What features does your DNS support?

We support IPv4/IPv6, DNSSEC, as well the ALIAS and DNAME records.

Do you support custom subdomain zones?

Custom subdomain zones, such as com.eu are high-risk – they may be abused for generating large volumes of pseudo-domains, cause conflicts with certain domains, and unnecessarily complicate technical intervention. As such, we reserve the option to allow trusted partners to create such custom zones on a case-by-case basis.

Where are your servers located?

You can check the current list of locations on the WEDOS Global product page ⧉.

How do I revert to my own solution?

Change your DNS server IPs back to the state before you switched to ours.

Was this helpful?

Thanks for your feedback!
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Article TOC
Browse Categories