DNS Manager — Zones

PUQcloud Panel

Order Now | Download | FAQ

1) What a Zone is and how it works

A DNS Zone is the set of DNS records for a domain (e.g., example.com) or a reverse domain (in-addr.arpa, ip6.arpa).
In PUQcloud, every zone is assigned to exactly one Server Group, and that group has one or more real DNS servers attached. As a result:

• When you create or change records in Zones, PUQcloud writes those changes to all servers in the selected group.

• Zone-level meta (e.g., Primary NS, NS Domains, SOA fields) is stored with the zone and deployed to the group’s servers.

Path: Settings → DNS Manager → Zones

2) The Zones list & actions

The list shows all zones, how many records each has, which Server Group it belongs to, the Primary NS (SOA MNAME), and the Admin Email (SOA RNAME).

Per-row actions:

• Edit — open the zone editor

• Delete — remove the zone

Top-right: + Create to add a new zone.

3) Create a zone

Click + Create and fill the form.

Field reference

Click Save to create the zone.

4) Edit a zone

Opening a zone leads to Edit DNS Zone.

What you see

• Name — zone name (read-only for some reverse templates).

• DNS Server Group — which group serves this zone.

• Primary NS — SOA MNAME (main NS).

• NS Domains — authoritative nameserver hostnames shown as badges. These should match your actual registrar delegation.

• SOA fields — TTL, Refresh, Retry, Expire, Minimum TTL.

• Records table — the list of all records in this zone.

Top actions

• + Create Record — add A/AAAA/CNAME/TXT/MX/SRV/NS/PTR etc.

• Reload Zone — force-sync this zone across all servers in the group.

• Move To — move the zone to another Server Group (useful for migrations).

• Export / Import — export to/import from a standard zone format (PowerDNS/BIND-compatible).

• Save — save changes to the zone properties (record edits have their own save flow in the record modal).

5) Add records

Click + Create Record.

Common record types

• A / AAAA — IPv4/IPv6 address mappings (e.g., www → 203.0.113.10).

• CNAME — alias (e.g., www → @ or example.com).

• TXT — free-form text (SPF, DKIM, ACME challenges).

• MX — mail exchangers with priority.

• SRV — service records (VoIP, LDAP, etc.).

• NS — delegate sub-zones to other nameservers.

• PTR — reverse mapping (IP to hostname) for reverse zones.

Examples (forward)

• @ → A → 203.0.113.10

• www → CNAME → @

Example (mail)

• @ → MX (10) → mx1.example.com.

• @ → TXT → v=spf1 include:spf.example.net -all

Reverse example (PTR)

In 0.168.192.in-addr.arpa:

• 130 → PTR → host130.example.com.

6) ACME / SSL with a technical zone

For DNS-01 challenges, SSL Manager commonly uses a technical zone (e.g., acme.yourdomain.tld) hosted by a dedicated Server Group (e.g., PowerDNS (devns)). The workflow:

1. In the target zone (the zone for which you want a cert), create a CNAME:
   _acme-challenge.yourdomain.tld → _acme-challenge.yourdomain.tld.acme.yourdomain.tld.

2. During issuance, SSL Manager automatically creates/updates the TXT in the tech zone (via PowerDNS/Hestia modules).

3. The CA queries _acme-challenge on the target zone, follows the CNAME into the tech zone, and reads the TXT.

4. Once validated, the certificate becomes ACTIVE (see SSL Certificates guide).

Ensure the tech group’s NS Domains are really authoritative and are properly delegated at the registrar.

7) Export / Import

• Export — download the zone in a PowerDNS/BIND-compatible format (great for backups and migrations).

• Import — upload a zone file to quickly populate records. After import, verify records and click Reload Zone.

8) Best practices

• Use TTL 300–600s while actively changing/migrating; raise later for stability.

• Keep ≥2 NS in the serving group (prefer distinct regions/ASNs).

• For ACME, keep a separate tech zone and separate group.

• Always Export before bulk edits.

• After changing a zone’s Server Group, use Move To and then Reload Zone.

• Regularly verify delegation (dig NS yourdomain.tld) and key records resolution from multiple locations.

9) Troubleshooting