Opterius includes a full authoritative DNS server — PowerDNS — backed by MariaDB. When you add a domain to an account, Opterius creates all its DNS records automatically. Your customers point their domain's nameservers at your server and Opterius handles everything else.
The Flow
Client's browser → DNS query: "what is the IP for example.com?"
→ Asks root DNS servers
→ Root servers say: ask ns1.yourhosting.com
→ ns1.yourhosting.com (PowerDNS on your Opterius server)
→ PowerDNS reads from MariaDB → returns: "A record → 1.2.3.4"
→ Browser connects to 1.2.3.4
→ Nginx serves the site
PowerDNS is authoritative — it's the final answer for any domain it manages. It doesn't forward queries or cache external results. Its only job is answering queries about the zones it owns.
Default Records Created Per Domain
When you create a hosting account or add a domain, Opterius automatically creates:
| Type | Name | Value |
|---|---|---|
| SOA | domain.com |
nameserver and admin contact info |
| NS | domain.com |
ns1.yourhosting.com |
| NS | domain.com |
ns2.yourhosting.com |
| A | domain.com |
Server IP |
| A | www.domain.com |
Server IP |
| A | mail.domain.com |
Server IP |
| MX | domain.com |
mail.domain.com (priority 10) |
| TXT | domain.com |
v=spf1 a mx ~all |
The nameserver hostnames are pulled from your Settings → DNS configuration — set those to your actual nameserver names before creating accounts.
PowerDNS and MariaDB
PowerDNS reads its zone and record data directly from tables in MariaDB. When the Opterius Agent adds a DNS record, it inserts a row into the records table. PowerDNS picks it up immediately — there's no restart needed, no zone file to reload.
This means DNS changes in Opterius are instant — not "when the zone reloads." They take effect the moment you click Save.
TTL and Propagation
TTL (Time To Live) is how long DNS resolvers cache a record. Default records use 3600 seconds (1 hour). Lower TTLs mean changes propagate faster but increase query load on your nameservers.
Propagation is how long it takes for the rest of the internet to see a change. This depends on whether existing resolvers have cached the old record. For a brand new domain (never cached before), changes are visible almost immediately. For a domain switching nameservers, expect up to 48 hours for full propagation — the old TTL on the NS records at the registrar must expire first.
DNSSEC
Opterius supports DNSSEC via PowerDNS. DNSSEC adds cryptographic signatures to DNS records so resolvers can verify authenticity. Configuration is available in Settings → DNS.
Subdomains in DNS
When you add a subdomain (shop.example.com) in Opterius, an A record is automatically added for it pointing to the server IP. You can customize this if the subdomain should point elsewhere — go to DNS → Records for the domain and edit the A record.