I need help with a DNS puzzle
I need more brains on this.
Recently I removed the GLUE records for ns1-ns4.mxroute.com, they had been left running but I always intended to shut them down. After doing so, a customer who had their NS set to ns1-ns4.mxroute.com for years suddenly saw the parent TLD (.net) returning their nameservers as:
blerghpzgjkbozqnf.hydrapiglephant.com
blerghklifadtpipj.hydrapiglephant.com
Similarly, a customer who has their NS set to ns1-ns4.catalysthost.net has intermittently been seeing the parent TLD return those same nameservers after an update to the GLUE records was made at Porkbun, causing their domain to stop resolving for periods of time.
Neither the CatalystHost nor MXroute customer use the same registrar, and neither of them are using Porkbun. Both MXroute and CatalystHost are using Porkbun. The domain hydrapiglephant.com appears to belong to Porkbun given that it's registered there and the existence of this page: https://porkbun.com/stuff/hydrapiglephant
These nameservers are returned from the parent TLD, for example running a DNS query like:
dig NS customerdomain.net @m.gtld-servers.net
They are not returned from ns1-ns4.mxroute.com (which no longer exists) or ns1-ns4.catalysthost.net (which still exists but was just updated).
The only conclusion I can reach is that somehow Porkbun is able to influence the NS at the parent TLD of domains that point their NS to domains for which they control the GLUE records (even if those domains are on different registrars), which is definitely news to me (and would be a serious error somewhere at the registrar level). Can anyone make sense of this?
Hate radiates from the source. If you look around and see it everywhere, it's coming from you.
Comments
Customer using catalyst NS reset their NS again at the registrar and the parent TLD is once again returning the correct values. Though this is the second time this has occurred, it does mean there are currently no active domains experiencing this to troubleshoot.
Not ashamed to say this one confuses me.
Hate radiates from the source. If you look around and see it everywhere, it's coming from you.
Same. contact porkbun about it? maybe it is a mistake/bug.
https://webhorizon.net
I have had issues like this before with Pornbun. Contact them
This doesn't sound okay, at all!
?
I read the OP twice, and could only think that ^ is true, but I dont think it should be true.
https://inceptionhosting.com
Please do not use the PM system here for Inception Hosting support issues.
I have had similar with porkbun in the past (for different brands). Something is effed on the other end.
Nexus Bytes Ryzen Powered NVMe VPS | NYC|Miami|LA|London|Netherlands| Singapore|Tokyo
Storage VPS | LiteSpeed Powered Web Hosting + SSH access | Switcher Special |
At least my sanity has been spared that no one else seems to see it differently based on the story. I’ll be sure to share the findings from their support.
Hate radiates from the source. If you look around and see it everywhere, it's coming from you.
They're looking into it. It seems to me that from this suggestion, if I delete my GLUE records for custom NS and someone at another registrar is using those former custom NS, Porkbun has the authority to change the NS servers at the parent TLD despite that domain not being registered with Porkbun.
I will have been completely unaware that anything done at one registrar could change the name (as opposed to merely the value) of a DNS record anywhere that isn't under the control of that particular registrar. I've run into a lot but nothing I've run into has ever suggested such a capability. It makes me wonder what kind of systems may be operating on trust between registrars and parent TLDs.
Hate radiates from the source. If you look around and see it everywhere, it's coming from you.
Hello, all. This thread was sent over to me so I'm going to do my best to explain how this happens. The glue records registered under mxroute.com were delegated to other domains within the same registry zone (com/net in this case) which prevents their deletion. To get around this, the glue records can be renamed to another domain at the same registry zone so that the original can then be deleted. When ns1-ns4.mxroute.com were deleted, or any other glue record that falls into this situation, we rename the glue record to an internal domain we keep for these instances so that the record can be deleted.
Thanks @oborseth!
Yes this was the reply I got:
So if a glue record is renamed with the parent, it apparently impacts what the parent returns for the domains that were using the NS matching that glue record, even if it wasn't altered by anyone with authority over that domain. It makes sense, I just had no idea that the parent zones worked in such a way as I'd never witnessed it. So the case where the customer used ns1-ns4.mxroute.com, it was appropriate and correct as I intentionally deleted those. In the case where the customer used ns1-ns4.catalysthost.net and Ryan simply changed the IP of the glue record, that may not have been appropriate that it changed (but at this stage is best figured out between Ryan and Porkbun).
Hate radiates from the source. If you look around and see it everywhere, it's coming from you.
I'll have to dig into the catalysthost.net issue, has to be something similar. It's the only way it can happen. That said, I'm questioning now if we should do this when it's a user requested delete. Might be something that should be escalated or at the very least double verified since it could impact resolution of other domains.
Thanks for the explanation @oborseth and it is pretty impressive that you took the time to come here to explain this.
https://inceptionhosting.com
Please do not use the PM system here for Inception Hosting support issues.
Nothing contributed by posting something like this, but I'll do it anyway 'cause I'm an asshole:
Thanks @jarland for bringing this up, and to @oborseth for taking the time to explain. It is appreciated. Smarter now than I was this morning.
My experience with Porkbun has been quite good - and this kind of giving a damn about their partners makes me think even more highly of the registrar.
Detailed info about providers whose services I've used:
BikeGremlin web-hosting reviews
Man, I am glad my collection of domains are with Porkbun. Occasional problems are par the course of life, but their attitude rocks.
Deals and Reviews: LowEndBoxes Review | Avoid dodgy providers with The LEBRE Whitelist | Free hosting (with conditions): Evolution-Host, NanoKVM, FreeMach, ServedEZ | Get expert copyediting and copywriting help at The Write Flow
Long live the hydrapiglephant!
Hate radiates from the source. If you look around and see it everywhere, it's coming from you.
Their UI isn't the best, the prices are (no longer) the cheapest, but support is why I stick with Porkbun
Who is the cheapest now? :P
Cloudflare will always be the cheapest, except first year discount.
Webhosting24 aff best VPS; ServerFactory aff best VDS; Cloudie best ASN; Huel aff best brotein.
Sure, if you don't mine the fact that you can't change nameservers...
Biggest problem with this is the record limit. Can only have 200 DNS records for a domain on a free account.
Hate radiates from the source. If you look around and see it everywhere, it's coming from you.
That's quite limiting...
I’ve only reached the half of that, however their UI is really laggy with even that many records. Moved one of my domains to an AWS Education account’s Route 53, which worked quite well up to now.
Yeah, the laggy interface is awful. I've moved some of my domains to Route 53 as well for this reason. Cloudflare has a nice DNS service, but their competitors still do all the other supplemental stuff (like the UI) better. No surprise, considering the free DNS service is probably a loss leader anyways.