|
Hi there. I'm currently using EditDNS as a backup name server for domains. Since Dyn purchased EditDNS recently, I figure this would be the best place to ask this question. I'm also interested in the Dyn product "Secondary DNS" since it is similar to what we are doing now. However, I'm not clear on how it should work. We have two of our own name servers and EditDNS has three, so all of our domains have 5 servers listed when you get a Whois: http://NS1.MYDOMAIN.NET http://NS2.MYDOMAIN.NET http://NS1.US.EDITDNS.NET http://NS2.US.EDITDNS.NET http://NS3.US.EDITDNS.NET A few weeks ago, both of our servers had a kernel panic and rebooted, and bind was not set to start on boot. That means that while the two servers themselves were online, bind was not available. I would have expected that during the time all nslookups would have gone to the EditDNS servers immediately, but they did not. None of my queries, co-workers in other locations, or our http://BinaryCanary.com lookups worked, they all failed immediately, effectively rendering our entire infrastructure offline even though we had "backup DNS." Maybe this is a question more about how DNS works than EditDNS or Dyn's Secondary DNS service: If the primary name servers go down, why didn't the 3-5th name servers work for anyone? Were ISPs caching somehow? At what point would this cache fail and the 3-5th servers actually be used? Background: I know the EditDNS servers had the correct records, running dig @ns1.us.editdns.net commands for our domains works, and whenever I reload rndc on our name servers EditDNS picks up the changes. Also, for http://MYDOMAIN.NET, I have that configured in Go Daddy Total DNS as A records for the NS1 and NS2 subdomains; and I also have their IP addresses set in the Go Daddy "Host Summary." It did not seem to work when I just had them in host summary, and I then needed to add the subdomains to Total DNS as well. Not sure if any of that plays into this issue at all. |
|
As well as what's listed in WhoIS, the DNS zones themselves have to list the exact same list of DNS servers as being authoritative for the domain in question (note that Have you tried querying the EditDNS servers directly to check that they respond for the domain? I used http://mydomain.net as an example in this question, it's not what we're actually using. In all of these zone files we do also have the 5 name servers listed as NS records. Yet, they still failed to work when Bind wasn't running.
Sep 22 at 05:10 PM
Allen
|
|
I guessed that Unfortunately there isn't a lot we can do to help you narrow down the probable problem without knowing the domain. We can suggest things (such as directly querying the DNS servers) but we're reliant on you doing that and then telling us what the result is. |
|
Really tough to know without looking at the domain and doing some test queries to see if we can track down the cause. Were you getting timeouts, NXDOMAIN's, and/or SERVFAIL's when doing the dig lookups? E-mail EditDNS support the actual details and they can take a look to see if everything on the EditDNS Secondary DNS configuration is correct. If you were on DynDNS Secondary DNS, then we definitely would have answered the queries that hit our server, assuming the nameserver delegation is correct and that we were able to previously do zone transfers with the master server correctly. |
