Looking for a little help diagnosing where my issues may be coming from. I have one domain that is causing me a lot of issues with resolving and I asked about it before in the following thread:
To summarize, I was having issues with my domain NS records not resolving so that any requester was not being routed to my MiaB for DNS requests. Members here tolde me that DNSSEC (DS) sucks and that I should remove and try again. I did this and it worked for a while but now my domain is not resolving again for NS requests and outgoing mail is starting to have issues as any DNS lookups from the receiving server is unbale to validate my DNS records.
I have checked the DNS lookups in dnschecker.org for NS records and I get only two locations in the US that can access while the rest of the US and pretty much the rest of the world get failures.
Am I correct in assuming that this issue is an error in my domain registrar system and that something is wrong with how they have my account setup and answering NS requests? Currently I still have DNSSec off and the nameservers are the only thing I have setup on my domain host.
Additional info:
I have additional domains (5 of them) in a separate account with the same registrar with identical settings (except that all of them have working DNSSec) and have zero issues with any of them and can use any and all of the domains for sending and receiving email without issue. I also have checked the domain all of my domains for block listings and none are flagged in any way.
Any help on finding the issue and also proving that the issue is with my registrar would be helpful as they keep saying that this issue is on my end.
Sometimes it helps to have sites like Zonemaster.se or https://dnsviz.net/ have a look.
It sometimes happens to take a long time to update the NS servers belonging to your domain. But you can try to “reset” by reapplying the settings? The NS servers should simply be ns1.box.. and puck.nether.net
Also check if they really disabled dnssec
It’s been a few days since I reset the nameservers with my domain host so it should be good by now if a reset would have fixed it.
I can let you know the domain name if that would help anyone take a stab at what/where the issue is. The big thing I need is a smoking gun to hit my host over the head with as they refuse to think their systems are at fault.
To me it looks like when someone wants to interact with my domain, they go to the registrar/host and essentially ask for the Nameservers so they can get the correct DNS info for the domain. Right now it seems that requests are failing when they are being made to the registar/host and are not touching my MiaB which hosts my DNS
Sorry… I should have been more clear about my setup.
The domain in question is not the MiaB domain. I have a domain that is for the MiaB and my box uses the box. prefix so it is setup on my domain host as ns1.box.domain.tld
Email to and from that domain works without issue. I also have five other domains, all with an email box, setup on my server and all of those domains use the same domain host and use the same setup as the domain in question. The only difference is that the one domain I am having problems with is in a different account with the host than the other five. The other five all have everything setup, including DNSSec, and are not having any issues at all.
I can DM you the domain name I am having issues with it anyone wants to test on their end and see if they notice something.
I switched back my nameservers to the domain host (GoDaddy - ugh) and used the external dns settings to match the DNS generated by MiaB. This brought my mail back online, but doesn’t fix the issue.
I am thinking of letting this propagate for a week and then try setting it back to my MiaB nameserver so that I can see if that was enough of a refresh. Any thoughts from anyone on this process or any pitfalls/gotchas I should be aware of?
Right now everything is works by moving the DNS for this domain back to the host. It is on my to-do list to try going back to the original setup.
When I do this, I’ll post up here and get back in touch. I appreciate the offer of you taking a deeper look for me @alento . I’m newer to ask if this so funny know how to dig in as much as I’d like to diagnose issues like this.
Originally the issue was DNSSec related. I have lots had DNSSec on since while I had the issue. It is on now, but is provided by the host and is not using the values from MiaB
I’m out of town this week, but next week I will try to set my host back to using my original setup and see what happens. I will be sure to turn off DNSSec before I do anything.