Glue records for Namecheap no longer work

Hello there!

I’m currently playing around with setting up MiaB, and I remember clearly that this tutorial for setting up glue records on Namecheap worked before (very recently). Now, for some reason, following the tutorial isn’t enough to accomplish this.

The box is named central.davness.dev and the nameservers are ns1/ns2.central.davness.dev.

Running dig +trace davness.dev returns this:

;; Warning: Message parser reports malformed message packet.

; <<>> DiG 9.16.3 <<>> +trace davness.dev
;; global options: +cmd
.                       448362  IN      NS      k.root-servers.net.
.                       448362  IN      NS      l.root-servers.net.
.                       448362  IN      NS      m.root-servers.net.
.                       448362  IN      NS      a.root-servers.net.
.                       448362  IN      NS      b.root-servers.net.
.                       448362  IN      NS      c.root-servers.net.
.                       448362  IN      NS      d.root-servers.net.
.                       448362  IN      NS      e.root-servers.net.
.                       448362  IN      NS      f.root-servers.net.
.                       448362  IN      NS      g.root-servers.net.
.                       448362  IN      NS      h.root-servers.net.
.                       448362  IN      NS      i.root-servers.net.
.                       448362  IN      NS      j.root-servers.net.
;; Received 512 bytes from 192.168.1.1#53(192.168.1.1) in 9 ms

dev.                    172800  IN      NS      ns-tld5.charlestonroadregistry.com.
dev.                    172800  IN      NS      ns-tld1.charlestonroadregistry.com.
dev.                    172800  IN      NS      ns-tld4.charlestonroadregistry.com.
dev.                    172800  IN      NS      ns-tld3.charlestonroadregistry.com.
dev.                    172800  IN      NS      ns-tld2.charlestonroadregistry.com.
dev.                    86400   IN      DS      60074 8 2 B942E2CE5AEBF62FCA59D05707E6DBB795211D540D8ADBA02E9E89E8 33424785
dev.                    86400   IN      RRSIG   DS 8 1 86400 20200609200000 20200527190000 48903 . KMRFBgvmxsIIF/qM0g1jp0qWinDgdQYFYC6Ma74kJv9b1MPrRudcE6eM dtIyACkEhKVpwhlkxTk1z/Q4pbH3Zg+RM4rMr7aJdBrvC3lL+D+jbR9a eN2fjl7dcxdnLqZz0nTIoZ5YbLDiAK0dN6ZrKjePe7/Vhuyy5fiaQyod UT/b9bIIryRszSIJFOUUY/5qBGrPlKk4XZYSfNyp8zt4lUeOXjsYp42y d072N9sWikkZvJMP5kciohE08byJpSAOsvReuHzuBgwaKAIQd8Ba7+hR 0Gi1XIellc+MNP+vn0ZnPEVC4Sv+aZhZ6TQVT2x9zrx6ILnAK1c3q1KC WoggLA==
;; Received 759 bytes from 2001:500:12::d0d#53(g.root-servers.net) in 100 ms

davness.dev.            10800   IN      NS      ns1.central.davness.dev.
davness.dev.            10800   IN      NS      ns2.central.davness.dev.
769fev4fucoqi990c6p6fs6a0gqmpkhi.dev. 300 IN NSEC3 1 0 1 B7B0891083980E59 769O7DKB77JULB8G9CU4IFSE8ONBUNIM NS
769fev4fucoqi990c6p6fs6a0gqmpkhi.dev. 300 IN RRSIG NSEC3 8 2 300 20200617024041 20200526024041 59215 dev. M0iCG0yWlvMF4Z3pnEO0b6N9kMVtQg+MjohbFRniGyJ1OuzkvNMS7Tpe Jj4R0XffBQsdEZZXliYpoPLnbtnPP/4iqXjoFRuR+tMhGId9FAVN2uv0 7BcA5bG1IGsbvTswRt5UV/+KF4nu8fCDair90DLSWSTtx0pJXsFsnqy1 6io=
;; Received 361 bytes from 216.239.60.105#53(ns-tld5.charlestonroadregistry.com) in 127 ms

;; connection timed out; no servers could be reached

This doesn’t seem to be an issue with the box itself - because it’s IP is never displayed.

On the other hand, testing the domain on https://mebsd.com/glue identifies the glue records.

What else do I need to do?

Solution for whoever sees this: DNS services apparently (also) use UDP. not TCP. Keep that in mind when setting up your firewall.

This isn’t a problem for most Cloud providers, but some do in fact have different rules for different protocols (like Oracle).

Actually, DNS uses both. So be certain that both are allowed in the firewall.

1 Like

Hi @davness thanks for the heads up, although I am not entirely clear what we need to do to resolve the issue?

My records worked previously and now not, while I haven’t changed anything?

The OP’s issue was not what he listed in the title of this thread … that said, what exactly is your issue? @mauve-twerp

I suggest that you may want to start your own thread.

Hi @alento perhaps coincidence as my DNSSEC stopped working at a similar time and 1+1=5 :slight_smile:

This domain’s DNSSEC DS record is not set,

after being set and working fine for some weeks…

Will search again and look a bit closer next time.

@mauve-twerp
Ok, so your DNS is not working then? It is not serving records?

Hence why I said it was not likely related to the topic of this thread.

PM me with your MiaB’s hostname. I suspect that DNSSEC is the culprit, but would prefer checking before blindly suggesting that you remove the DNSSEC from your registrar. If you’d prefer not to share your MiaB hostname, remove the DNSSEC information from your registrar … things may (should) start working again. You can then add the DNSSEC back after 24 hours IF you really want to use it.

Thanks for your help…with MIAB handling my DNS I assumed it was handling DNSSEC, but after checking Namecheap seemed to have lost my original settings for DNSSEC.

Not sure how, but waiting for the change to propagate and hopefully it will be sorted…if not I will PM you, thanks again.

Apologies for hijacking a thread.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.