How long does it take to propagate new ip dns glue records


#1

Hello, I have a MiaB installed (around a year) which runs with no problems.
Last week I decided to migrate to a new cloud hosting provider, from Scaleway to Hetzner. The domain is at Gandi.
Well I setup a 18.04 at Hetzner, set that IP to Gandi glue records, 3 days passed since then, the status page I can only visit it by the ip/admin has all the warnings in red ans yellow.
I believe it has something to do with the glue records, it says so at the status page. How long does it take;
Maybe it’s something to do with 18.04; I set it up like that

$ git clone --single-branch -b ubuntu_bionic --depth=1 https://github.com/mail-in-a-box/mailinabox.git
$ cd mailinabox
# bash setup/start.sh

Maybe it’s something to do with Hetzner; There was rdns setup correctly.

What you think; :slight_smile:


#2

Your Glue records are to be set in your GANDI account (you probably have to update the existing glue records to point to the new IP) it usually takes about 30 Minutes but can take up to 24 Hours to propagate if done correctly.


#3

Of course I have update the glue records with the new ip. 2 days still struggling.


#4

Care to share your box’s hostname in PM … I’d be happy to do some digging.


#5

The first thing to understand about DNS is that public DNS servers will cache their entries until the TTL (time to live) value expires.

Most (if not all) TLD providers normally set this value at 172800 seconds (which is 48 hours).

However the best thing you can do is learn how to find a domains Glue records. These are located in the zone files of your TLD.

So imagine I want to find the Glue records for google.com. How would you do this?

First of all find the authoritative servers for the com. domain using DIG.

C:\Users\timdu>dig ns com.

; <<>> DiG 9.10.6-P1 <<>> ns com.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24500
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;com.                           IN      NS

;; ANSWER SECTION:
com.                    68524   IN      NS      l.gtld-servers.net.
com.                    68524   IN      NS      c.gtld-servers.net.
com.                    68524   IN      NS      d.gtld-servers.net.
com.                    68524   IN      NS      f.gtld-servers.net.
com.                    68524   IN      NS      b.gtld-servers.net.
com.                    68524   IN      NS      h.gtld-servers.net.
com.                    68524   IN      NS      m.gtld-servers.net.
com.                    68524   IN      NS      j.gtld-servers.net.
com.                    68524   IN      NS      k.gtld-servers.net.
com.                    68524   IN      NS      i.gtld-servers.net.
com.                    68524   IN      NS      g.gtld-servers.net.
com.                    68524   IN      NS      a.gtld-servers.net.
com.                    68524   IN      NS      e.gtld-servers.net.

;; Query time: 21 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Jan 08 21:13:06 GMT Standard Time 2019
;; MSG SIZE  rcvd: 256

This gives us a list of the name servers looking after the .com domain. So we query one of these to find the Glue records for google.com.

C:\Users\timdu>dig +norecurse ns @a.gtld-servers.net google.com

; <<>> DiG 9.10.6-P1 <<>> +norecurse ns @a.gtld-servers.net google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23933
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 9

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com.                    IN      NS

;; AUTHORITY SECTION:
google.com.             172800  IN      NS      ns2.google.com.
google.com.             172800  IN      NS      ns1.google.com.
google.com.             172800  IN      NS      ns3.google.com.
google.com.             172800  IN      NS      ns4.google.com.

;; ADDITIONAL SECTION:
ns2.google.com.         172800  IN      AAAA    2001:4860:4802:34::a
ns2.google.com.         172800  IN      A       216.239.34.10
ns1.google.com.         172800  IN      AAAA    2001:4860:4802:32::a
ns1.google.com.         172800  IN      A       216.239.32.10
ns3.google.com.         172800  IN      AAAA    2001:4860:4802:36::a
ns3.google.com.         172800  IN      A       216.239.36.10
ns4.google.com.         172800  IN      AAAA    2001:4860:4802:38::a
ns4.google.com.         172800  IN      A       216.239.38.10

;; Query time: 24 msec
;; SERVER: 192.5.6.30#53(192.5.6.30)
;; WHEN: Tue Jan 08 21:15:32 GMT Standard Time 2019
;; MSG SIZE  rcvd: 287

Because we’re querying the TLD’s nameservers directly we’ll always get the current glue records for the domain as opposed to a cached version.

You can apply the above principles to find the current glue records for any domain on the web including your own.


#6

Quite useful post. I check with my domain, it seems ok,glue and ns seem to be setup ok.
Admin status still complaining though :smiley: about glue,dns rdns and tls-ssl.
Maybe I just leave it to complain.


#7

I would take Alento up on his offer and let him have a look, or me for that matter. Both of us are no slouches when it comes to DNS so we may be able to spot something that you’ve missed.


#8

Its OK now,no need. I installed a new 18.04 server with MiaB and attached the old IP I had glued with Gandi initially. Loks good now, sometimes is unreachable but it will get OK soon.
Thank you all for taking care.