DIDWW seems to be midway between moving from GoDaddy DNS to their own internal DNS. Their DNS Servers are cached for 1 hour. We started seeing DNS failures for api.didww.com which returns no entries from ;; AUTHORITY SECTION: didww.com. 3600 IN NS ns14.domaincontrol.com. didww.com. 3600 IN NS ns13.domaincontrol.com. However, when querying the root .com DNS servers, their NS records changed web1 : /usr/local/apps --> dig didww.com @a.gtld-servers.net ;; AUTHORITY SECTION: didww.com. 172800 IN NS ns1.didww.com. didww.com. 172800 IN NS ns2.didww.com. We have hardcoded the IP for api.didww.com and web-fe-api.didww.com to continue API operations with DIDWW until the DNS caches expire and the new information is updated. Please, y'all -- when doing a DNS migration, ensure 1000% that your DNS records on your old DNS provider match your DNS records on your new DNS provider, and plan your DNS migration early by setting the TTL for your NS records at least to 5 minutes (300 seconds) if allowed, 30 seconds if you can. Assume all caching servers will cache for 5 minutes even if you set it to 30 seconds. At least that way if things go wrong, your outage horizon is 5 minutes, not 1 hour or more!!! --------------------------------------------------------------------------- Peter Beckman Internet Guy beckman at angryox.com https://www.angryox.com/ ---------------------------------------------------------------------------
Why, back in my day, residential ISPs would ignore your TTLs and cache for 3 days no matter what you did? Kids these days. ? Alex
On Jan 20, 2022, at 7:54 PM, Peter Beckman <beckman at angryox.com> wrote:
Please, y'all -- when doing a DNS migration, ensure 1000% that your DNS records on your old DNS provider match your DNS records on your new DNS provider, and plan your DNS migration early by setting the TTL for your NS records at least to 5 minutes (300 seconds) if allowed, 30 seconds if you can.
Assume all caching servers will cache for 5 minutes even if you set it to 30 seconds.
At least that way if things go wrong, your outage horizon is 5 minutes, not 1 hour or more!!!
-- Alex Balashov | Principal | Evariste Systems LLC Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
Hahaha yeah, thanks Residential ISPs, your DNS sucks. I always found a better caching resolver, like UUNET, until Verizon got better at it, and then Google DNS came along. The caches have cleared. Beckman On Thu, 20 Jan 2022, Alex Balashov wrote:
Why, back in my day, residential ISPs would ignore your TTLs and cache for 3 days no matter what you did?
Kids these days.
? Alex
On Jan 20, 2022, at 7:54 PM, Peter Beckman <beckman at angryox.com> wrote:
Please, y'all -- when doing a DNS migration, ensure 1000% that your DNS records on your old DNS provider match your DNS records on your new DNS provider, and plan your DNS migration early by setting the TTL for your NS records at least to 5 minutes (300 seconds) if allowed, 30 seconds if you can.
Assume all caching servers will cache for 5 minutes even if you set it to 30 seconds.
At least that way if things go wrong, your outage horizon is 5 minutes, not 1 hour or more!!!
-- Alex Balashov | Principal | Evariste Systems LLC
Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
--------------------------------------------------------------------------- Peter Beckman Internet Guy beckman at angryox.com https://www.angryox.com/ ---------------------------------------------------------------------------
That?s all good and fine for your DNS, but it did nothing for me when Peter from www.BeckmanPimpsStereos.com was calling every 3 minutes screaming that his web site has been down for a day and that he?s losing ?millions of dollars?, all because we just had to migrate his ColdFusion site off a yellowing-beige NT4 box running vintage IIS to PrimeHostOutsourcerOne and now all the locals on DopeCable can?t access it? ? Sent from mobile, with due apologies for brevity and errors.
On Jan 20, 2022, at 8:50 PM, Peter Beckman <beckman at angryox.com> wrote:
?Hahaha yeah, thanks Residential ISPs, your DNS sucks. I always found a better caching resolver, like UUNET, until Verizon got better at it, and then Google DNS came along.
The caches have cleared.
Beckman
On Thu, 20 Jan 2022, Alex Balashov wrote:
Why, back in my day, residential ISPs would ignore your TTLs and cache for 3 days no matter what you did? Kids these days. ? Alex
On Jan 20, 2022, at 7:54 PM, Peter Beckman <beckman at angryox.com> wrote: Please, y'all -- when doing a DNS migration, ensure 1000% that your DNS records on your old DNS provider match your DNS records on your new DNS provider, and plan your DNS migration early by setting the TTL for your NS records at least to 5 minutes (300 seconds) if allowed, 30 seconds if you can. Assume all caching servers will cache for 5 minutes even if you set it to 30 seconds. At least that way if things go wrong, your outage horizon is 5 minutes, not 1 hour or more!!!
-- Alex Balashov | Principal | Evariste Systems LLC
Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
--------------------------------------------------------------------------- Peter Beckman Internet Guy beckman at angryox.com https://www.angryox.com/ ---------------------------------------------------------------------------
Losing millions of dollars. Very nicely said. Then there are those that move their website, with their DNS, to a different provider, and are then confused as to why their email is broken. Of course it is the email providers fault, and they have no comprehension that it might somehow be related to the recent changes with their website. On 2022-01-20 20:03, Alex Balashov wrote:
That?s all good and fine for your DNS, but it did nothing for me when Peter from www.BeckmanPimpsStereos.com was calling every 3 minutes screaming that his web site has been down for a day and that he?s losing ?millions of dollars?, all because we just had to migrate his ColdFusion site off a yellowing-beige NT4 box running vintage IIS to PrimeHostOutsourcerOne and now all the locals on DopeCable can?t access it?
? Sent from mobile, with due apologies for brevity and errors.
On Jan 20, 2022, at 8:50 PM, Peter Beckman <beckman at angryox.com> wrote:
?Hahaha yeah, thanks Residential ISPs, your DNS sucks. I always found a better caching resolver, like UUNET, until Verizon got better at it, and then Google DNS came along.
The caches have cleared.
Beckman
On Thu, 20 Jan 2022, Alex Balashov wrote:
Why, back in my day, residential ISPs would ignore your TTLs and cache for 3 days no matter what you did? Kids these days. ? Alex
On Jan 20, 2022, at 7:54 PM, Peter Beckman <beckman at angryox.com> wrote: Please, y'all -- when doing a DNS migration, ensure 1000% that your DNS records on your old DNS provider match your DNS records on your new DNS provider, and plan your DNS migration early by setting the TTL for your NS records at least to 5 minutes (300 seconds) if allowed, 30 seconds if you can. Assume all caching servers will cache for 5 minutes even if you set it to 30 seconds. At least that way if things go wrong, your outage horizon is 5 minutes, not 1 hour or more!!!
-- Alex Balashov | Principal | Evariste Systems LLC
Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
--------------------------------------------------------------------------- Peter Beckman Internet Guy beckman at angryox.com https://www.angryox.com/ ---------------------------------------------------------------------------
VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
participants (3)
-
abalashov@evaristesys.com -
beckman@angryox.com -
mjohnston@wiktel.com