Blinking dns zone records (subdomains)

Question

One week ago I have added few new A records to existing zone mints.rocks

h37.mints.rocks , resh37.mints.rocks

And now sometimes dns resolves it with empty value

But previous 40 records works well, for example

h34.mints.rocks resh34.mints.rocks

Domain hosted on name.com, standard name servers used. No custom records, only A. All records created via api

I have recreated records few times. Same problems. Some of new record in domain can be with the problem.

For testing I'm using dnschecker.org , every time new dns servers returns wrong value

few times I got "Domain name not resolved" error on my laptop in browser.

intodns.com show's no error. I have no any ideas how to fix the bug. Name.com support unresponsive

UPDATE:

wrong dig result example:

~$ dig h37.mints.rocks

; <<>> DiG 9.16.1-Ubuntu <<>> h37.mints.rocks
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38029
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;h37.mints.rocks.       IN  A

;; Query time: 56 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Wed Aug 12 22:18:36 CEST 2020
;; MSG SIZE  rcvd: 44

Your records are fine. You can't fix other people's broken or misconfigured resolvers. Not even if they're Google's. — Michael Hampton, Aug 12 '20 at 14:44
Michael, problem not in 1-3 resolvers, every one from the list randomly sometimes return wrong answer (just press test button few times). I think problem in name.com infrastructure, but I can't find any proofs for sending it to support. — demon101, Aug 12 '20 at 17:24

score 2 · Accepted Answer · answered Aug 12 '20 at 21:27

ns{1,2,3,4}.name.com appear to use anycast, based on observing <1ms latencies from vastly different locations. (It actually seems to be one NSOne service or another.)

Based on the problem description (the problem only occurs for your newer records and occurs seemingly at random, but not from just any client) and knowing that it's an anycast service, I get the sneaking suspicion not all nodes in their anycast cluster have the current zone data.

If you change the query for the DNS Checker site to look up the SOA for your zone this seems to support this theory (different serials showing up at random at some of the DNS Checker test servers).

I think the results for SOA are more telling regarding the nature of the problem, maybe that can help your interactions with customer service.

score 1 · Answer 2 · answered Aug 12 '20 at 19:42

When using free DNS servers offered at registrars, you're going to have to expect that you'll get poor service. These kinds of transient resolution errors are not uncommon. If you want consistent DNS responses you need to use a premium DNS service, or host your own nameservers to meet your needs and also be able to troubleshoot end-to-end resolution errors.

If you need documentation of a failure to present to support, you'll simply need to make continuous queries of your A records (wether through a user tool like dig or something like socket.gethostbyname() in Python), log the errors, and submit your findings to their support channels.

In the end, if you need a more consistent DNS host... then get a more consistent DNS host.

I know, I can solve the problem by dns service replacement. And I already did it with another domain for tests. But I want to know, how I can dump the wrong information from name.com. With periodical check -- I have updated the question — demon101, Aug 12 '20 at 20:17

Blinking dns zone records (subdomains)

2 Answers2