6

I don't know if this is the right place for my question, but I have a problem with my DNS/nameservers after changing the nameservers. I'm not sure if it is a problem at my side or at my webhost.

I updated the DNS Zone Records in the Control Panel of my webhosting provider to the ones provided by Cloudflare. After that there are two nameservers:

NS  elle.ns.cloudflare.com  
NS  lloyd.ns.cloudflare.com

The site is still alive, but when I check the DNS (http://www.intodns.com) I have the following errors:

enter image description here

Pingdom also tells me:

  • Superfluous name server listed at parent: ns1.mijnhostingpartner.nl
  • Superfluous name server listed at parent: ns2.mijnhostingpartner.nl
  • Superfluous name server listed at parent: ns3.mijnhostingpartner.nl 2
  • different serials found. 2 different SOA records found. Could not
  • find reverse address for (4 times)

Could someone please help me? Cloudflare also says that the installation is not correct. Thanks!

Jordy
  • 255
  • 1
  • 3
  • 8

1 Answers1

10

The error messages and the referenced RFC2181 5.4.1 pretty much already tells what's wrong: you are having conflicting NS records in your zone and in the parent zone as "glue" records.

"Glue" above includes any record in a zone file that is not properly part of that zone, including nameserver records of delegated sub- zones (NS records), address records that accompany those NS records (A, AAAA, etc), and any other stray data that might appear.

It is not enough to change the NS records in the zone file, but you should also change them at your domain registrar. Then, they are added in the TLD's zone in order to delegate the control over your sub-zone. Here, example.com. is a sub-zone of com. that is a sub-zone of ., the root.

Why are these "glue" records necessary? They prevent circular references. If you think DNS queries as a conversation between DNS servers, a circular reference could be:

  • Hello, NS of com.! Do you know, what is the name server for example.com.?
  • Sure I do! It's ns1.example.com..
  • Thanks bro! What is the IP address of this ns1.example.com.?
  • I don't know, you should ask from the name server of example.com..
  • Ok, what is the name server for example.com.?

Therefore, the previous level zone must include the IP addresses of the nameservers, too.

Esa Jokinen
  • 43,252
  • 2
  • 75
  • 122
  • Thank you very much. I hope I understand, but do I have to ask my webhost to change them? I can't do that by myself I think because I already changed the NS records? (shared hosting). – Jordy Apr 09 '15 at 19:25
  • Depends on where you bought the domain name. If you had it from the same hosting company, you should ask them to change it. If you manage your domain on your own, which I highly recommend, you go to your registrars management portal and change the name servers there. – Esa Jokinen Apr 09 '15 at 19:26
  • My webhost has his own domainpanel, where I could change the DNS zone. There I already changed the nameservers. They said that just changing the DNS zone was ok, but it still doesn't work... You said that I should change them at my domain registrar too, but what exactly is the difference? If my website is shared hosting, I think it is not possible to change it there too? I don't understand exactly at which two places I need to edit something. – Jordy Apr 09 '15 at 19:36
  • That's probably because you were talking about different things due to semantic differences in your terminologies. If they were talking about DNS records, they were completely right. But you weren't trying to change the DNS records but the whole DNS servers. That cannot be done within the zone itself. – Esa Jokinen Apr 09 '15 at 19:43
  • Well, they said: "you should change the nameservers in your customerpanel under 'Domains'. Then it should work". I did, but it doesn't work. So I think that means they should change the whole DNS server? But it is strange that I never hear people that use Cloudflare with the same problems. Does it mean that my webhost has some strange settings? – Jordy Apr 09 '15 at 19:47
  • If you don't know your registar I can't help you any further without knowing the domain name. CloudFlare's Knowledge Base on the other hand has surprisingly wide documentation on [How to change DNS at your registrar to CloudFlare's nameservers](https://support.cloudflare.com/hc/en-us/sections/200038206-How-to-change-DNS-at-your-registrar-to-CloudFlare-s-nameservers) with all kind of different registrars. – Esa Jokinen Apr 10 '15 at 08:03
  • Your registrar is **Mijndomeinpartner.nl**. You need to contact them instead. – Esa Jokinen Apr 10 '15 at 08:28
  • @EsaJokinen You said 'That's probably because you were talking about different things due to semantic differences in your terminologies. If they were talking about DNS records, they were completely right. But you weren't trying to change the DNS records but the whole DNS servers. That cannot be done within the zone itself.' Can you please clarify your distinction between "DNS records" and "whole DNS servers" in this context? Also can you please clarify why changing the whole dns servers" can't be done within the zone (zone file you mean?) itself? – Howiecamp Dec 28 '16 at 16:29
  • It's already well explained in my original answer – Esa Jokinen Dec 28 '16 at 18:00
  • @EsaJokinen I was trying to be polite. Your answer was accurate but your comment that I quoted was not. Hence my question - to clarify things. The distinction is between NS records in the zone file and glue records in the parent zone. But in your comment you use the term "whole DNS servers" which doesn't mean anything at all - it's incorrect terminology. By "whole DNS servers" I believe you're referring to the glue records in the parent zone. – Howiecamp Dec 30 '16 at 14:34
  • Glue records on DNS system, DNS servers in whoisdb. However, the comment should be handled in the original context; as a reply to the previous comment, assuming the original answer has already been red and understood. – Esa Jokinen Dec 30 '16 at 16:30
  • @Esa My comment stands - "whole DNS servers" doesn't mean anything. Change it to what you actually mean - glue records - and it'll be clear. – Howiecamp Dec 31 '16 at 23:07