Azure DNS not propagating

Question

I forwarded my domain to the Azure DNS nameservers:

ns1-01.azure-dns.com.
ns2-01.azure-dns.net.
ns3-01.azure-dns.org.
ns4-01.azure-dns.info.

That's an NS record on the Azure side. The registrar is ...not entirely important, as far as I know, but it's Ionos.

I have two servers on different sides of the world. One is an Azure VM. The A records used to just point to that VM. I am now trying to redirect some of the records to my new server; e.g. @.mydomain.org, with CNAME www.mydomain.org.

This wasn't my problem. I don't have any inaccurate records. I do not know if it could be this because I'm not sure how to check the routers of the nameservers. The four nameservers above all return the address I want; 1.1.1.1 and 8.8.8.8 return the old IP. It's been 24 hours since I changed these records and the original TTL was 12 hours. I've since set that to ten minutes (600s).

I have never had this happen before with DNS so I don't have the foggiest idea of how to fix it. Any suggestions or advice would be appreciated. Happy to post more information if it is helpful.

What was the value of your zone TTL on the old server? Maybe the old info is still cached ... — JucaPirama, Apr 20 '19 at 23:44
machetessl.org is the base domain, which is pointing to 37.228.129.45, which is a test domain. There's a CNAME web.machetessl.org -> machetessl.org. The other domains I can't really go into. — Chaim Eliyah, Apr 21 '19 at 00:14

score 1 · Accepted Answer · answered Apr 21 '19 at 05:40

1

You probably need to look at your registrar again. A quick whois shows they're still announcing ui-dns servers for the name servers. Changing the NS records is not the same as pointing your domain name to a different set of DNS servers. Most registrars will have an option to either host dns or use a different dns provider.

This guide might be helpful, assuming this wasn't what you followed before.

For reference this is what I see when I run a whois:

$ whois machetessl.org | grep Name 
Domain Name: MACHETESSL.ORG
Name Server: NS1068.UI-DNS.DE 
Name Server: NS1068.UI-DNS.COM 
Name Server: NS1068.UI-DNS.BIZ 
Name Server: NS1068.UI-DNS.ORG

Because these aren't Azure, no matter what you do in Azure won't matter.

answered Apr 21 '19 at 05:40

Jon Angliss

1,782
10
8

Interesting! Yes I did look at their documentation but I will have a look at it again... I suppose on Monday when I can contact them. If it checks out I'll accept your answer! Thanks. – Chaim Eliyah Apr 21 '19 at 05:44
1

whois is not the tool to use to troubleshoot DNS problems in most cases. you should instead query the parent (registry) authoritative nameservers. Or use online troubleshooting tools (that use only DNS) like Zonemaster or DNSviz – Patrick Mevzek Apr 24 '19 at 05:42
Agreed @PatrickMevzek. While whois is not the tool to use to troubleshoot all DNS issues, it does tell us who the authoritative name servers are for a domain. You can get this dig, nslookup, or the websites you mentioned as well. In this case, there are many ways to look into the issue. For the additional idea, I'm giving you a upvote on your comment. Zonemaster does give details on delegation issues (ie the ui-dns.* servers say they are authoritative but the name servers in the record say different servers are). – Jon Angliss Apr 24 '19 at 13:30
1

"it does tell us who the authoritative name servers are for a domain" This information can be wrong, and is better retrieved from the registry authoritative nameservers themselves (the parent zone). While the whois outpout is also under the control of the registry, and comes from the same data, it has not coupled to DNS resolution, and whois output is not necessarily real-time, while DNS is. whois is useful to see the statuses of the domain, like if it has `clientHold` for example. but this is second step, first step is DNS. – Patrick Mevzek Apr 24 '19 at 14:35

Azure DNS not propagating

1 Answers1