DNS Issues after changing host IP

[modem]

I'll try to keep this brief, but appreciate any insight anyone can give.

Back last month, my colocation hosting co required I change my IP address on my single DA server as they were streamlining their IPv4 network. While this was successful on the server, I have ran into some DNS related issues after the fact. This whole IP change occurred on Feb 26th, over a week ago.

I'm noticing that one of my domain names hosted on my DA server doesn't simply respond to any queries on MXToolbox, with MXToolbox stating "Not able to get a response from name servers within timeframe."

Here's where it gets weird.

I have two domains, both have name servers that point back to my DA host. Both domains have their DNS managed on my DA host. Both domains reference the same name servers, have nearly identical records setup. Domain.NET is located on the registrar ENOM.net while Domain.COM is located at GoDaddy. Both domains have the nameservers of NS3.Domain-DNS.com and NS4.Domain-DNS.com.

My name servers (NS3 & NS4) are on a domain that I own (domain-DNS.com) parked on a registrar that uses the registrar's name servers. The DNS records on that registrar have A records for NS1, NS2, NS3, and N4 that point back to my colocation server IP. This setup has worked for 15+ years, though I'm not a DNS expert and am sure it has flaws.

Anyway, using MXToolbox to do a DNS Lookup on Domain.NET is successful showing the correct A record with domain name and IP address. Domain.COM fails the DNS Lookup stating No Valid NameServers Responded.

When looking at DNSViz.net, I get errors on Domain.COM as it references the name servers with my old IP address (prior to Feb 26th). But the very same name server for Domain.NET shows the new and correct IP.

Any ideas on what is going on? This was discovered when running into an issue when renewing a certificate on a virtual machine that has a cname of RMM.Domain.COM with the virtual machine stating unable to resolve DNS. Is GoDaddy having an issue with caching data for my name servers from the old IP while Enom has updated it's cache??

 

[Richard G]

I get errors on Domain.COM as it references the name servers with my old IP address

Well there you go. For some reason this is not changed. If on the Godaddy page the nameservers have the new ip's, then something went wrong with updating because that can not take that long. Must be changed in 24-48 hours, not a week.

I presume all ip's on DA are changed the correct way to SAO record values are also updated.
I think you have to check in every place where domain.com is setup with records, have the correct ip's. And if that is the case and still no valid nameservers are responding, that is not a DA issue. In that case you have to contact the appropriate party to check and kick the nameservers. So if I understand your setup correctly that would be Godaddy.

Another option might be (would cost some time) to change the ip at Godaddy back to the old ip, wait an hour, then change it again to the new ip and hope this time the update takes place. I would prefer to contact the responsible party though.

 

[modem]

Well there you go. For some reason this is not changed. If on the Godaddy page the nameservers have the new ip's, then something went wrong with updating because that can not take that long. Must be changed in 24-48 hours, not a week.

I presume all ip's on DA are changed the correct way to SAO record values are also updated.
I think you have to check in every place where domain.com is setup with records, have the correct ip's. And if that is the case and still no valid nameservers are responding, that is not a DA issue. In that case you have to contact the appropriate party to check and kick the nameservers. So if I understand your setup correctly that would be Godaddy.

Another option might be (would cost some time) to change the ip at Godaddy back to the old ip, wait an hour, then change it again to the new ip and hope this time the update takes place. I would prefer to contact the responsible party though.

Doing some testing this morning, it appears all DNS root level servers are still showing the old IP bound to the name servers for that domain. I ran the following:

dig +short com. NS

Then tested the following:

dig +norec @a.gtld-servers.net DOMAIN.COM. NS (tested servers a.gtld through m.gtld - all returned the same results)

The results showed the Authority Section of:
domain.com. 172800 IN NS ns3.<mydns server>.com.

It also had an Additional Section that showed:

ns3.<mydns server>.com 172800 IN A 50.21.187.xxx (old IP)

I then tested:
dig +norec @a.gtld-servers.net DOMAIN.NET. NS

This showed the same Authority section as above which is correct. But it did not have any "Additional Section" which was referencing the old IP.

I guess I'm not sure where the "Additional Section" in the dig results is being pulled from....

 

[Richard G]

I guess I'm not sure where the "Additional Section" in the dig results is being pulled from....

I don't know either and probably not that important.

The important thing is this:

it appears all DNS root level servers are still showing the old IP bound to the name servers for that domain

So this means the ip is not updated. Then it's rather simple. Who is the registrar for domain.com and check if correct ip is stated in there. If not, change it and update.
If yes, contact them that they should give their nameserver a kick and complaint that the ip's are not updated while changed in their panel.

 

[Ohm J]

Please ensure all nameserver (ns1 ns2 ns3 ) pointer to new server.
if these 3 records still in the old server, that's meant something wrong that must solves in domain registrar who's managing dns records (ns1 ns2 ns3 ... ).

 

[Richard G]

Yes that's what I said already.

 

[modem]

I don't know either and probably not that important.

The important thing is this:

So this means the ip is not updated. Then it's rather simple. Who is the registrar for domain.com and check if correct ip is stated in there. If not, change it and update.
If yes, contact them that they should give their nameserver a kick and complaint that the ip's are not updated while changed in their panel.

Considering that domain.COM (on GoDaddy) is pointed to ns3 and ns4, and that my DA server has all the DNS records in place. I went to the registrar where the nameserver is hosted (Enom) and I correctly have A records in place for NS2, NS3, NS4 pointing to my server with the correct (new) IP.

I did create new A records of NS5, NS6, & NS7 and am waiting for those to propagate so that GoDaddy will allow those to be used instead. Maybe GoDaddy needs a swift kick in the NS pants. I figured creating new NS5-7 A records on that registrar pointing to the correct IP may resolve it. Or hopefully give more clarity into what is going on.

 

[modem]

I wanted to let everyone know I found a solution. While this wasn't a specific DA item, it's always great to bounce ideas off of everyone in this group, so always, thanks to a great group of DA users in here!

SOLUTION: Talk about feeling a bit dumb now, but I hadn't done this in over a decade. But on ENOM where I park my domain that manages my NameServers. While I had created new NS3 & NS4 A records which did have my new IP address, ENOM requires name servers be registered. Thus I could ping NS3 & NS4 and the correct IP would show in response. But dig would show the old IP.

In case anyone ever wonders how this is done, log into ENOM. At the top menu select Domains > Advanced Tools > Register a Name Server. In there enter the existing name server FQDN, the old and new IP's. Change took less than 10 min.

Being the last time I did that was back in 2010, I stumbled across another Reddit article that mentioned it and a dull dull light bulb started to appear in my head.

Anyway, all fixed.

 

[Richard G]

LoL, I had put in a little piece that our registrar had seperate settings for when people use their own nameservers and that is not done via A records, but I've removed the text again because I thought you looked there. LoL.

Anyway, glad to see you found and fixed it.