***DNS Madness***

L

Lorenzo Furno

New member
Joined
Dec 2, 2025
Messages
3
Good morning everyone,
Lorenzo here, nice to meet you.

I am writing to ask for help, if possible, regarding sudden and inexplicable behavior affecting a domain here, which was working until the other day and suddenly lost its DNS configurations. Let me explain.

Previously, the domain was connected directly here, but a few months ago we created a new site on Netlify and, as per the documentation, made the appropriate changes to the DNS here on the dashboard.

The changes in question were:

- A record pointing to Netlify's load balancers (75.2.60.5)
- a www CNAME record pointing to the site on Netlify (xxxxx.netlify.app).

Screenshot 2025-12-02 alle 09.53.54.png


Screenshot 2025-12-02 alle 09.54.22.png



These changes were prepared and implemented months ago to link to an initial version of the site, followed two months ago by another version of the site (working on branches in git, so without touching the DNS here).

Well, yesterday the customer contacted us because the site is no longer accessible, and in fact, if we do a dig, we see that the old DNS responds to the domain in question, adsm.eu, but here on the dashboard, I see the records correctly modified.

Can you help us, please?
Did something happen that we missed? Is there a configuration that has been lost over the months?

Thank you in advance, I hope I've posted in the right place, thank you.
Lorenzo
 
Site is loading but you have SSL certificate error
The certificate was valid from 05/Apr/2025 through 04/Jul/2025.
 
Hi good morning, I see, but the fact is the site has Netlify Let's encrypt service active, so these are incompatible behaviours?
Or have we to modify something here on the dashboard?

Screenshot 2025-12-02 alle 11.58.29.png
 

adsm.eu resolves to 195.201.93.193

Server Type: Apache/2

The hostname (adsm.eu) is correctly listed in the certificate.

This certificate has expired (151 days ago)

certificate_bad_server.png
Common name: adsm.eu
SANs: adsm.eu, www.adsm.eu
Valid from April 5, 2025 to July 4, 2025
Serial Number: 067baef73ec2ec81228c535bc4f5c4bef5c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: R10

The IP on the certificate don't match the Netify load balancers, try to reach ou to their helpdesk
 
Here I am, with Netlify response: as you can read here it appears that the SSL issue is a waterfall effect of the DNS mismatch, and the DNS mismatch is like something to do with NS, do you have any clue on that side?

Here's the answer:

Your case with Netlify Support (474577) has a new response, included below. If you have any follow-up questions or comments, please reply to this email.

Hi Lorenzo,

Thanks for writing in.

I have investigated your domain settings and the DNS propagation status.

The Root Cause: Even though you updated the records in your DirectAdmin panel, my global diagnostics confirm that the public internet still sees the old IP address (195.201.93.193).
Code: 
; <<>> DiG 9.18.28 <<>> [URL='http://adsm.eu/'][COLOR=rgb(17, 85, 204)]adsm.eu[/COLOR][/URL] A
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24168
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;[URL='http://adsm.eu/'][COLOR=rgb(17, 85, 204)]adsm.eu[/COLOR][/URL].                       IN      A

;; ANSWER SECTION:
[URL='http://adsm.eu/'][COLOR=rgb(17, 85, 204)]adsm.eu[/COLOR][/URL].                6879    IN      A       195.201.93.193

This indicates that the specific DirectAdmin panel you are editing is not currently controlling the authoritative DNS for your domain. The changes you make there are saving locally but are not being pushed out to the public nameservers ([URL='http://ns1.serverlet.com/'][COLOR=rgb(17, 85, 204)]ns1.serverlet.com[/COLOR][/URL]).
Code: 
; <<>> DiG 9.18.28 <<>> [URL='http://adsm.eu/'][COLOR=rgb(17, 85, 204)]adsm.eu[/COLOR][/URL] NS
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23768
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;[URL='http://adsm.eu/'][COLOR=rgb(17, 85, 204)]adsm.eu[/COLOR][/URL].                       IN      NS

;; ANSWER SECTION:
[URL='http://adsm.eu/'][COLOR=rgb(17, 85, 204)]adsm.eu[/COLOR][/URL].                86023   IN      NS      [URL='http://ns2.serverlet.com/'][COLOR=rgb(17, 85, 204)]ns2.serverlet.com[/COLOR][/URL].
[URL='http://adsm.eu/'][COLOR=rgb(17, 85, 204)]adsm.eu[/COLOR][/URL].                86023   IN      NS      [URL='http://ns1.serverlet.com/'][COLOR=rgb(17, 85, 204)]ns1.serverlet.com[/COLOR][/URL].
[URL='http://adsm.eu/'][COLOR=rgb(17, 85, 204)]adsm.eu[/COLOR][/URL].                86023   IN      NS      [URL='http://ns3.serverlet.it/'][COLOR=rgb(17, 85, 204)]ns3.serverlet.it[/COLOR][/URL]

Regarding the SSL Error: The error DirectAdmin support mentioned confirms this. Netlify cannot generate an SSL certificate for your site because the domain is not pointing to us yet. Once the DNS is fixed, the SSL will generate automatically.

Upon checking, it appears that the DNS is not configured correctly. There are two methods to point your domain to Netlify where you can choose from:
  • External DNS Method
    • To use this method, you'll need to remove existing A and CNAME Records then create the following two DNS records at your domain registrar:
TypeNameValue
A@75.2.60.5
CNAMEwww[your_site_name].netlify.app (eg. website-ad-store.netlify.app)


Note: If your DNS provider allows adding ALIAS , ANAME , or flattened CNAME records, you’ll want to use one of those instead of an A record and point the record to [I][URL='http://apex-loadbalancer.netlify.com/'][COLOR=rgb(17, 85, 204)]apex-loadbalancer.netlify.com[/COLOR][/URL][/I]. If your provider does not allow these types of records, you can use an A record pointed to [I]75.2.60.5[/I] as shown above.

  • Netlify DNS Method
    • To use Netlify's DNS, switch your domain’s name servers to those provided by Netlify. Here’s how you can do that
      • In the Netlify UI, go to Domain ManagementProduction Domains.
      • Click the Options button next to your custom domain and select Set up Netlify DNS.
      • Complete steps to activate Netlify DNS and copy the four Netlify Name Servers provided.
      • Go to your domain host/registrar’s dashboard and update the name servers to match the Name Servers you copied from Netlify.
You can check this Support Guide to help you with the DNS Configuration.

Once you have chosen which method to use and completed these steps, everything should be set up! Please note that DNS changes may take up to 24-48 hours to fully propagate globally. You can track your progress using this tool and check this Support Guide for more information on why DNS/SSL changes can take this long.


If you need any further assistance, feel free to share more details and I’d be happy to assist further.

Regards,
Victor | Netlify
Click to expand...

Hope there are few hints to investigate, thanks in advance,
Lorenzo
 
in note shell, your DNS is controlled by other system than your DA panel, you have to make the changes THERE
But I see its fixed, please mark as solved this thread
 
You must log in or register to reply here.
Back
Top