[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[public-dns-discuss] Re: No results reported for wdrv.it, works everywhere else

I'm not seeing any issues resolving that domain from Google Public DNS right now. Were there DNSSEC issues that have been resolved already?

https://zonalizer.makeinstall.se/?yMwUgmUdQkSaZ1m-bmeg4g indicates that this domain is served only from AS12008 (Neustar) – it is possible that there were routing issues between Google's AS 15169 and AS12008 that caused this domain to be unavailable on Google Public DNS.

If you require the highest level of availability in the face of routing problems or provider outages (like the one in November 2016) for a domain, its DNS zones should have at least two different nameservers running in each of at least two different Autonomous System (AS) routing zones (https://tools.ietf.org/html/rfc1537#section-6). Your DNS provider, Neustar, has a slick PDF whitepaper describing why it is important to have multiple independent DNS providers (sadly, it provides no details about how, if at all, Neustar supports standard AXFR/IXFR primary/secondary DNS hosting configurations). 

Even if Neustar's UltraDNS does not support AXFR/IXFR standard DNS primary/secondary (or it is not feasible for you because you are using non-standard DNS record types like ALIAS/ANAME, GeoIP features, or global DNS-based load balancing), you can use the alternative "multiple master" or "split authority" configuration, where you have two (or more) independent DNS services that are kept in synchronization from another source. Neustar's UltraDNS is supported by tools like Denominator and Terraform that can help you manage such a split authority configuration.

There are several DNS-specific tools to synchronize multiple DNS services, from Netflix’s DenominatorStackExchange’s DNSControl, and GitHub’s OctoDNS to Men & Mice’s commercial xDNS. You can also use HashiCorp’s Terraform to manage multiple DNS providers as well as many other cloud resources.

All of these support many different DNS providers and DNS name server software such as BIND. The support for specific record types and features varies by provider (and tool). DNSControl has a useful feature matrix showing support for specific features.

The following list of DNS providers and software shows the support by different tools as of November 2017,

Terraform can use RFC 2136 DNS Update to make changes to existing zones, but not to provision entirely new ones.

If you need support for another DNS provider, there are GitHub repositories for all the open source tools. Denominator is written in Java, OctoDNS is written in Python, and DNSControl and Terraformare written in Go.

You received this message because you are subscribed to the Google
Groups "public-dns-discuss" group.
To post to this group, send email to public-dns-discuss AT googlegroups.com
To unsubscribe from this group, send email to
public-dns-discuss+unsubscribe AT googlegroups.com
For more options, visit this group at
For more information on Google Public DNS, please visit
You received this message because you are subscribed to the Google Groups "public-dns-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to public-dns-discuss+unsubscribe AT googlegroups.com.
For more options, visit https://groups.google.com/d/optout.