Mobile app version of vmapp.org
Login or Join
Shelley277

: My website's DNS no longer resolved after my hosting provider suffered a DDoS attack I registered a couple of domains with a local hosting provider. I set up the records with the correct IP

@Shelley277

Posted in: #Dns #WebHosting

I registered a couple of domains with a local hosting provider. I set up the records with the correct IP address. My servers are colocated in another data-center, not with this provider.

After filling out the necessary forms, it said:


Your changes will be visible in the next 15 minutes. For the rest of
the world, it can take up to 24 hours. We have no influence on that.


This worked OK, my servers were reachable worldwide after about an hour. So far so good, everything normal, behaving as expected.

But now the strange thing happens: this hosting provider suffered from a DDoS attack. It happened two times in the last three months. The attacks put them offline for about a day, twice.

My websites were unreachable during these attacks. Even a ping, from any computer on any ISP, to my domain names didn't work, returning the message: unknown host. My sites were perfectly reachable if the IP address was used however.

To the best of my knowledge... if some user anywhere in the world wants to connect to my website, they resolve the IP address using their ISP's DNS server. But in this case they couldn't. It appears their DNS server could not provide the correct IP address as long as my hosting provider was down.

Could it be that their DNS server actually has to resolve at my hosting provider to answer the request to resolve?

10.02% popularity Vote Up Vote Down


Login to follow query

More posts by @Shelley277

2 Comments

Sorted by latest first Latest Oldest Best

 

@Pope3001725

If I am understanding this correctly, I believe you have a dedicated server with Company A while you are purchasing domains from a separate company/registrar (Company B).

I am also going to assume that you are not hosting your own DNS service such as: ns1.yourdomain.com and are using the domain registrar's DNS service with nameservers such as: ns1.domainregistrar.com.

Now assuming there is no record caching anywhere, if your DNS service is down for an extended period of time then you domain will stop resolving because there will be no responses to incoming DNS queries.

Users attempting to resolve your site do so with the DNS resolvers from their ISP, this is the client-side of DNS service. The resolvers are sending the DNS queries to your DNS service asking for the translation of a domain name into an IP address.

Now due to the possibilities of circular dependencies, GLUE records get sent along to the DNS resolvers. A perfect example would be domains using the same domain name for the nameservers. For example: example.com having the nameservers: ns1.example.com and ns2.example.com; in order for a computer to resolve example.com, a computer must resolve the nameserver ns1.example.com but since ns1 is contained within example.com, then example.com must be resolved first. This you can see will cause a circular dependency and that's where GLUE records come in.

The GLUE records are address records that provide IP addresses for ns1.example.com. The resolver uses one or more of these IP addresses to query one of the domain's authoritative servers, which allows it to complete the DNS query. Though if the authoritative DNS service is inaccessible, then the domain will still not resolve.

What I would suggest would be hosting your own DNS service - plenty of web server control panels (such as cPanel) are already configured to do so. You also do not need to move your domains from any registrar. Once your DNS Service is setup, all you would have to do is change your domains nameservers to your own.

Depending on your budget you could grab a couple really cheap VPSs in separate GEO locations and run cPanel DNSONLY (completely free) which will allow you to cluster your DNS and have your own fault tolerant DNS service.

PS. Definitely I also recommend using online DNS checks to verify your site's DNS health.

10% popularity Vote Up Vote Down


 

@Pierce454

DNS was likely providing the right IP address, but when someone got to that IP address the server was either overwhelmed with requests for the DDOS or they had taken it down or perhaps they were trying to re-route traffic to another machine more robust or any one of a number of things.

Just because you can't reach a server doesn't mean it is a DNS problem.

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme