If you register a domain with Cloudflare or Route 53, and that service goes down, do your records stay active in the DNS servers? What if the DNS servers go down, I know a lot of people use 8.8.8.8, so if Google’s server goes down, then DNS fails?
What are the potential point of failures for having your own domain?
You must log in or register to comment.
If the DNS server for your Domain goes down the records should still be saved in all the other DNS servers around the world. They will stay the same as they were before you domain’s DNS server wen’t down. While your DNS server is down you won’t be able to change where the Domain points. While your registration server is down you will not be able to transfer or sell your domain.
You should actually be able to transfer and sell - that’s handled at the tld.
Also, there’s a lifetime to that cache, so if it’s down long enough it’ll become unreachable.
I’ve never really understood the whole TTL thing. Will the domain essentially point to nothing if the TTL runs out while the DNS server is down or will it default to older record?
Your domain is “hosted” (in this context, the DNS entries, not the actual content) on one or, ideally, more DNS servers that are known as the authoritative servers for your domain. You can look those up by searching the SOA (start of authority) and NS (nameserver) records for it.
Downstream servers may keep those and other records in cache for a while, usually guided by the TTL (time to live) entry. Once that expires, however, they need to refresh the data from the authoritative servers.
When those are unreachable, that cannot do so, and your domain is de facto unreachable for the internet at large, regardless of your own server actually being up.
You can still reach them by surfing to the actual IP instead, and/or hardcoding the DNS name in your local hosts file or your local DNS server/resolver. That is, of course, not visible to the internet at large.
You could host your own DNS servers to mitigate somewhat, but keep in mind that every level above your domain also needs to know which server is authoritative - my tuxera.be used to be self hosted, so the .be root servers had to know what the SOA for tuxera was.
Honestly, it’s not something to worry about. I didn’t keep up with changes in DNS security, so i switched to route53 (Amazon). I’ve been considering switching again to hetzner.de where i have some servers anyway.
DNS is pretty lightweight (relatively speaking), so it’s probably the last thing to go down if a registrar is in trouble; you’d have plenty of warning signs beforehand.
(Yes, for pedantry, technically a registrar doesn’t even have to offer DNS at all, they just handle ownership and administration at the top level domain, but most do anyway)
There’s a difference between your domain registrar and the authoritative DNS servers for your domain. For example, I register domains with Hover, but host the DNS at AWS. If Hover were to go down, I don’t see how that would have any impact on my DNS. If AWS’s Route53 were to go down, then my DNS is only as good as what’s cached out there on the Internet.
What are the potential point of failures for having your own domain?
Forgot to answer this. My advice would be to pick a good DNS provider.
It doesn’t have to be the company which registered your domain. A good provider will generally have more than authoritative DNS servers, will generally have them in separate top-level domains (e.g., .com, .net, .uk, etc.), and may even be running Anycast, which makes them even more resilient.
