This is something where I get confused..
Say I acquired a domain name blabla.ge (ge is for Georgia) and hosting my files with US based hosting company. What are the downsides if any and is there an option to change the DNS server?
Cheers!
Agreed, there is no real downside. The tld is really not that important to basic usage. Yes root servers factor in here but really nothing that will impact your daily activities and you don't really need to worry.
For the nameservers, you can change these to any servers you wish and have access to manage the records. Location isn't important other than basic routing and response time. Nameservers generally should be on diverse networks and diverse locations per Best Practices. I have nameservers available in multiple countries and there's nothing wrong with that. If you are using the nameservers provided by your registrar, you likely have the diversity I mentioned, although they may be located in a single country (which is fine).
I have multiple domains registered with tlds such as .nl, .im, .com.de, etc. Some of these point to US-only nameservers, some use nameservers in multiple countries and a couple use the nameservers provided by my registrar (who I purchased the domain from).
From there, my A records point to servers in diverse locations.. Primarily the US and Netherlands. This set up works great, performance is adequate and there are no major downsides to doing it this way. You can change your nameservers for the .ge domain to use US servers or you can leave them overseas and use A records to point to your server(s) in the US. You can debate which method would be "best" given a situation but neither method is "wrong."
So in short, no major downside to doing this at all. And yes, changing your DNS server (nameserver) is always an option. Hope this helps.
Related
I run a small e-commerce platform, and over the past two years have grown customers.
There's around 100 customers now and their domains point to our server IP by the use of two A records (# and www).
I'm not experienced in this area so I need someone who's knowledgable about setting up major SaaS projects.
The worry I have is, if for whatever reason I change host, wouldn't I lose the IP address? And surely at that point, I may need to ask over 200 customers to change their DNS settings to point to our new server?
A friend said to me about using a CNAME (pointing to a domain I own), but another professional server contact told me that it's not ideal. What further confuses me is this:
If my point remains true (and that an IP isn't able to be owned), then how come Squarespace and a few other major players have an option to instruct their users that they can use an A record to point to their (squarespace/wix..) IP address? Do they know something I don't (do they own an IP?)? What happens if squarespace for whatever reason have to change IP, surely 100,000's+ customers would need to change their IP A records? This seems very impractical and not realistic. It really confuses me.
I'd really appreciate some enlightening in this area, because I need to know sooner rather than later if I dig myself into a hole if I get over 500 customers and for whatever reason I end up having to ask 500 of them to change DNS settings.
Thanks.
I had a disastrous downtime of my website domain after replacing the name servers of my registrar Host Europe by those of a service provider.
Host Europe technical support told me that they immediately delete DNS entries on their name servers if you do so.
Is it possible, that the downtime of my website was because machines still asked the old name servers and they said “don’t know”? (I don’t know much about DNS.)
And is it normal for registrars to act this way?
How does it Google Domains? How Cloudflare Registrar?
And how to avoid the problem? Is a big TLL better or a small one? I think I had set it to 10 Minutes before switching.
Your question is offtopic here as not related to programming so might get deleted, but the following was too long to put in a comment to help you:
Host Europe technical support told me that they immediately delete DNS entries on their name servers if you do so.
This is very bad behaviour. Their nameservers will still get queries for basically the amount of time being the TTL of the NS records at parent.
Is it possible, that the downtime of my website was because machines still asked the old name servers and they said “don’t know”?
Yes this is exactly what happened.
An old provider should never pull the plug immediately. There are a lot of caches in the DNS.
If you can control the TTL values on your records, you can try adjusting them upwards at old provider, before the nameservers change. It may help a little or not at all, and not all DNS providers let people choose TTL freely. Somewhere around 1 week would be a good ballpark here.
And is it normal for registrars to act this way? How does it Google Domains? How Cloudflare Registrar?
Normal as in "unfortunately widespread", probably yes, but can't comment on any specific company. Note also that here the problem is not with the registrar role, but the DNS provider role. Both can be same companies, but are different roles. There are no worldwide DNS organization, where for registrars many of them are ICANN accredited (but they say nothing about this case IIRC), and in all cases are accredited by registries. I can say for sure that at least one registry (AFNIC for .FR) does mandate/require/recommend (not sure of the wording) registrars/DNS providers to keep the old DNS configuration in case of a change. I don't think though that it is checked nor enforced unfortunately.
And how to avoid the problem? Is a big TLL better or a small one? I think I had set it to 10 Minutes before switching.
It does not matter because what comes into play is the TTL (Time To Live) of the NS records at the parent (the registry handling the TLD under which your domain is registered), which you have 0 control over.
Unfortunately there is no real proper counter measure here, your DNS provider needs to do its job properly and not cut down resolution immediately.
A partial solution could be something akin to:
add nameservers without removing current one: note that they need to be listed in the zone, AND you need to change the domain at the registry, otherwise you will be in a lame delegation case (which you can also decide to sustain, but it is bad in general)
after some time (typically again the TTL at parent), you can now remove the old servers (again both in the zone and at parent).
That way even if the old nameservers stop to work immediately for your domain, all resolvers would have time to learn about the new ones, and even if they try to contact old nameservers, and get an error, they may (not guaranteed to always work and of course at least introducing some delays) switch to the new ones. Until again the same TTL passes after second point after which all resolvers will know only about the new nameservers.
Another trick that could work but means you will be in a lame delegation case is the following. It works because a lot of resolvers, including big ones like Google Public DNS are child centric instead of parent centric: you change the zone content to list the new nameservers as NS records, removing old ones and you do NOT do any change at the registry side. This will let some resolvers (but not all) learn about new nameservers and after some time you can do the switch at the registry.
Not sure if I want to just do a kind of brute-force thing, or a dictionary attack (though this would require a Romanised dictionary of every word in the target language), but I want to scan area websites (area meaning in my country) and I don't want to just whitelist everything. Is there a better way to do this?
If you have a legitimate need for a list of all zones in a TLD, contact the registry for that TLD and ask. How willing they will be to help you varies enormously, so without knowing which TLD you're thinking of it's impossible to guess how viable this way is.
If the TLD uses DNSSEC with NSEC, you can walk the zone by following the NSEC chain. This is the best way if you can't get a file to download, and the fact that a zone is using NSEC is implicit permission to do so.
If you can't do either of the above, you're down to guessing. You're also working against the wishes of the registry, so be prepared to have your server get blocked from even talking to the TLD's name servers. There are about 6.26*10^98 possible names directly under each TLD, so you'll need to send quite a few queries.
Also note that "web servers in my country" is not a very well defined concept. Does that mean all sites with domain names in your country's ccTLD? All sites hosted on servers that are physically in your country? Sites intended for people in your country, no matter their domain name or hosting location?
We're developing a client-server game that communicates with our server in real time. During development we directed the client to the server's IP address directly.
Moving forward to release, we'd like to switch the target server IP to a domain name.
I'm looking for feedback whether we should use a sub-domain within our web-site main domain (say: server.mygame.com), or, setup a different domain for the game server (mygame-server.com).
If there is no difference either way I'd love to get feedback on that as well.
Thanks!
This question might be better asked at serverfault.com because it is not strictly related to programming...
Anyway, providing my opinion on your quesion: I'd go for a subdomain of a new game-related main domain.
Here's why: this should give you the most flexability for future changes, assuming the following thoughts:
A new domain especially for that game allows you to promote game information on the www. subdomain.
The game endpoint sits (for example) at api. which points to a different server than any of the websites (improves stability, allows different software for same ports, e.g. web servers).
You can add round-robin DNS load balancing (or any other load-balancing) later. This might be easier if this can be done on a spearate main domain.
You don't have to mess with the main company DNS entries for any game-related settings, improving the stability of both services (as they are separated).
If you might sell the game one day, and a different domain makes it easier to transfer all services and data.
Using a subdomain makes it easier in general because normally the second-level domains (like the A record for example.com) is handled by the DNS servers at a "lower" level in "DNS authority tree" (e.g. at you DNS provider), so it might be more difficult to add special features like load-balancing there.
So these are only some thoughts. Basically it should not matter which way you set up the DNS entries, but if one of the topics above applies (or otherwise sounds reasonable) then you might choose a subdomain on a new domain ;)
I need to determine whether a domain entered by a user is a standard domain e.g example.co.uk or just the TLD e.g co.uk.
Is there a way I can do this e.g. by querying nameservers using nslookup or dig commands?
Just for background, I'm building a tool which works with subdomains e.g. sub.domain.example.co.uk and need to be able to spilt each part of the subdomain into subdomain, domain and TLD parts.
Thanks,
Tom
The "problem" you are trying to solve isn't even well-defined.
There is no way to get this information from DNS itself. DNS makes no distinction between what you call a subdomain, a domain, and a TLD.
Browser makers and other interested parties have apparently not found any solution to this short of building and maintaining a list manually. And even that's an incomplete solution. For example, I know that in Canada you can register a domain as <your-label>.ca, <your-label>.<province>.ca, or <your-label>.<municipality>.<province>.ca, but the current version of Mozilla's list only accounts for the first two possibilities. (Listing all municipalities would be too burdensome anyway).
More importantly, the boundary between what is a "public" domain and a "private" domain isn't a technical one. You're not supposed to be able to register a domain under ac.jp unless you are a university (or similar) in Japan. You're not supposed to be able to register a domain under u-tokyo.ac.jp unless you are a department inside 東大 (or similar). Those two restrictions aren't fundamentally different on a technical level, yet one of those domains is considered "public" and the other one is not. It's a difference of politics/law.
Furthermore, if the public/private domain distinction is being used for security purposes (as it is used for example in web browsers to disallow supercookies), who says that different departments inside one university don't distrust each other just as much as different universities do? There's a well known piece of advice that applies: you shouldn't attempt to solve a political problem with a technical solution.