Hiding In Plain Sight: 24 Hours Of DNS Server Troubles

Some time early on May 31st I received a page telling me that this site was down. This has happened occasionally in the past and was almost always the result to something that I had done. That was not the case this time.

While I could not reach the domain I found that I could reach the server via its IP address. I was able to shell into the VPS and verify its status. It was in fact alive and healthy. By adding a hosts file entry in my desktop PC I was able to provide a local DNS solution, confirming that the server itself was completely happy.

It turns out that the company that handles DNS for this domain, which is not the hosting provider, was hit by what they characterize as a “larger than normal DDOS attack.” They tell me that the attack focused specifically on the DNS servers. They had been working to thwart the attack, and also adding additional servers to help handle the load.

Whatever the case, the site was basically unavailable for one full day. Let’s just consider this yet another chapter in my education with regard to hosting my own site. Over time I’ve grown to be much more diligent about routine backups and installing patches in a timely manner.

This most recent lesson illustrates that it is convenient, but not necessarily wise, to  use the same company as both registrar for a domain and DNS provider. If the had not been able to overcome the trouble I was going to be forced to move the definitive DNS entries for the domain to another provider. That would have brought the site back online, given time for  the new DNS settings to propagate.

I’m still living and learning as I go..and of course, happy to be back online.

P.S. – I remain very happy with  UnmeteredVPS.Net who host my VPS.

6 thoughts on “Hiding In Plain Sight: 24 Hours Of DNS Server Troubles”

        1. As of Jun 11 I’m using the free version of Cloudflare. It seems like a nice CDN and IPv6 solution. it was certainly easy to setup.

  1. I’m not sure I understand the lesson.  I don’t see an inherent risk in using the DNS servers at your registrar vs. any other single provider.  Is the lesson perhaps that one should spread your DNS servers across several providers?

    1. When the registrar is also the authoritative DNS provider you more or less have all your eggs in one basket. They may or may not be willing or able to effect the changes necessary to overcome such a DNS failure. If the registrar were a separate company then I would be able to make the change to the authoritative DNS settings without any interference from the old DNS provider.

Comments are closed.