Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsIT Pro and developers.NZ DNSSEC problem
MichaelNZ

1354 posts

Uber Geek

Trusted
Integrity Tech Solutions

#201496 21-Aug-2016 13:07
Send private message

Yesterday I reported an issue to my registrar about DNSSEC records not deleting (I did a key rollover) and also being deleted when Whois information is updated. The response this morning was they have identified an issue at the registry and are working through it with NZRS. I don't have any more details but for obvious reasons I recommend anyone using DNSSEC to check the updates in the Whois until this has been solved, lest your domain become unavailable.




WFH Linux Systems and Networks Engineer in the Internet industry | Specialising in Mikrotik | APNIC member | Open to job offers

Create new topic
freitasm
BDFL - Memuneh
79130 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #1615081 21-Aug-2016 13:10
Send private message

If I understand correctly this would affect all NZ registrars since it's a NZRS problem?

 

Also, does it affect the domain only if you make specific changes (e.g,. contact) or any change (such as renewal)? Is there a pattern?




Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup

 
 
 
 

Shop now on Mighty Ape (affiliate link).
MichaelNZ

1354 posts

Uber Geek

Trusted
Integrity Tech Solutions

  #1615082 21-Aug-2016 13:14
Send private message

freitasm:

 

If I understand correctly this would affect all NZ registrars since it's a NZRS problem?

 

Also, does it affect the domain only if you make specific changes (e.g,. contact) or any change (such as renewal)? Is there a pattern?

 

 

 

 

1. I assume so. I was advised there is an issue at the registry. That's all I know.

 

2. It manifests in 2 ways: a. DNSSEC DS records can be added but not removed. b. Updating Whois contact information results in the existing DS records being removed.

 

I have no idea if the symptoms are specific to the registrar involved... or whatever... all I know is there is a problem and I advise people using DNSSEC to avoid updates or at minimum to confirm them until this matter is resolved and/or we have further information.




WFH Linux Systems and Networks Engineer in the Internet industry | Specialising in Mikrotik | APNIC member | Open to job offers

michaelmurfy
meow
13214 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #1615083 21-Aug-2016 13:22
Send private message

I've pinged @metaname for a quick comment if there was a problem with NZRS. This could be quite bad for people (like me) who run DNSSEC on multiple domains.




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.



MichaelNZ

1354 posts

Uber Geek

Trusted
Integrity Tech Solutions

  #1615084 21-Aug-2016 13:24
Send private message

michaelmurfy:

 

I've pinged @metaname for a quick comment if there was a problem with NZRS. This could be quite bad for people (like me) who run DNSSEC on multiple domains.

 

 

I don't think it's a biggie as long as people don't change anything until it's fixed and/or we know what is happening.




WFH Linux Systems and Networks Engineer in the Internet industry | Specialising in Mikrotik | APNIC member | Open to job offers

freitasm
BDFL - Memuneh
79130 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #1615087 21-Aug-2016 13:31
Send private message

I have DNSSEC in all my .NZ domains with Metaname and have DNSSEC on any domain I can with GoDaddy. I don't change stuff on the domains but I worry about renewals pretty much.




Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup

michaelmurfy
meow
13214 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #1615107 21-Aug-2016 14:24
Send private message

Just had a response from Metaname saying there is no current issues with the NZRS:

we've never seen an issue like this, the last time that any changes were rolled to the NZSRS was in January and that the same request of the registry API is used to manage both contact details ("Whois information") and to publish or take-down DS records.


Edit: Just noted if this is a new issue they likely have not seen it. I've been unable to replicate the issue on Metaname with one of my domains.




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

MichaelNZ

1354 posts

Uber Geek

Trusted
Integrity Tech Solutions

  #1615109 21-Aug-2016 14:31
Send private message

we've never seen an
issue like this, the last time that any changes were rolled to the
NZSRS was in January and that the same request of the
registry API is used to manage both contact details ("Whois
information") and to publish or take-down DS records.


 

One thing I know in this industry is never assume things work the way you want them to and/or how they should. An official response from NZRS would be preferable but statements saying "we haven't seen this before [implied - so it can't happen]" don't add much.




WFH Linux Systems and Networks Engineer in the Internet industry | Specialising in Mikrotik | APNIC member | Open to job offers



freitasm
BDFL - Memuneh
79130 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #1615111 21-Aug-2016 14:33
Send private message

Saw this yesterday and it's all true:

 

 

This didn't work as expected.

 

This didn't work, as expected.

 




Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup

Create new topic





News and reviews »

Bolt Launches in New Zealand
Posted 11-Jun-2025 00:00

Suunto Run Review
Posted 10-Jun-2025 10:44

Freeview Satellite TV Brings HD Viewing to More New Zealanders
Posted 5-Jun-2025 11:50

HP OmniBook Ultra Flip 14-inch Review
Posted 3-Jun-2025 14:40

Flip Phones Are Back as HMD Reimagines an Iconic Style
Posted 30-May-2025 17:06

Hundreds of School Students Receive Laptops Through Spark Partnership With Quadrent's Green Lease
Posted 30-May-2025 16:57

AI Report Reveals Trust Is Key to Unlocking Its Potential in Aotearoa
Posted 30-May-2025 16:55

Galaxy Tab S10 FE Series Brings Intelligent Experiences to the Forefront with Premium, Versatile Design
Posted 30-May-2025 16:14

New OPPO Watch X2 Launches in New Zealand
Posted 29-May-2025 16:08

Synology Premiers a New Lineup of Advanced Data Management Solutions
Posted 29-May-2025 16:04

Dyson Launches Its Slimmest Vaccum Cleaner PencilVac
Posted 29-May-2025 15:50

OPPO Reno13 Pro 5G Review 
Posted 29-May-2025 15:33

Logitech Introduces New G522 Gaming Headset
Posted 21-May-2025 19:01

LG Announces New Ultragear OLED Range for 2025
Posted 20-May-2025 16:35

Sandisk Raises the Bar With WD_BLACK SN8100 NVME SSD
Posted 20-May-2025 16:29








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







Backblaze unlimited backup



RSS feeds
Main feed
Forums feed
Copyright
©2002-2025 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Affiliate links
Samsung
AliExpress
Wise
Sharesies
Hatch
GoodSync
Backblaze backup
Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright