Delegating Nameservers for Subdomains Outside of Cloudflare


#1

I have followed the instructions in the most recent Support article about delegating DNS:

https://support.cloudflare.com/hc/en-us/articles/360021357131-Delegating-Subdomains-Outside-of-Cloudflare

but so far the entries I made are not working.

I need to delegate Nameservers for the subdomain “News” to ns1.nevermindthedns.com and ns2.nevermindthedns.com and have added NS records for the subdomain for each name server to the zone file as per the instructions. There are no other DNS entries for the subdomain “news” although there are plenty of entries for the root domain and www as they are using Office 365 and Mandrill.

If I do a dig lookup on the subdomain using Kloth http://www.kloth.net/services/dig.php and specify Cloudflare’s nameserver brett.ns.cloudflare.com it shows the correctly delegated new nameservers as the authority ones, but if I do the lookup elsewhere eg on google’s nameserver 8.8.8.8 it shows no NS records existing.

Is this a propagation issue and all I need to do is wait, or have I made a mistake and should be doing the delegation differently eg by using this method Main domain with CloudFlare, delegate sub domain to another DNS server


#2
$ dig @8.8.8.8 ns nevermindthedns.com 

; <<>> DiG 9.13.5 <<>> @8.8.8.8 ns nevermindthedns.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22814
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;nevermindthedns.com.           IN      NS

;; ANSWER SECTION:
nevermindthedns.com.    21599   IN      NS      ns2.nevermindthedns.com.
nevermindthedns.com.    21599   IN      NS      ns1.nevermindthedns.com.

;; Query time: 79 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jan 21 20:20:31 IST 2019
;; MSG SIZE  rcvd: 84

Your domain does not point at Cloudflare at all. How can changes in Cloudflare’s DNS affect it?

Assuming nevermindthedns.com is at all your domain. If it’s not, I think you forgot to mention what it is, so there’s nothing we can check.


#3

hi Shimi - I apologise for not explaining this properly.

We are a web agency. The domain we are concerned with is glenmorelogdge.org.uk and the subdomain is news.glenmorelodge.org.uk. Our client owns the domain and we have control of the Nameservers. The delegated nameservers belong to a company called Campaignmaster that carry out newsletter campaigns and these nameservers are nothing to do with us or our client

We changed the domain glenmorelodge.org.uk over to Cloudflare’s DNS this morning and are using dahlia.ns.cloudflare.com and brett.ns.cloudflare.com as the nameservers.

If I do a dig on these nameservers I get the results below, which are correct:

; <<>> DiG 9 <<>> @dahlia.ns.cloudflare.com news.glenmorelodge.org.uk A

; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56789
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;news.glenmorelodge.org.uk. IN A

;; AUTHORITY SECTION:
news.glenmorelodge.org.uk. 300 IN NS ns2.nevermindthedns.com.
news.glenmorelodge.org.uk. 300 IN NS ns1.nevermindthedns.com.

;; Query time: 6 msec
;; SERVER: 2400:cb00:2049:1::adf5:3a59#53(2400:cb00:2049:1::adf5:3a59)
;; WHEN: Mon Jan 21 19:48:09 2019
;; MSG SIZE rcvd: 98

Problem is that if I try using any other nameservers or localhost to look up it does not show the news subdomain as being delegated to ns1.nevermindthedns.com.

So have I set all this up on Cloudflare properly and it is just a propagation issue?

Robert


#4

Well, I get a SERVFAIL, but maybe this is related to the fact that ns1/ns2.nevermindthedns.com themselves return a SERVFAIL when trying to lookup the domain on those servers (which you delegate to)? Maybe fix the target nameservers first?


#5

Google DNS 8.8.8.8 still not showing any results for news.glenmorelodge.org.uk, the only nameservers that give results are Cloudflare’s eg dahlia.ns.cloudflare.com, is this a propagation problem?

Can you confirm everything is set up correctly on Cloudflare DNS please?

I take your point about the domain not being set up on ns1/2nevermindthedns.com and will take this up with Campaignmaster.

Robert


#6

My dig against Cloudflare looks like yours, no surprises here.

I don’t know how 8.8.8.8 shows domains where the end DNS server returns an error. As I mentioned, this might be an issue… that’s why I’ld rather have it work before we assume things are broken.

After all, 8.8.8.8 explicitly says SERVFAIL, just like ns1/2nevermindthedns.com, and not an NXDOMAIN.


#7

Please correct if I am wrong, you want to delegate the domain news.glenmorelodge.org.uk to the nevermindthedns nameservers, is this correct?

If that is the case it appears as if your Cloudflare setup is functioning and news is properly handled by the specified nameservers, however these nameservers themselves are not responsive. They do not respond to DNS queries or even simple pings but simply appear offline.

For clarification, we are talking about the two servers at 91.206.118.251 and 91.206.118.252, correct?


#8

If, on the other hand, you want news itself to return an IP address (which your dig suggests) you’d need to specify an A record for it too. Right now it only lists the two NS records pointing to aforementioned unresponsive servers.


#9

Hi Sandro

Yes we want to delegate the domain news.glenmorelodge.org.uk to the nevermindthedns nameservers

Yes those IP addresses are correct


#10

In this case you need to make sure they are up and running. Once they are, and assuming they are properly configured, your setup should work and any host beneath the news domain should properly resolve.


#11

All seems to be running fine now, I think your explanation that the delegated nameservers were unresponsive was the cause of the issues was correct. Thank you for your assistance


closed #12

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.