I recently purchased a domain, kash[dot]fun and onboarded to Cloudflare for DNS management (I have a few domains on). It has been more than 48 hours since I updated the nameservers to Cloudflare’s but it doesn’t seem to be propagating. Some resolvers reflect the nameservers, others don’t reflect any NS records. See: https://www.digwebinterface.com/?hostnames=kash.fun&type=NS&useresolver=8.8.4.4&ns=all&nameservers=
I reached out to my registrar’s support for assistance and they have advised that the registry shows those servers, the DNS servers have been applied and associated to my domain properly from them but the DNS zone in Cloudflare is not propagating. See: https://lookup.icann.org/en/lookup (lookup kash[dot]fun).
Has anyone had this experience? What can I do to fix this?
And your registrar did not point out the DNSSEC issue?
Your domain currently has an invalid DNSSEC setup. You either need to disable that at your registrar or provide the values indicated by Cloudflare.
You also need to fix your encryption mode on Cloudflare and set that to Full Strict, as you currently have an insecure legacy mode set, which will keep your site insecure.
If you already disabled it, you best reach out to your registrar, as that is still enabled.
As for anything else, if the IP address you have currently configured is your actual server, you should also contact your webhost to get that secured as well, as you do not have a valid certificate.
All right, then of course there is no server certificate to fix. However, I would adjust the IP addresses to avoid any origin issues here. Just follow Redirecting One Domain to Another
To summarise
Contact the registrar to clarify DNSSEC and either deactivate it or update the value
Thank you for the solution, @sandro. My registrar found the records in their backend (not reflected on the frontend) and deleted it after I had requested them to investigate.
The issue is now resolved and the DNS records are now fully propagated. I have it working as expected now.
