We have created a NS record for _domainkey and it does not look to be working

What is the name of the domain?

mountnbeach.com.au

What is the issue you’re encountering

We have created a NS record for _domainkey but it does not look to be working when looking up externally.

What steps have you taken to resolve the issue?

Created the NS record in the portal
There were no existing DKIM records on the _domainkey subdomain.
Waited around 12 hours and checked again from a few different NS lookup websites and it’s still not reflecting.

What feature, service or problem is this related to?

DNS not responding/updating

What are the steps to reproduce the issue?

Create a new record of type NS name “_domainkey” pointing to an external Name Server.

What exactly is not working? What exactly are you looking up?

Note that if you’re delegating the subdomain to an external nameserver, then you’ll need to create the appropriate DNS records at that external nameserver, and Cloudflare will not have a role in that (other than publishing the NS record).

Can you provide your website address so I can take a look? Oops, sorry, I missed your domain. Taking a look now, will reply again shortly :smiley:

We have performed a lookup on the Cloudflare Authority Name Servers for the root zone/domain and that does look to have the record properly reflecting.

It does not seem to be looking up from any external DNS Servers though, we understand that in a new domain Name Servers may take 24-48 hours to reflect, as mentioned we gave it around 12 hours so far and have not seen any change. We expected given this is a subdomain setup and there was no existing records that should of had a TTL, that the record should be working externally by now?

Not sure if it does actually need more time to work itself out or whether it’s not updating properly.

_domainkey is delegated by the NS record you have created, but the nameserver you are delegating to does not resolve…

dig +trace +nodnssec _domainkey.mountnbeach.com.au ns

; <<>> DiG 9.10.6 <<>> +trace +nodnssec _domainkey.mountnbeach.com.au ns
;; global options: +cmd
.			513599	IN	NS	a.root-servers.net.
.....
.			513599	IN	NS	m.root-servers.net.
;; Received 239 bytes from 127.0.2.2#53(127.0.2.2) in 0 ms

au.			172800	IN	NS	a.au.
au.			172800	IN	NS	q.au.
au.			172800	IN	NS	r.au.
au.			172800	IN	NS	s.au.
au.			172800	IN	NS	t.au.
;; Received 358 bytes from 199.7.91.13#53(d.root-servers.net) in 64 ms

mountnbeach.com.au.	3600	IN	NS	nikon.ns.cloudflare.com.
mountnbeach.com.au.	3600	IN	NS	love.ns.cloudflare.com.
;; Received 114 bytes from 2407:6e00:254::1#53(a.au) in 160 ms

_domainkey.mountnbeach.com.au. 300 IN	NS	045r2ml9n59mvonj.hosted-dkim.com.
couldn't get address for '045r2ml9n59mvonj.hosted-dkim.com': not found
dig: couldn't get address for '045r2ml9n59mvonj.hosted-dkim.com': no more

https://cf.sjr.org.uk/tools/check?3df3cfffb3d14256b294389d8682caf5#dns-mail

Thanks sjr!

That pointed us in the right direction, we looked into the hosting setup and found there was an issue with that NS record resolving, didn’t know that would make the NS record itself not publish/propagate, but we fixed the resolution and looks like it has updated, appreciate your help :slight_smile:

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.