I’ve been working out a tolerable dynamic DNS solution for myself lately. After much effort, I’ve settled on running my own bind server (I last did this like 12 years ago, hah). I’ve written simple scripts that handle it for me and they work fine. However, I found for many of my domains hosted by GoDaddy, I couldn’t get it to use my new nameservers. Godaddy would let me switch my nameservers, but then they’d revert to their previous settings and I’d get an email containing the helpful message:
Error: Authorization error; 6007
After about a 45min phone call, followed by about another 45mins in their chat system, I now know what that means, at least, in my case. The thing I’m “doing wrong” is that I must give two DNS servers. I don’t actually care or need to do this, so I just gave the same one server with different alias hostnames. This was fine for .com domains. But my .ca domains wouldn’t do it. Turns out .ca’s operator actually checks the nameserver’s IP addresses and if they’re not different, the change is rejected. I would assuming GoDaddy’s 6007 message code is generic for a failure/rejection of the upstream registrar to accept a nameserver change request.
So in my case I’ll have to find another IP address for my “second” DNS server. I suppose I’ll simply install bind and replicate (or something) my records to it using a little raspberry pi I have at my parent’s place.
I’ve since setup two additional dns servers to use authoritatively with my .ca domains and yet the problem remains. A subsequent support call to Godaddy has directed me to this document with CIRA’s nameserver requirements: https://ca.godaddy.com/help/about-ca-domains-4663?v=1
The pain continues. I’ve had many different conversations with GoDaddy which haven’t entirely gone anywhere. The best I’ve found thus far is they have a bit of a buried interface that seems to be specific to making “glue” DNS records (instructions here). This will let you define records for your domain that map only to IPs (I like CNAMES). This isn’t really a solution for my situation as I want to use nameservers from another domain (and that domain uses dynamically mapped names for the nameservers, since it’s a collection of machines on regular residential connections).
As I try to figure it out with GoDaddy, I’ve opened this discussion forum thread. Also, I decided to try another registrar (easydns). Their support seems a lot easier to reach and they seem a lot closer to helping me find the actual issue, however overall, no real extra traction there. Sigh. More to come….
I’ve had a few more conversations with godaddy and no real progress. I wager none of their customers do much outside of the default DNS hosting. So, I bet GD’s support isn’t well-equipped to handle off-roading.
I decided to setup a new domain under the .info TLD and use it for resolution to my nameservers (which I updated all my authoritative records to match too). I found this caused a different error message in the GoDaddy interface. When I tried to save the nameserver settings in godaddy each given nameservers’ line went red and was called “Unavailable“. The form returned an overall error message of “The data provided cannot be used, please correct it and resubmit your request.“, as per below:
While Godaddy’s UI rejects my .info records, I’ve found that easydns’ interface actually accepts them.
Conclusion (as of 2017-04-22)
I think I’ve experienced two problems here.
CIRA likes .ca nameservers defined as glue records
The main issue is that the .ca TLD operator (CIRA) has some strict requirements with particular respect to using other .ca domains to provide authoritative service for other .ca domains. Glue records are the prescribed solution. This is a garbage solution in my view, because glue records cannot be dynamically updated. CIRA would probably tell you that if you can’t afford 2+ static IPs, then you have no business hosting your own DNS. I think such an explanation is more likely just declaring some unexpected behaviour/limitation in a system as a “feature”. And as a requirement, actual static IPs would be fine for basically everyone out there running DNS. But I’m a cheap
fuck geek with resources and skills. So I go against the grain. My .ca domains run great using my own privately operated dns servers. Not under my original .ca domain I used, but under my new .info one, this glue requirement is not a fundamental requirement of DNS. So, one take-away is don’t bother hosting your own authoritative dns servers under a .ca hostname, unless you don’t mind using static glue records.
GoDaddy’s Nameservers UI is too smart for your own good(?)
I’m sure overall Godaddy’s custom nameserver gui is more-or-less fine for basically all their customers. But it immediately rejects my nameservers when hosted under .info. Godaddy’s first tier support is not equipped to help navigate this. I’ve talked with them over about 3 weeks over the phone, online chat and through email. I’ve been directed to their glue record interface several times; they don’t even really understand me when I tell them what I’m doing. I don’t blame them though, it’s probably well outside of their typical use case.
Overall, I don’t mind switching to a sort of more expensive registrar. I’m tired of sales calls and bait & switch deals. This stuff is common in business, but I severely care not for it. I never buy any of the extras either. My first and oldest domain has been with easydns and while they’re not the cheapest, they seem straight-forward, lean and knowledgable. And they’ve never called me. Damn straight. I’ve been moving my stuff their way and so far it feels like an improvement.
The real goal with all this crap was to simply get “cheap” dynamic dns support for my multiple domains. I have a fairly decent infrastructure and skills, so it just felt stupid to pay for this service. My IPs rarely change, but it’s enough to cause occasional embarrassment and I will no longer tolerate it. EasyDNS does offer a very easy to use dynamic dns service which works great, but it does cost. Interestingly, my .info domain I mention above I registered with zoneedit, who’s actually owned by easydns. I was able to setup dynamic dns service with zoneedit for half of what it costs at easydns. Funny since it’s now the same company and the UI’s are basically identical.