Why you should use a reputable DNS registrar

Posted by

I've had a bit of a crazy weekend this weekend. It all started while I was checking out some of my websites and I discovered their DNS was not resolving! That's always scary, and after a few minutes I realised that the DNS servers were unreachable from some (but not all) networks. For example, this was a traceroute to one of the DNS servers from my home computer:

$ traceroute 103.30.213.5
traceroute to 103.30.213.5 (103.30.213.5), 30 hops max, 60 byte packets
 1  home.gateway.home.gateway (192.168.1.254)  0.745 ms  1.041 ms  1.334 ms
 2  lns20.syd7.on.ii.net (150.101.199.219)  18.276 ms  19.705 ms  20.402 ms
 3  te3-1-120.cor2.syd6.on.ii.net (150.101.199.241)  22.902 ms  23.762 ms  24.736 ms
 4  ae5.br1.syd7.on.ii.net (150.101.33.50)  138.154 ms  139.785 ms ae0.cr1.syd4.on.ii.net (150.101.33.16)  29.454 ms
 5  ae5.br1.syd4.on.ii.net (150.101.33.48)  30.446 ms ae0.br1.syd4.on.ii.net (150.101.33.14)  36.895 ms ae5.br1.syd4.on.ii.net (150.101.33.48)  37.306 ms
 6  te0-2-0.bdr1.hkg2.on.ii.net (150.101.33.199)  145.732 ms  139.403 ms  140.845 ms
 7  hostvirtual-RGE.hkix.net (202.40.160.179)  159.664 ms  132.746 ms  133.402 ms
 8  vhk.vr.org (208.111.42.5)  134.369 ms  135.393 ms  136.574 ms
 9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
. . .

It was getting stuck at vhk.vr.org, which seems to be some transit provider or other. But from other networks it was OK, here's the traceroute from my Google Compute Engine instance:

$ traceroute 103.30.213.5
traceroute to 103.30.213.5 (103.30.213.5), 30 hops max, 60 byte packets
 1  216.239.46.192 (216.239.46.192)  1.168 ms 216.239.43.216 (216.239.43.216)  1.429 ms 216.239.46.192 (216.239.46.192)  1.105 ms
 2  216.239.46.192 (216.239.46.192)  1.383 ms  1.072 ms 216.239.43.218 (216.239.43.218)  1.335 ms
 3  216.239.46.190 (216.239.46.190)  1.477 ms 216.239.43.218 (216.239.43.218)  1.367 ms 216.239.46.192 (216.239.46.192)  1.287 ms
 4  216.239.43.216 (216.239.43.216)  1.656 ms 216.239.46.190 (216.239.46.190)  1.434 ms 216.239.43.218 (216.239.43.218)  1.914 ms
 5  216.239.43.216 (216.239.43.216)  1.910 ms  1.886 ms  1.868 ms
 6  216.239.43.218 (216.239.43.218)  1.841 ms  1.257 ms 216.239.46.190 (216.239.46.190)  1.470 ms
 7  216.239.46.192 (216.239.46.192)  1.196 ms 216.239.43.218 (216.239.43.218)  1.289 ms 216.239.43.216 (216.239.43.216)  1.496 ms
 8  216.239.43.218 (216.239.43.218)  1.643 ms 216.239.43.216 (216.239.43.216)  1.457 ms 216.239.43.218 (216.239.43.218)  1.586 ms
 9  209.85.248.215 (209.85.248.215)  11.936 ms 72.14.232.140 (72.14.232.140)  11.761 ms 209.85.248.229 (209.85.248.229)  14.151 ms
10  209.85.254.239 (209.85.254.239)  15.746 ms 72.14.237.132 (72.14.237.132)  11.702 ms 72.14.237.131 (72.14.237.131)  14.216 ms
11  209.85.255.133 (209.85.255.133)  14.355 ms 209.85.255.27 (209.85.255.27)  14.187 ms  13.759 ms
12  * * *
13  db-transit.Gi9-12.br01.rst01.pccwbtn.net (63.218.125.26)  39.572 ms  37.646 ms  39.849 ms
14  viad-vc.as36236.net (209.177.157.8)  39.499 ms  37.372 ms  39.243 ms
15  pdns1.terrificdns.com (103.30.213.5)  40.454 ms  39.940 ms  41.335 ms

So that seems kind of scary! I quickly composed an email to the support address with what I'd seen. An hour later and no response. At this point I was worried, because I had no idea how many people were unable to contact my websites. I tried logging in to the management console, but that was also a no-go: the DNS for the management console was hosted on the same DNS servers that were not responding! I managed to log in by hard-coding the IP address (which I got from my GCE server that was able to connect to the DNS servers) in my /etc/hosts file.

Just trying to get something up & running again, I exported all my DNS records and imported them into a friend's DNS server. Then I was able to change the nameservers configured in the management console to point to my friend's DNS server. For now, we were back up again. But a few hours later and still no response from my support request.

Who are NameTerrific?

I first heard about NameTerrific in this post on HackerNews. The website was well-done, the interface was easy to use. So I decided to give it a go with some of my more throwaway domains. I had a minor issue early on, and the support was quite good and over the next year or so, I started to move a couple more domains over.

Then, I stopped thinking about it. It worked well for the next year or so, and DNS tends to be one of those things you don't really think about. Until it stops working.

It was probably my fault. I didn't put much effort into researching NameTerrific's founder, Ryan Zhou. He seems to be a serial entrepreneur who dropped out of school to persue his dream. That's all well and good, but when you're hosting a service for people, it doesn't do much for your reputation as a reliable investment when you abandon your previous business for who-knows-what-reason.

What do I think happened?

 I think he discovered his website had bugs and people's domains were being transferred to the wrong people. Why do I suspect that? Because it's happening to me right now. Check this out. I go into my control panel for one of my domains, war-worlds.com:

I click on "Transfer Away", it prompts me to confirm, I click OK and I receive the following email:

It's an authorization code for a domain I don't even own. What's worse, if I do a whois on mitchortenburg.com, I find myself listed in the contact information! I seem to be the owner of a domain I never purchased (and, to be honest, don't really want) because of some bizarre mixup with the management website.

Even worse still: I have no way to generate an auth code for war-worlds.com (the domain I do care about) and I'm terrified that some other customer of NameTerrific's is somehow able to do what I've managed to do and gain ownership of my domain!

I'm not the only one having problems. Their facebook page is full of people who have also apparently realized they've been abandoned:

This is not how you run a busines. If you find bugs in your management console, you don't abandon your business and leave your customer in the lurch.

Now it seems Ryan has at least learnt from this failure to not let people post on his business' facebook wall. His "CoinJar" business has disabbled wall posts entirely.

What are my options?

So I currently have a ticket open with eNom (NameTerrific were an eNom reseller) and I hope I can get control of my domain back again. And if Mitch Ortenburg is reading this, I'm also quite happy to return your domain to you, if I only knew how to contact you...

And of course, I have already transferred every domain I can out of NameTerrific and into a reputable registrar. Lesson learnt!

blog comments powered by Disqus