I've had a bit of a crazy weekend this weekend. It all started while I was checking out some of my websites and I discovered their DNS was not resolving! That's always scary, and after a few minutes I realised that the DNS servers were unreachable from some (but not all) networks. For example, this was a traceroute to one of the DNS servers from my home computer:
$ traceroute 103.30.213.5 traceroute to 103.30.213.5 (103.30.213.5), 30 hops max, 60 byte packets 1 home.gateway.home.gateway (192.168.1.254) 0.745 ms 1.041 ms 1.334 ms 2 lns20.syd7.on.ii.net (150.101.199.219) 18.276 ms 19.705 ms 20.402 ms 3 te3-1-120.cor2.syd6.on.ii.net (150.101.199.241) 22.902 ms 23.762 ms 24.736 ms 4 ae5.br1.syd7.on.ii.net (150.101.33.50) 138.154 ms 139.785 ms ae0.cr1.syd4.on.ii.net (150.101.33.16) 29.454 ms 5 ae5.br1.syd4.on.ii.net (150.101.33.48) 30.446 ms ae0.br1.syd4.on.ii.net (150.101.33.14) 36.895 ms ae5.br1.syd4.on.ii.net (150.101.33.48) 37.306 ms 6 te0-2-0.bdr1.hkg2.on.ii.net (150.101.33.199) 145.732 ms 139.403 ms 140.845 ms 7 hostvirtual-RGE.hkix.net (202.40.160.179) 159.664 ms 132.746 ms 133.402 ms 8 vhk.vr.org (208.111.42.5) 134.369 ms 135.393 ms 136.574 ms 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * . . .
It was getting stuck at vhk.vr.org, which seems to be some transit provider or other. But from other networks it was OK, here's the traceroute from my Google Compute Engine instance:
$ traceroute 103.30.213.5 traceroute to 103.30.213.5 (103.30.213.5), 30 hops max, 60 byte packets 1 216.239.46.192 (216.239.46.192) 1.168 ms 216.239.43.216 (216.239.43.216) 1.429 ms 216.239.46.192 (216.239.46.192) 1.105 ms 2 216.239.46.192 (216.239.46.192) 1.383 ms 1.072 ms 216.239.43.218 (216.239.43.218) 1.335 ms 3 216.239.46.190 (216.239.46.190) 1.477 ms 216.239.43.218 (216.239.43.218) 1.367 ms 216.239.46.192 (216.239.46.192) 1.287 ms 4 216.239.43.216 (216.239.43.216) 1.656 ms 216.239.46.190 (216.239.46.190) 1.434 ms 216.239.43.218 (216.239.43.218) 1.914 ms 5 216.239.43.216 (216.239.43.216) 1.910 ms 1.886 ms 1.868 ms 6 216.239.43.218 (216.239.43.218) 1.841 ms 1.257 ms 216.239.46.190 (216.239.46.190) 1.470 ms 7 216.239.46.192 (216.239.46.192) 1.196 ms 216.239.43.218 (216.239.43.218) 1.289 ms 216.239.43.216 (216.239.43.216) 1.496 ms 8 216.239.43.218 (216.239.43.218) 1.643 ms 216.239.43.216 (216.239.43.216) 1.457 ms 216.239.43.218 (216.239.43.218) 1.586 ms 9 209.85.248.215 (209.85.248.215) 11.936 ms 72.14.232.140 (72.14.232.140) 11.761 ms 209.85.248.229 (209.85.248.229) 14.151 ms 10 209.85.254.239 (209.85.254.239) 15.746 ms 72.14.237.132 (72.14.237.132) 11.702 ms 72.14.237.131 (72.14.237.131) 14.216 ms 11 209.85.255.133 (209.85.255.133) 14.355 ms 209.85.255.27 (209.85.255.27) 14.187 ms 13.759 ms 12 * * * 13 db-transit.Gi9-12.br01.rst01.pccwbtn.net (63.218.125.26) 39.572 ms 37.646 ms 39.849 ms 14 viad-vc.as36236.net (209.177.157.8) 39.499 ms 37.372 ms 39.243 ms 15 pdns1.terrificdns.com (103.30.213.5) 40.454 ms 39.940 ms 41.335 ms
So that seems kind of scary! I quickly composed an email to the support address with what I'd seen. An hour later and no response. At this point I was worried, because I had no idea how many people were unable to contact my websites. I tried logging in to the management console, but that was also a no-go: the DNS for the management console was hosted on the same DNS servers that were not responding! I managed to log in by hard-coding the IP address (which I got from my GCE server that was able to connect to the DNS servers) in my /etc/hosts file.
Just trying to get something up & running again, I exported all my DNS records and imported them into a friend's DNS server. Then I was able to change the nameservers configured in the management console to point to my friend's DNS server. For now, we were back up again. But a few hours later and still no response from my support request.
Who are NameTerrific?
I first heard about NameTerrific in this post on HackerNews. The website was well-done, the interface was easy to use. So I decided to give it a go with some of my more throwaway domains. I had a minor issue early on, and the support was quite good and over the next year or so, I started to move a couple more domains over.
Then, I stopped thinking about it. It worked well for the next year or so, and DNS tends to be one of those things you don't really think about. Until it stops working.
It was probably my fault. I didn't put much effort into researching NameTerrific's founder, Ryan Zhou. He seems to be a serial entrepreneur who dropped out of school to persue his dream. That's all well and good, but when you're hosting a service for people, it doesn't do much for your reputation as a reliable investment when you abandon your previous business for who-knows-what-reason.
What do I think happened?
I think he discovered his website had bugs and people's domains were being transferred to the wrong people. Why do I suspect that? Because it's happening to me right now. Check this out. I go into my control panel for one of my domains, war-worlds.com:
I click on "Transfer Away", it prompts me to confirm, I click OK and I receive the following email:
It's an authorization code for a domain I don't even own. What's worse, if I do a whois on mitchortenburg.com, I find myself listed in the contact information! I seem to be the owner of a domain I never purchased (and, to be honest, don't really want) because of some bizarre mixup with the management website.
Even worse still: I have no way to generate an auth code for war-worlds.com (the domain I do care about) and I'm terrified that some other customer of NameTerrific's is somehow able to do what I've managed to do and gain ownership of my domain!
I'm not the only one having problems. Their facebook page is full of people who have also apparently realized they've been abandoned:
This is not how you run a busines. If you find bugs in your management console, you don't abandon your business and leave your customer in the lurch.
Now it seems Ryan has at least learnt from this failure to not let people post on his business' facebook wall. His "CoinJar" business has disabbled wall posts entirely.
What are my options?
So I currently have a ticket open with eNom (NameTerrific were an eNom reseller) and I hope I can get control of my domain back again. And if Mitch Ortenburg is reading this, I'm also quite happy to return your domain to you, if I only knew how to contact you...
And of course, I have already transferred every domain I can out of NameTerrific and into a reputable registrar. Lesson learnt!