Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Are NS records more important than A records?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Are NS records more important than A records?

scookescooke Member
edited July 2020 in Help

So I was helping a friend set up a site using a2hosting with a domain at easydns.com. He changed the A records at easydns to the IP listed for his hosting at a2hosting, but after a 36 hours there was no change. We went to change the NS at easydns initially but a pop-up showed a dire warning about doing so. Anyway, after the 36 hours we changed the NS records to match the ones at a2hosting, and voila, the site loaded and the built-in SSL cert process could finish.
This surprised me as I thought the main record for a website to load was the A records, generally. Why were the NS's the crucial bit here? Thanks.

Comments

  • DPDP Administrator, The Domain Guy

    It needs to refer to the NS for the A.

    Thanked by 1scooke
  • LittleCreekLittleCreek Member, Patron Provider

    The NS records need to be the nameservers that you are actually using and what is listed in whois.

    Thanked by 1scooke
  • scookescooke Member
    edited July 2020

    So there can't or shouldn't be two sets of NS records (at two different companies), even if both sets are using the same A records and such?

  • DPDP Administrator, The Domain Guy

    @scooke said:
    So there can't or shouldn't be two sets of NS records (at two different companies), even if both sets are using the same A records and such?

    Doesn't really matter how many nameservers you have, and where, as long as their zones tally and are in sync, and they are the ones you assign/point to your domain from your registrar.

    Thanked by 1scooke
  • scookescooke Member

    Ah, so the NS records at the registrar is key then. We had left those alone (as the default records) at the registrar but the site only seemed to work when the registrar's NSs were changed. Anyway, I guess I should go read up on this more. The term "zone" came up in the easydns Help, as well as the in the DNS records at a2hosting (there was a SOA listed) and I have no idea what that is. I've been using tons of different domains at various registrars on different VPSs and this was the first time not setting the A record only didn't suffice. Then again, it is shared hosting at a2hosting, so that made a difference I guess.

  • DPDP Administrator, The Domain Guy

    @scooke said:
    We had left those alone (as the default records) at the registrar

    You can still use the default/registrar's DNS provided that they allow you to manage the records, and in the case, you'll just need to create the A record there itself.

    Thanked by 1scooke
  • AbdussamadAbdussamad Member
    edited July 2020

    It's probably just because it took that long for the DNS records to propagate. The A record not the NS record change. You really should not be serving NS records different to the authoritative nameservers you've configured at your domain registrar.

    Thanked by 1scooke
  • scookescooke Member

    @Abdussamad said:
    It's probably just because it took that long for the DNS records to propagate. The A record not the NS record change. You really should not be serving NS records different to the authoritative nameservers you've configured at your domain registrar.

    That's what I would have thought too except that sudden accessibility was too soon after the NS change. But I'm getting a little confused now again. On easydns they have their own NS (along with a pop up warning about changing them away from these defaults), and the shared hosting at a2hosting.com also have NS! So which would be the authoritative NS records? The domain registrar's or the shared hosting? Both actually give dire warnings about changing their respective NS records. In the a2hosting control panel there is a button to issue SSL certs, along with a pre-populated list of dns like mail.example.com, ftp.example.com, and when we pressed the button for the certs all the subdomains were issued certs, just not the root example.com and www.example.com. So I got the impression that it would be better to not mess with a2hosting.com's dns since they had all these records, including a SOA record, but the easydns (domain registrar) had only the NS records.

    If it is best to use the domain registrar DNS records, I should be able to just copy all the records in the shared hosting control panel and recreate them in the domain registrar records, right? Or does the fact that a2hosting is Shared Hosting complicate things DNS records-wise?

  • umiumi Member
    edited July 2020

    DNS is one of the most crucial parts of your webhosting and it is often neglected and left on reistrar's unicast nameservers. This DNS thing is well worth learning. Here are some DNS traversal utilities with performance checks that help you to find out problems or bottlenecks in your setup:
    https://www.solvedns.com/
    https://www.ultratools.com/tools/dnsTraversal
    https://dnstools.ws/
    http://dns.squish.net/

    https://www.dnsperf.com/ shows how most popular dns hosters/resolvers perform worldwide.

    Thanked by 2scooke vimalware
  • scookescooke Member

    @umi said:
    DNS is one of the most crucial parts of your webhosting and it is often neglected and left on reistrar's unicast nameservers. This DNS thing is well worth learning. Here are some DNS traversal utilities with performance checks that help you to find out problems or bottlenecks in your setup:
    https://www.solvedns.com/
    https://www.ultratools.com/tools/dnsTraversal
    https://dnstools.ws/
    http://dns.squish.net/

    https://www.dnsperf.com/ shows how most popular dns hosters/resolvers perform worldwide.

    I'll read up on these. Thank you. I thought I had been making progress getting my various domains ready for MXRoute, but this glitch while helping my friend kinda threw me off.

  • jsgjsg Member, Resident Benchmarker
    edited July 2020

    Here is how to do it

    • have the NS "glue" entry at your domain registrar point to the NS server that handles your domain, usually that's the NS server of ones provider or at some NS service like e.g. HE.
    • have all the relevant records for your sites (e.g. www, mail) properly configured on the name server you happen to use (e.g. the name service provided by your hoster).

    Here's the reasons:
    Humans - and hence e.g. browsers - use names to refer to a server, e.g. "www.lowendtalk.com", but machines ("the internet") actually use numbers (IP addresses), hence the need for name servers which know and tell that e.g. "www.lowendtalk.com" resolves to (has the IP address) 104.26.9.4 (and 172.67.68.9).

    Second part: "names" (on the internet) are hierarchically structured with dots serving as element separators and with the last element being on the highest level. So e.g. "www.lowendtalk.com" has three elements "www", "lowendtalk", and "com" with "com" being the highest level. That means that every "internet name" ending in ".com" is considered a sub-domain of .com and "www" is a sub-domain of "lowendtalk.com".
    That 'sub-domain' thing is important because every domain name server is in charge of its sub-domains. So, e.g. the name server for the .com domain is in charge of "lowendtalk.com" (and many, many others). That is what the glue record at your domain registrar serves for. It (behind the scenes) enters the name servers for your domain at the name server of the TLD (Top Level Domain, e.g. '.com') so that the .com name server can provide those NS records if someone looks for your domain (e.g. a browser).

    So, if some browser wants to connect to "[whatever].lowendtalk.com" it asks the .com name server for the name server in charge of "lowendtalk.com" (which is the one entered at the registrar). Next the browser connects to one of those name servers ('walk' and 'valentin' at ns.cloudflare.com for our example "lowendtalk.com") and asks them for the IP(s) the sub-domain 'www' which hands back the above mentioned IPs.

    Side note: This was the theory. Practically things are a bit more complicated due to diverse issues like caches, encrypted entries, etc, but the above is almost always good enough at least for basic functionality.

    Thanked by 1scooke
  • PwnerPwner Member

    A record - phone number that you're trying to dial to call someone that you remember by name

    NS record - YellowPages or the phone book (Gen Z kids, I know you won't understand this concept) that you need to remember in order to go through it to find the "A record" or name and associated phone number

    Thanked by 1scooke
  • @scooke said: The domain registrar

    the domain registrar is which company? why don't you share the domain with us so we can take a look.

    the registrar, dns host and web host can all be different companies or the same company. for example if you've registered a domain at namecheap, pointed it to easydns and then set ns records to some hosting company then you've screwed things up. the ns records should point to easydns' servers because they are the authority.

    now if you want a2hosting to be the authority for your domain then point your domain to their nameservers using namecheap's control panel. this is the correct way to do it.

    Thanked by 1scooke
  • Webdock_ioWebdock_io Member, Host Rep

    As others have stated here:

    NS records can be thought as the "top-level" record - This is where somebody/thing finds out which server to actually ask for the correct A records (or any other record type for that matter)

    Thanked by 1scooke
  • JarryJarry Member

    @Webdock_io said:

    NS records can be thought as the "top-level" record

    Top-level record are 13 (logical) root name servers.

    Thanked by 1scooke
  • Webdock_ioWebdock_io Member, Host Rep

    @Jarry said:

    @Webdock_io said:

    NS records can be thought as the "top-level" record

    Top-level record are 13 (logical) root name servers.

    That is of course technically correct, I meant from the average user's perspective who is managing their DNS records :)

    Thanked by 1scooke
  • @scooke said: I'll read up on these. Thank you.

    https://dnstools.ws is my site, so feel free to ping me if you have any questions about it. It's also open-source (https://github.com/daniel15/dnstools) :smile:

    Thanked by 1scooke
Sign In or Register to comment.