I don't mind hosting my DNS at registrar, since they provide the service, but I do want to have secondary DNS servers/provider somewhere else: dns.he.net (free), or paid service elsewhere. But, unfortunately, none of the registrars I tried allow you to have secondary DNS server, ie allow dns AXFR for the zone file. (godaddy, hover, gandi, namecheap and 1and1 -- note, I tried them over the time and asked all of them for AXFR to have secondary zone elsewhere -- all of them declined. Latest and current is Hover).
After long time researching, I've decided to use $2/month plan on cloudns.net for primary DNS, and secondary at dns.he.net.
Most domains can have up to 13 name servers assigned at the registry, most domain registrars will let you setup 6 or more (mine does 6). Ideally you'd have your registrars and another source hosting your dns and keep them synced up.
Unless you have a weird edge case most of the time its set it up once and forget it. This way even if you registrar has problems you have another dns that is still up. Do a dig on some popular domains (like google,cnn,etc) and you'll see they have multiple dns entries by different providers.
If your website is important enough to keep up in case your registrar is not, then you need it hosted by multiple providers including your registrar (its usually free, why not right).
Sounds like the author doesn't know how any of this DNS stuff actually works.
The registrar ultimately controls which nameservers are used to lookup your domain. If someone has access to your registrar account then they can change this so it doesn't matter if you have separate services.
Also if your registrar is accessible but your DNS provider is down, you can switch to a different DNS provider at any time, it's not something to "prepare" for like this article says.
Author here. At the time the problem was that DNSimple stopped resolving DNS for customers AND their management interface for a long period of time (iirc it was like 12 hours), which was affecting people who had registered domains through DNSimple and used their DNS service. This affected a disproportionate number of my friends and several clients.
You can't change your nameservers if your registrar's management interface isn't resolving.
1) DNS resolution stops working - use a different provider.
2) Registrar interface stops working - wait till it starts working.
You were trying to solve problem 1 which required problem 2 to be solved first, but there's no way around that. This means that everyone has the same dependency issue with their registrar being a single point of failure. Hosting your actual DNS elsewhere doesn't change anything or prepare for this situation any better.
It doesn't matter if the DNS service is up or down - the point is that you cannot change your domain's DNS service without access to your registrar's console.
So effectively, the registrar being up is the only thing that matters and there's nothing you can do about it.
You're betting on the fact that by using 2 services, they won't be down at the same time which might add some reliability, although most registrars aren't hosting their console sites on the same network as their DNS servers anyway so the odds of it happening are about the same. You were just caught in a bad situation.
> It doesn't matter if the DNS service is up or down - the point is that you cannot change your domain's DNS service without access to your registrar's console.
True!
> most registrars aren't hosting their console sites on the same network as their DNS servers.
As a customer you have no ability to judge this. DNSimple was either hosting them on the same infrastructure or the DDoS was targeting both. I can't speak to what they do now, since this article is almost two years old.
By using one service for both components you're betting on the fact that they're doing the right things behind the scenes. IMO that is not a safe bet. For zero added monetary cost and effectively zero added management cost you can double your ability to weather that specific type of storm.
After long time researching, I've decided to use $2/month plan on cloudns.net for primary DNS, and secondary at dns.he.net.