Route 53 does not become the DNS service after changing the registrar's NS records

0

The client is from KSA and had to purchase the .sa domain via sahara.net, since AWS does not support it. I want Route 53 to be the DNS service, for convenience and because I want to use the Alias records.

I've followed the steps at https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/migrate-dns-domain-in-use.html. I've changed the registrar's NS records to point to the Route 53 hosted zone's servers and, after waiting 24 hours, www.whatsmydns.net tells me the domain points to the correct ones.

But the Alias records I added in Route 53 for 2 subdomains pointing to 2 ElasticBeanstalk environments do no work (DNS_PROBE_FINISHED_NXDOMAIN) and I had to add the CNAME for the Amplify main application in the registrar's records before that got validated, even though Amplfy added those records to the hosted zone automatically.

It looks like the switch/porting of DNS authority isn't happening.

There are records in the registrar's DNS zone that I have yet to add in Route 53. Could those be the reason why it isn't porting over? Can someone give me any advice or tell me what I'm doing wrong?

Edit: In case someone encounters this specific issue, I'll leave the resolution here. In the case of sahara.net, it is not enough to edit the NS records. You have to make a ticket with them so that they can edit the servers for your domain in a different part of the application.

Lazar
asked a year ago246 views
1 Answer
0

The FAQ from sahara.net states that DNS propagation takes up to 48 hours, which is a typical TTL for a name server record. It's likely that a cached, unexpired NS record is the reason that some DNS queries continue to be forwarded to the registrar's DNS zone. You could test this by first clearing your local DNS cache and then browsing to the CNAMEs assigned to your EB environments.

profile pictureAWS
answered a year ago
  • Thank you for your reply! You are correct that there are a few places around the world that are still answering with the sahara servers instead of the aws ones. It's been more than 48 hours now since I did the changes, so I'm not sure why they haven't updated.

    As you suggested, I cleared my DNS cache and then tried to access the subdomains I associated with my EB environments. I still got the same error in the browser and www.whatsmydns.net does no provide any results for them. As a note, I am using A records with Aliases to the environments, not CNAMEs.

  • It's possible that even after clearing your local DNS cache, an upstream source (like your router, or your ISP) is still using the cached record. A more definitive way to test DNS is to use the dig command, which is documented at https://linux.die.net/man/1/dig. An example query to confirm the DNS records hosted in Route53 would be "dig @your-aws-name-server your-domain any". You can substitute your-aws-name-server with any DNS server that you'd like to query and compare answers with.

  • Thanks again for replying! The dig command, when I use it with AWS name servers gives me the correct records from Route53. This also happens when I use the subdomains instead of the root domain. But if I use the old sahara name servers (which are still, sometimes, returned by whatsmydns.net), I get only the records from their hosted zone with their NS records pointing to the AWS name servers.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions