- Newest
- Most votes
- Most comments
For anyone reading this in the future:
Apparently some domains (in this case, a .ca domain) are indeed handled by registrars other than AWS.
As well, apparently, for certain domains, even if the Hosted Zone and the Registered Domains have the same nameservers, this won't work - there is a certain list of nameservers that need to be used. You can't see these nameservers - you'll need to reach out to support to find out what they are.
What a fun experience.
A domain can be registered through Route 53, and/or the domain can be managed through Route 53 - these are two separate things.
Domains for which AWS is the registrar can be seen it https://console.aws.amazon.com/route53/domains/home
Is one, both or neither of your domains listed here? (my guess is it should only be domain #1).
Your domain #2, for which a whois returns www.gandi.net as the registrar, further down the whois there should be a number of nameservers listed. If these point to AWS nameservers then this domain has its management delegated to Route 53, but the registrar function remains with another party. This is completely legal and allowed, see steps 1 to 9 of https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/migrate-dns-domain-in-use.html
Both domains are registered with AWS Route53. The nameservers are listed as
Name Server: ns-1207.awsdns-22.org Name Server: ns-1775.awsdns-29.co.uk Name Server: ns-531.awsdns-02.net Name Server: ns-84.awsdns-10.com
After some more digging, it appears that AWS sometimes "delegates" domains to other registrars. It's still not working correctly, despite (as far as I can tell) being configured in the same manner as the working domain... sigh.
There will be a public hosted zone in your account whose name is the same as the name of domain #2 (the one whose registrar is gandi.net), and there will be four NS records in that public hosted zone. All four of those records need to match the NS records in the
whoisoutput for domain #2.if you need to change any of them then drop the TTL to something like 300 seconds before starting, to ensure any changes propagate more soon (the default TTL is usually something like two days). See steps 4 thru 9 of the link in my original answer.
it appears that AWS sometimes "delegates" domains to other registrars
I've not come across this before (that's not to say that it doesn't happen, I just might never have heard of it).
If you've registered the domain through AWS Route 53, and you've paid for it but you can't administer it, then the best advice is to raise a Route 53 support call with AWS to progress this. Even if you're on a Basic Support plan (which would preclude you from raising a support call most of the time) you can still do so under Account and Billing -> Service: Billing -> Category: Domain Registration Issue
https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/domain-contact-support.html
Yeah, the NS records in the hosted zone have been the same as the one output by WHOIS for several days now, and the SOA also appears correct - still no dice. No idea what is going on.
In the
whoisoutput are the Creation Date and Updated Date consistent with when you registered the domain through Route 53 ? Does anybody else have access to the account (e.g. another admin user within the organisation) and could have changed anything without your knowledge?I would definitely be looking at engaging AWS Roue 53 support about this.
Relevant content
- Accepted Answerasked a year ago
- asked 9 months ago
AWS OFFICIALUpdated a year ago- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a month ago
Thanks for coming back with the answer Zach, I've learned something new today.
I don't suppose AWS Support gave you a link to this information that you could share?