DNS hijack?

William Herrin bill at herrin.us
Fri Nov 12 13:52:24 UTC 2021


On Thu, Nov 11, 2021 at 6:36 PM Jeff Shultz <jeffshultz at sctcweb.com> wrote:
>
>
> Yeah, apparently when a domain expires, a lot of DNS queries to domains in that domain's DNS server... get redirected to a Network Solutions "this is expired" website at that IP.
> Even though those domains are perfectly legit and paid up. Or so it was explained to me and how it appeared.

Hi Jeff,

Do you mean that there's a delay between when you're recorded as
having paid up and when everything is correct throughout the DNS
system? Yes, there is. Your domain expired, you corrected the problem,
but then there was an unexpected (by you) delay before the interloping
name resolution was gone?

If you meant something else, I'd like to hear a better description of
the problem. If not... well of course: that's how the DNS works.
There's propagation delay imposed by TTLs and refresh intervals before
old data is discarded. There are a handful of scenarios (e.g.
old-school browser pinning) where stale data can persist for months.
Don't let the domain expire before you renew it. Really don't.

Regards,
Bill Herrin



-- 
William Herrin
bill at herrin.us
https://bill.herrin.us/


More information about the NANOG mailing list