This one’s going to get the least hits ever, I bet.
I transferred the authoritative nameserver of a domain from Godaddy to Cloudflare and things got stuck. The NS propagated pretty well, but it never got picked up by Google or Verisign’s public DNS (check with https://www.whatsmydns.net). Since my ISP uses Google’s 8.8.8.8 server for customer DNS, I couldn’t reach my sites and mail got goofy.
The problem turned out to be outdated DS records that lingered at Godaddy after I tried their DNSSEC product, had all sorts of problems and turned it off. DS records aren’t deleted automatically in that process — they need to be deleted manually on the Domain Details/Settings tab. Who knew? Why should I have to know?? Continue reading →