Re: DNS Services for a registrar

[DaKnOb <daknob.mac () gmail com>]

Someone registered the domain “corp.gr” and now sells subdomains similar to .com.gr, .co.uk, etc. They use a “clever” 
way to make sure they will have 100% uptime at virtually no cost:

$ dig NS corp.gr
;; Truncated, retrying in TCP mode.

; <<>> DiG 9.8.3-P1 <<>> NS corp.gr
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47495
;; flags: qr rd ra; QUERY: 1, ANSWER: 28, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;corp.gr.                       IN      NS

;; ANSWER SECTION:
corp.gr.                21599   IN      NS      puck.nether.net.
corp.gr.                21599   IN      NS      ns4.dnsunlimited.com.
corp.gr.                21599   IN      NS      i.ns.buddyns.com.
corp.gr.                21599   IN      NS      d.ns.zerigo.net.
corp.gr.                21599   IN      NS      f.ns.zerigo.net.
corp.gr.                21599   IN      NS      b.nskey.com.
corp.gr.                21599   IN      NS      g.ns.buddyns.com.
corp.gr.                21599   IN      NS      ns4.he.net.
corp.gr.                21599   IN      NS      ns5.dnsunlimited.com.
corp.gr.                21599   IN      NS      f.ns.buddyns.com.
corp.gr.                21599   IN      NS      h.ns.buddyns.com.
corp.gr.                21599   IN      NS      d.ns.buddyns.com.
corp.gr.                21599   IN      NS      ns2.he.net.
corp.gr.                21599   IN      NS      ns2.afraid.org.
corp.gr.                21599   IN      NS      a.nskey.com.
corp.gr.                21599   IN      NS      b.ns.zerigo.net.
corp.gr.                21599   IN      NS      b.ns.buddyns.com.
corp.gr.                21599   IN      NS      e.ns.buddyns.com.
corp.gr.                21599   IN      NS      ns1.dnsunlimited.com.
corp.gr.                21599   IN      NS      c.ns.zerigo.net.
corp.gr.                21599   IN      NS      c.ns.buddyns.com.
corp.gr.                21599   IN      NS      ns3.dnsunlimited.com.
corp.gr.                21599   IN      NS      a.ns.zerigo.net.
corp.gr.                21599   IN      NS      ns5.he.net.
corp.gr.                21599   IN      NS      ns2.dnsunlimited.com.
corp.gr.                21599   IN      NS      ns1.twisted4life.com.
corp.gr.                21599   IN      NS      e.ns.zerigo.net.
corp.gr.                21599   IN      NS      ns3.he.net.

;; Query time: 161 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Aug 12 14:42:58 2016
;; MSG SIZE  rcvd: 577

Of course, I don’t recommend you do this. On a serious note, as mentioned previously, AWS lacks IPv6 currently. A 
custom solution would provide more control but it may have some challenges. In addition to that, you’d probably need 
some form of network redundancy but you’re most likely not going to reach AWS’ anycasted network’s availability easily. 
I’d recommend looking to some other providers as well, some of which may be in the list of name servers above.. 

Just my 2c

> On 12 Aug 2016, at 08:56, Ryan Finnesey <ryan () finnesey com> wrote:
>
> We need to provide DNS services for domains we offer as a registrar.  We were discussing internally the different 
> options for the deployment.  Does anyone see a down side to using IaaS on AWS and Azure?
>
> We were also kicking around the idea of a PaaS offering and using Azure DNS or AWS Route 53.
>
> Cheers
> Ryan