
IO name servers down - gator-io
I&#x27;m getting swamped DNS resolution errors for anything .IO.<p>ns-a1.io timesout on every request
so do all the others
======
fenwick67
I'm so glad I passed on the .io TLD for my personal page and got .pizza one
instead.

~~~
lzy
I thought you're joking and then discovered there actually really is a .pizza
TLD.

[https://icannwiki.org/.pizza](https://icannwiki.org/.pizza)

------
devnull42
It appears that the issue at first impacted all servers in the anycast pool
however eventually it only impacted servers ns-a2 and ns-a4. Those servers
started returning NXDOMAINs. I am wondering if this was related to the root
server key change yesterday. .IO seems to struggle with basic DNS engineering.
We are seeing stabilization except for minor issues still on one of the gTLD
servers.

~~~
steventhedev
The root server key won't actually change until next month. The DNSKEY
responses from the root server was increased yesterday. Speculation, but it
could be they're running ancient versions of BIND that fail with the larger
response size. As per ICANN[0], the timeline is:

 _October 27, 2016: KSK rollover process begins as the new KSK is generated._

 _July 11, 2017: Publication of new KSK in DNS._

 _September 19, 2017: Size increase for DNSKEY response from root name
servers._

 _October 11, 2017: New KSK begins to sign the root zone key set (the actual
rollover event)._

 _January 11, 2018: Revocation of old KSK._

 _March 22, 2018: Last day the old KSK appears in the root zone._

 _August 2018: Old key is deleted from equipment in both ICANN Key Management
Facilities._

[0]: [https://www.icann.org/resources/pages/ksk-
rollover](https://www.icann.org/resources/pages/ksk-rollover)

PS - thank you for mentioning this, I wasn't aware it was going to happen
until reading your comment.

~~~
devnull42
Correct the actual key change isn’t until next month however yesterday there
was a change in response size from the root servers.

------
JelteF
For more info check the other post on this topic:
[https://news.ycombinator.com/item?id=15293578](https://news.ycombinator.com/item?id=15293578)

Not sure why that was taken of the front page suddenly.

------
X-Istence
Noticed this issue this morning too...

[https://twitter.com/bertjwregeer/status/910515512903319552](https://twitter.com/bertjwregeer/status/910515512903319552)

Interestingly enough I found that only some of them were returning NXDOMAIN's,
so resolution would sometimes work and sometimes it would fail completely.

------
nodesocket
Same here for my startup commando.io. Using AWS Route53. What DNS provider are
you using?

~~~
turdnagel
Same here, also using Route 53.

~~~
nodesocket
I was certain I was getting DDoS'd, but then I inspected the Pingdom down
notifications and seeing: DNS error

~~~
jon-wood
This is almost completely irrelevant, but what are you doing where you jump to
DDoS before misconfiguration or a service outage?

------
gator-io
I am so done with .io. This is one of many issues they've had in the last
year.

My problem is that we have scripts all over customer websites hardcoded with
api.gator.io

We're going to have to have them update the scripts and that is going to be a
major pain.

~~~
softawre
Heh, it's even in your phone number

> 1-844-GATOR-IO

------
tbarbugli
team mate posted on HN already about this:
[https://news.ycombinator.com/item?id=15293578](https://news.ycombinator.com/item?id=15293578)

------
riffic
Not a surprise; country code top-level domains are run poorly and I sure
wouldn’t stick all of _my_ eggs in this single basket.

------
tbarbugli
These two nameservers: ns-a2.io, ns-a4.io return wrong results consistently

------
gator-io
Everything appears to be functioning at this point

------
jmkni
Seems to be sorted now

------
thekemkid
Seems like a hijacking:
[https://www.theregister.co.uk/2017/07/10/io_hijacking_in_tra...](https://www.theregister.co.uk/2017/07/10/io_hijacking_in_transition_cockup/)

~~~
SCdF
That is a news report from July.

------
partycoder
Well, the .io domain name is intended for the British Indian Ocean territory.

I think the common practice of misusing TLDs (such as registering an .io
domain if you are not from the British Indian Ocean territory, or having a
Soviet Union domain... a country that no longer exist), is bad.

However, I acknowledge this is not the root problem. The root problem is the
scarcity of domains under traditional TLDs, and that's in great part due to
speculation (e.g: domain parking). It is hard to establish what constitutes
placeholder content, therefore rules preventing domain parking are hard if not
unfeasible to forbid.

~~~
ptenk
Thankfully built-in parking AdBlock on newer browsers is forcing domain
speculators to start dropping their less valuable names, as parking pages are
no longer producing any revenue. I see most tech companies coming back to .COM
once their given domain is available / priced cheaply as speculators are
forced to sell.

