Issues with TXT record on dedyn.io

dynDNS at dedyn.io
1

Hello,

It seems i have trouble adding TXT records to my dedyn.io domain.

To be more specific, if i add “test” as subname, and any value between ““ as record, it works ie. i’m able to query it using host -t txt.

But if i add as a subname anything with special chars such as “_” and “-” it does not work: host -t txt returns NXDOMAIN. This is an issue, because it prevents _acme-challenge subname…

Same behaviour either through the UI or through the API directly.

What am i doing wrong?

Thx!

L

2

I have just tested this using a similar example and I can’t reproduce.

I have added a TXT record _aaa-bbb with the value "test" to a domain (example.com replaces the actual domain I used here) using the web interface. That worked fine. The record shows up in the web interface.

Then I used host(1) to to retrieve the record:

$ host -t txt _aaa-bbb.example.com
_aaa-bbb.example.com descriptive text "test"
$

I also checked using dig(1):

$ dig +short _aaa-bbb.example.com txt
"test"
$

So no problems here.

How did you attempt to create the record? Do you actually see the record in the web interface?

Did you take into account DNS TTLs when testing, e.g. by asking the authoritative servers directly, or by waiting long enough for the propagation? There is also an additional delay for time deSEC needs to update the frontend servers. Sometimes this can take 2-3 minutes.

HTH
fiwswe

1 Like
3

I attempted to create it in the web interface and also through the API, and yes i was able to see it through the web interface afterwards.

Again, i’m using a DynDNS (dedyn.io) domain, and i was trying either locally or by hitting directly ns1.desec.io.

However i tried again right now, and it seems that now it’s working. Maybe bad luck or some transient issue earlier today?

4

Doesn’t make any difference. A subdomain of dedyn.io is treated the same as any other domain for this purpose. If it makes you feel better, substitute example.dedyn.io for example.com in my previous post.

Ok, so TTLs were not the issue.

Great!

Nothing is noted on https://desec-status.net. But like I wrote, sometimes there is a nontrivial delay updating the frontend servers. Maybe that was it. I believe the folks at deSEC are already aware of this issue and are working on reducing the delays.

fiwswe