Beware cutesy two-letter TLDs for your domain name
Update: After over 8 hours of downtime, DNS authority is once again delegating properly. No response from support emails. Also: According to one HN commenter, other .st domains were affected.
Every .com domain with remote phonetic value is held by a squatter looking for a $1m payout. So, like many other startups, we chose a clever domain for Voost: https://www.voo.st/. It was perfect - short, relevant, and (best of all) available.
One year later, we are discovering the downside of this decision. If you just clicked on that URL, you probably got an error message. It’s been that way for the last six hours… and there’s absolutely nothing I can do about it except whine on Hacker News.
I presume that the .com domain nameservers are run by smart people with a well-oiled support organizations. Unfortunately, the .st domain is run by a Swedish company named Bahnhof.
Normally (and for a small percentage of requests still), DNS resolution requests for www.voo.st look like this:
legba:~ jeff$ dig www.voo.st ; <<>> DiG 9.7.3-P3 <<>> www.voo.st ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32274 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 4 ;; QUESTION SECTION: ;www.voo.st. IN A ;; ANSWER SECTION: www.voo.st. 300 IN CNAME cf-ssl7797-protected-www.voo.st. cf-ssl7797-protected-www.voo.st. 300 IN A 184.108.40.206 cf-ssl7797-protected-www.voo.st. 300 IN A 220.127.116.11 ;; AUTHORITY SECTION: voo.st. 14744 IN NS eric.ns.cloudflare.com. voo.st. 14744 IN NS vera.ns.cloudflare.com. ;; ADDITIONAL SECTION: eric.ns.cloudflare.com. 28038 IN A 18.104.22.168 eric.ns.cloudflare.com. 89754 IN AAAA 2400:cb00:2049:1::adf5:3b70 vera.ns.cloudflare.com. 84894 IN A 22.214.171.124 vera.ns.cloudflare.com. 118688 IN AAAA 2400:cb00:2049:1::adf5:3a93 ;; Query time: 100 msec ;; SERVER: 126.96.36.199#53(188.8.131.52) ;; WHEN: Mon Aug 20 17:08:19 2012 ;; MSG SIZE rcvd: 242
The request for www.voo.st is delegated to the authority for voo.st - CloudFlare’s nameservers. The .st servers are configured to use eric.ns.cloudflare.com and vera.ns.cloudflare.com in the control panel at www.nic.st.
Right now, most requests for www.voo.st resolve like this:
legba:~ jeff$ dig www.voo.st ; <<>> DiG 9.7.3-P3 <<>> www.voo.st ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5497 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4 ;; QUESTION SECTION: ;www.voo.st. IN A ;; ANSWER SECTION: www.voo.st. 600 IN A 184.108.40.206 ;; AUTHORITY SECTION: st. 66968 IN NS ns1.bahnhof.net. st. 66968 IN NS dns-au.st. st. 66968 IN NS auth61.ns.uu.net. st. 66968 IN NS ns2.bahnhof.net. ;; ADDITIONAL SECTION: ns1.bahnhof.net. 162265 IN A 220.127.116.11 ns2.bahnhof.net. 57951 IN A 18.104.22.168 auth61.ns.uu.net. 3132 IN A 22.214.171.124 dns-au.st. 68302 IN A 126.96.36.199 ;; Query time: 120 msec ;; SERVER: 188.8.131.52#53(184.108.40.206) ;; WHEN: Mon Aug 20 17:08:18 2012 ;; MSG SIZE rcvd: 203
For some reason, Bahnhof’s DNS servers are not delegating authority for ‘voo.st’ to the ‘voo’ nameservers at CloudFlare. 220.127.116.11 is something inside Bahnhof’s network that refuses HTTP connections. I’ve also noticed some requests intermittently going to a server that responds with “This domain may be available to regster”. It makes our business look terrible.
I can speculate as to what is broken inside Bahnhof. We just came up on the year anniversary of our domain registration; even though we renewed the registration a couple weeks before expiration, perhaps some part of their automated system is trying to reclaim the domain. Just in case, we tried renewing for an additional year - no effect. We tried changing the nameservers - no effect.
Naturally, you’re thinking: Contact support!
…and this is where I get angry. Multiple emails to the advertised email address (firstname.lastname@example.org) go unanswered several hours later. There is a web form for submitting support requests, all of which have gone unanswered. There is a fax number, which has been disconnected. There is a link to www.bahnhof.se - the “English Version” button takes you to this website:
What can I do? My only recourse is to - what, change the domain and rebrand my entire business? Wait 12 hours for some Swedish dude to wake up and check the support email? What if he doesn’t?
This is crazy.
Discuss this on Hacker News