DNS not propogating for palantetech.coop/palantetech.com

[https://id.mayfirst.org/jessie]

Hey There folks,

We noticed some DNS records we added a few hours ago are not propagating even when we query a.ns.mayfirst.org

npap-demo.palantetech.coop being the main one we need

[https://id.mayfirst.org/jaimev]

Let's get jamie to look at this.

[https://id.mayfirst.org/jamie]

I'm taking a look now. knot is complaining about a semantic check failing on your zone file...

[https://id.mayfirst.org/jamie]

Can you try again? It should be working now.

The problem was that our DNS server is quite strict about CNAME. If you set a domain (like puppet.palantetech.coop) to a CNAME then knot knows that anytime someone requests that domain name it will return the results of the CNAME.

A problem arises if you try to configure a domain name to be a CNAME and you define something else (in your case, you set a AAAA record for puppet.palantetech.coop). Knot refuses to load it because if someone requests the AAAA record for puppet.palantetech.coop knot doesn't know whether to deliver the AAAA record you have defined or the AAAA record of the CNAME domain.

To immediately resolve the problem I just disabled your AAAA record for puppet.palantetech.coop.

We have a validation rule that is supposed to stop you from entering a CNAME record for a record that already exists.

But I think it failed because there is no check in the opposite directory (to prevent you from adding an AAAA record for a domain that already has a CNAME).

[https://id.mayfirst.org/jamie]

See #13618