Domain delegation, from registrar to digitalocean's DNS

June 15, 2014 4k views
rskaze
By:
rskaze
Hello! I just recently got my domain registered by a domain registrar, I usually use the registrar name servers, however I want to use Digitalocean's name servers to control the domain records this time. So what I tried to do was to point the registrar NS records to NS1.DIGITALOCEAN.COM etc. and created a new domain in the digitalocean controlpanel (named it mydomainhere.com). I know from beforehand that domains usually take some time to update, however I am not even sure if I have done this correctly. Have I? And in any case, how does Digitalocean authenticate that my account actually owns the domain? This is what befuddles me and makes me insecure about this being the correct way of delegating my domain. This might be a terrifyingly easy question to answer, but I simply am not secure enough of how DNS works yet that I can verify that I have set it up correctly. If you answer, answer like you're writing to a dumb sheep, because this is what I am when it comes to this matter. Thanks in advance!
Log In to Comment
2 Answers
rskaze June 17, 2014
Everything seems to be working now, the registrar had to go in manually to change the name servers to Digitalocean and from there it was a smooth sail. Doesn't seem like there was something wrong with my setup.
Reply
musaid June 16, 2014
What domain registrar are you using? In most cases, you could update your registrar's name server related to that particular domain to digitaloceans nameservers, ns1.digitalocean.com, ns2.digitalocean.com and ns3.digitalocean.com. After that you can add that domain in DO's domain section and handle it like you would in any domain management system. Usually it takes considerably less time for the changes to be updated, but depending upon the registrar and things, it could take from a few hours to about 48 hours.
Reply
  • rskaze June 16, 2014
    I analysed the DNS and it seemed like the old name servers was still listed as parent so I contacted my registrar and apparently you could not override the name servers from their control panel but they have now changed it for me and now I just have to wait for it to take effect. The way you explain it, doesn't it mean that anyone could use my domain as long as it is pointed to DO's name severs? Just add my domain their DO's domain section and use it? How does DO authenticate it as being my domain? First one to type it into the domain section? Anyway, thanks for the reply! I will reply to the topic again later.
    • AwsomeJosh October 20, 2017

      @rskaze ever figured out the answer to this?

      • rskaze December 5, 2017

        Hey! Sorry for the kinda late reply.

        The solution was changing the DNS records from the domain registrar to DO's servers. I had to contact the domain registrar to do this (despite being able to do it in the control panel which was very misguiding as it doesn't work that way) and it took some time to take effect. Then just add the NS records on DO, there's three NS records to add:
        ns1.digitalocean.com
        ns2.digitalocean.com
        ns3.digitalocean.com

        I think this took about 48 hours or so to update, you can check the DNS propagation by using some services, however I found a free service at the time and right now it seems like most offers are paid.

        When it comes to authentication of owner of the domain, I think it's on the first person to the mill basis as I had to do nothing but to point to the DO NS servers in the DNS record and it worked. Might be a good idea to add the NS servers under your domain to DO first before fixing the domain registrar stuff.

        Anything particular otherwise?

Have another answer? Share your knowledge.