@RareBird15 @selfhost @selfhosting @selfhosted @mastoblind @main "but how can I do that when my domain doesn’t exist yet?" I am not sure to understand your specific context, but do note that you can configure any nameserver to be authoritative on any fictional name you want, and make sure it replies properly. It doesn't matter (won't be used by anyone) until the *delegation* (from parent) is being set, which happens at the registrar where you define nameservers for the domain.
pmevzek
joined 7 years ago
@jpl @RareBird15 @selfhost @selfhosting @selfhosted @mastoblind @main But technically you can totally register a domain without nameservers. Or later remove nameservers totally from a registered domain. Registration and resolution are separate things, even if they intersect, at least at the registrar when setting nameservers (sent to the registry which in turn publish them)
@ocean @RareBird15 Might want to read the fine prints. Cloudflare will require you to use their nameservers. You can't choose the DNS provider you wish. Maybe fine, maybe not, but has to be taken into account, I was too often in threads where people complain to late that their domain is now tied to Cloudflare nameservers.
@Grumpy @RareBird15 No. Glue records serve a specific need and have nothing to do with the problem depicted here. They are relevant only when having in-bailiwick nameservers, and your registrar will handle that when you create the host objects (that is change the nameservers at registry side), it has nothing to do with content of the zone.
@RareBird15 @virtuous_sloth @selfhost @selfhosting @selfhosted @mastoblind @main There is nothing "weird" in having 2 separate companies, one for registration, one for hosting/DNS provider. IF your nameservers are Vultr.com ones currently, this is where you should edit your zone. You can only edit records at your DNS provider, where the domain is registered has no influence on how it gets resolved.
@[email protected] Nitpick: SPF record is not named "@", it just needs to be at apex of zone. @ is often a shorthand to say apex in zonefiles, but doesn't exist as such really in DNS queries and answers. Also, if you want to fully protect your domain, you can have a null MX record (RFC 7505) and for other matters than email, but also still important, a null CAA record to prevent any rogue certificates issued for it.
@ocean I am not judging myself if this is a problem or not, as it is subjective and depends on a whole context, so it will differ for each case. Just saying "be aware of that, and the consequences of it, make sure that don't get against the goals you have set". Basically, "buyers beware".