Introduction

When you change a domain's nameservers at the registrar level, the update must propagate across the global DNS infrastructure. During this propagation period (which can take 24-48 hours), some users will be directed to the old nameservers and others to the new ones. If the DNS records differ between the old and new nameservers, users experience inconsistent access - some can reach the site while others see it as down.

Symptoms

  • Site accessible from some locations/networks but not others
  • dig example.com NS returns different nameservers depending on the resolver used
  • dig example.com @ns1.old-provider.com and dig example.com @ns1.new-provider.com return different records
  • Some users report the site is down while others can access it normally
  • DNS checkers (whatsmydns.net) show mixed results globally

Common Causes

  • Nameserver change at registrar not yet propagated to all root/TLD servers
  • Old nameservers still serving records while new ones have different data
  • TTL on NS records at the registrar level too high (48 hours default)
  • DNS records on new nameservers not fully configured before the switch
  • Recursive resolvers caching the old NS delegation

Step-by-Step Fix

  1. 1.Check global DNS propagation status:
  2. 2.```bash
  3. 3.# Check NS records from different resolvers
  4. 4.dig example.com NS @8.8.8.8 +short
  5. 5.dig example.com NS @1.1.1.1 +short
  6. 6.dig example.com NS @208.67.222.222 +short

# Check A records from each nameserver for ns in $(dig example.com NS +short); do echo "=== $ns ===" dig example.com A @$ns +short done ```

  1. 1.Verify DNS records are identical on both old and new nameservers:
  2. 2.```bash
  3. 3.# Export records from old nameserver
  4. 4.dig example.com ANY @old-ns +noall +answer > /tmp/old-records.txt
  5. 5.# Export records from new nameserver
  6. 6.dig example.com ANY @new-ns +noall +answer > /tmp/new-records.txt
  7. 7.# Compare
  8. 8.diff /tmp/old-records.txt /tmp/new-records.txt
  9. 9.`
  10. 10.If records differ, update the new nameserver to match:
  11. 11.Add all missing records to the new nameserver's zone file or DNS management console. Ensure every record type (A, AAAA, CNAME, MX, TXT, NS) matches.
  12. 12.Monitor propagation in real time:
  13. 13.```bash
  14. 14.# Watch propagation progress
  15. 15.while true; do
  16. 16.echo "$(date): $(dig example.com A +short @8.8.8.8)"
  17. 17.sleep 60
  18. 18.done
  19. 19.`
  20. 20.For emergency recovery, revert to old nameservers if needed:
  21. 21.If the new nameserver has critical issues, update the NS records back to the old provider at the registrar level.
  22. 22.Use DNS monitoring services during the transition:
  23. 23.```bash
  24. 24.# Check from multiple geographic locations
  25. 25.# Use services like dnschecker.org or whatsmydns.net
  26. 26.# Monitor from your actual user base locations
  27. 27.`

Prevention

  • Reduce TTL to 300 seconds at least 48 hours before nameserver changes
  • Configure all DNS records on the new nameserver before initiating the switch
  • Ensure both old and new nameservers serve identical records during the transition
  • Plan nameserver changes during low-traffic periods
  • Maintain the old nameserver active for at least 48 hours after the switch
  • Document the DNS migration procedure with a rollback plan