Review: GoDaddy Premium DNS

I have tried Premium DNS for about a year and a half now. Here is  my take on Premium DNS.

Probably the main feature of the Premium DNS Service is DNSSEC.   DNSSEC offers an assurance to nameservers that the information provided by the registrar is legitimate.  With DNSSEC, DNS data between servers can be digitally signed, or authenticated.  Not all namesevers observes DNSSEC, however prominent ones like Google’s DNS do observe DNSSEC.   If DNS data cannot be authenticated for a particular domain, the nameserver may not resolve for the domain at all. This is the case for Google DNS.

Again, not all nameservers uses DNSSEC.  So even if the DNS data for a domain cannot be authenticated, these servers will still resolve for the domain.  However, in Google’s case, the server will not resolve if the DNS cannot be authenticated.

The service also offers vanity nameservers but I don’t value this feature all that much. Basically, this service gives the perception to the public that you have a full-blown corporate network.

If you maintain your own server or GoDaddy is your hosting provider and your domain is registered with GoDaddy, this service may be worth it.  This service is not recommended for those who have hosting with another provider, such as Namecheap.  Even though it is possible to configure the Premium DNS Service to point to a Namecheap server, the problem is when Namecheap decides to move your cPanael account to a different server.  When Namecheap moves accounts to a different server, they’ll only update their nameservers.  You have to manually update Premium DNS so that your domains points to the correct server.

This is what happened to me.  Namecheap gave me a complimentary upgrade to my hosting.  What I didn’t realize was that it meant moving my hosting to a different server.  A different server meant a different IP address.   When the migration occurred one morning, my Premium DNS service was still pointing to the old IP address which was now the wrong IP address.  As a result, my email server went dark to the rest of the world because my email server moved to a different address.  Later that day, I realized what was going on, so I configured the premium DNS to the new IP address.  I was on a trip that day, so I was trying to configure my DNS records using my tablet!

It is a good idea to have the hosting and nameserver maintained by the same provider. When the hosting and nameserver have different providers, you have keep them in sync.

Earlier I mentioned that the service may be worth it if you have your domain registered with GoDaddy because it supports DNSSEC.  However, very few registrars supports DNSSEC.  If you can disable DNSSEC so that you can use non-DNSSEC-supported registrars.

The uptime is OK. For instance, for a 3 month period, for one of their nameservers, pdns06, the worst-case availability rate was 99.98%, the worst-case down time was 32 minutes, and worst-case number of down times was 6.  Another nameserver, pdns05, did not fair too well, it had numbers of 99.42%, 13 hours, and 75 times respectively.

The response time is around 26 ms.

Also, if you’re going to use DNSSEC, make sure DNSSEC is working correctly.  Use dnsvis.net to check DNSSEC for your domain.  The DNSSEC feature can get screwed up.  For instance if you turn off Premium DNS, you have to remove the DS records, otherwise there will be authentication problems.