News

Change of DNS resolvers in "RMA" region

Every server should be kept up-to-date – this also applies to our DNS systems. A further aim is to make our name server setup at the Rümlang location more robust and align it with the new Lupfig location, where we were able to implement these optimization measures right from the start. To this end, we are setting up the relevant servers at the "RMA" location from scratch, taking a step-by-step approach to avoid any interruption in service for our customers.

For your servers in the "RMA" region, the following set of IPv4 and IPv6 addresses will be available as DNS resolvers with immediate effect:

• IPv4: 5.102.144.101 and 5.102.144.102
• IPv6: 2a06:c01:f::101 and 2a06:c01:f::102

These DNS resolvers are already available and can be fully used. This DNS configuration is also already assigned via DHCP to servers that request or renew an IP address from our DHCP servers (except for private networks where you have explicitly configured a different set of DNS resolvers via our API).

Please note: the IP address 5.102.148.102 will be taken out of service as a DNS resolver as of 2020-08-15. Please ensure that your servers no longer use this IP for name resolution.

The above-mentioned change-over to the new set of DNS resolvers applies only to servers in the "RMA" (Rümlang) region. Servers in the "LPG" (Lupfig) region use a different set of DNS resolvers, which is not affected by this change.

What you need to check with regard to your servers

By default, new servers at cloudscale.ch use DHCP for their individual network configuration. Servers where you have left this setting unchanged do not, therefore, need any manual configuration changes. However, we recommend to verify that your servers have actually included at least two of these IPs in their DNS configuration.

If you have manually configured the DNS settings of your servers, please change them to the set of DNS resolvers mentioned above. Make sure that the IP 5.102.148.102 is no longer used as a resolver, as we will take this IP out of service by 2020-08-15. It goes without saying that you are also free to use your own DNS resolvers or a third-party DNS service instead of our systems.

No modifications are necessary for servers running a recursing resolver themselves (e.g. firewall systems based on OPNSense).

Further information

In certain firewall configurations, the applicable firewall rules also need to be adapted, e.g. if DNS replies are not automatically accepted after a DNS query has been sent ("stateless" firewalls).

Since the IP address 5.102.144.102 will continue to be available as a DNS resolver, we do not expect name resolution to be interrupted in a standard scenario even without the necessary adjustments. Please note, however, that in a case of this kind, DNS lookups will be delayed if an incorrect DNS server is queried first, and another server is only attempted after some timeout. Examples of delayed processes include SSH (typical symptom: longer login times) and other services if they resolve IP addresses to hostnames for security or logging purposes.

As mentioned, our redundant DNS resolvers are available with immediate effect via the new set of IP addresses. For optimal operation of the name resolution, please change the DNS setting of your servers in the "RMA" region as described above by 2020-08-15, or verify that this change has been applied automatically. Servers in the "LPG" region are not affected by this change and do not require any action. If necessary, our support team will of course be happy to answer your questions.

Kind regards,
Your cloudscale.ch team