[dns-operations] Monitoring for impending expiration of domains?

pmevzek at godaddy.com pmevzek at godaddy.com
Sun Dec 13 06:18:11 UTC 2020 

> While one might just write this off as "operator error", putting the
> blame squarely on the domain owner, I wonder whether in part the problem
> is a result of lack of transparency around impending domain expiration.

Maybe, but why does it matter. It is exactly like certificates: you don't wait until
expiration to renew them, you do it like one month before (LE's advice IIRC)

Same for domains: the moment you do the renewal has no operational impact
since this is always adding one year to current expiration date.

So the simplest rules are:
- for important domains, do not register them for 1 year. In many cases you can 
go up to 10 years. And price do not necessarily go down during years, so you don't really 
loose anything by using multiple years upfront
- renew them 2 months or 1 month before expiration; this also gives you enough time
to handle last minutes problems.

> At least for my domain, the .ORG registry does return the relevant
> dates:

Be aware that registration dates in whois are "complicated" because of
registries auto renewals (hence the date will change on expiration date,
but that does not mean the domain is really renewed if not paid
at the registrar).

> but, for example, is the .ORG WHOIS scalable enough to support a daily
> query for each of the 10,000,000 registered domains?  And if a domain
> owner has many domains to track, how soon would they run into WHOIS
> query rate limits?

Most registrars offer API (but yes, no standard here, EPP is unfortunately
not used at this level even if it could have been), so end customers
can use it and normally not be rate limited (and have better access
to data than using whois... as long as you trust your registrar of course)

> Are there tools that help one discover and keep track of the dates?

Some registrars or equivalent provide tracking services for domains, yes.
>From expiration, to nameserver changes, or status changes (other things important 
to monitor), etc.

> And if not WHOIS, then where would one look?

RDAP, at least for all gTLDs. Will give you structured output, so far better
than Whois.
However in this case, I still think there is almost no need to watch
the expiration date to renew at the last time.

You can also start with very low tech solutions but proven ones
(until you have thousands of domains to manage): in whatever calendar
you use, put the domain expiration there, and put an alarm 1 month before
or something like that.

More information about the dns-operations mailing list